[Mimedefang] Postmaster, <>, and a Backup MX
David F. Skoll
dfs at roaringpenguin.com
Thu Sep 30 11:41:17 EDT 2004
On Thu, 30 Sep 2004, Troy Carpenter wrote:
> It turns out that when the backup MX is receiving mail for my domain
> (either because my server is down or a spammer bypassed my primary MX),
> the backup MX would open an SMTP session using <> in the MAIL FROM: line,
> then use the receiver name in the RCPT TO: line to verify the recipient
> before accepting the email.
The backup MX is violating a SHOULD requirement of RFC 2821:
All other types of messages (i.e., any message which is not required
by a standards-track RFC to have a null reverse-path) SHOULD be sent
with with a valid, non-null reverse-path.
It seems like the backup MX is doing something similar to
md_check_against_smtp_server. It should use the real MAIL FROM: address,
not <>, to perform this check.
Regards,
David.
More information about the MIMEDefang
mailing list