[Mimedefang] Limiting the floodgates
James Ebright
jebright at esisnet.com
Tue Apr 26 21:04:37 EDT 2005
On Tue, 26 Apr 2005 14:56:42 -0500 (CDT), Ian Mitchell wrote
>
> The only thing I can figure that makes me questionable is that the
> outbound email server for a company does not nessassarily have to
> have an MX record in DNS, so detecting if it's legit could be difficult.
And in many cases the mail exchangers (MX servers) are entirely different than
the outbound mail servers... this is almost always 100% true where the company
outsources their spam/virus filtering to a third party (which we do alot of
now days). Many large organizations do this for load balancing reasons as well
or simply for tighter security.
Bottom line is... SPF lets the organization that implementted their solution
tell you where mail should originate from... your solution is you "guessing"
and even if you guess right... what heappens when they change their
infrastructure down the road?
If you were to do anything like this I think it would be best to use something
like SPF as a basis for your MX check... you can also disable
FEATURE(`accept_unresolvable_domains') in your sendmail.mc file and rebuild
sendmail (it really should only be enabled in a few firewall/NAT related
incidents anyways) and that will take care of alot of them.
Jim
--
EsisNet.com Webmail Client
More information about the MIMEDefang
mailing list