[Mimedefang] sending relay has no MX record?
adam at krusty.madoff.com
Mon Jan 31 11:56:28 EST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Kevin A. McGrail wrote:
|>If the sending domain lacks both an MX and an A record, then Sendmail
|>will not accpet mail from that domain unless you've enabled
|>AFAIK, no modern UNIX systems come with that feature enabled by default.
| Exactly. My point was that an A record is all that is needed. You don't
| HAVE to have an A and an MX record to be RFC compliant AFAIK. Testing to
| see if someone has an MX record and an A record is not a valid test of a
| legit mail server.
Technically, a server can generate mail (legally according to RFC's)
without having an MX record. Only servers that RECEIVE mail need to
have an MX record.
What needs to be in place is a valid return path for the mail that is
generated. So, while server 'mailout.example.com' can generate mail
from the domain 'example.com' with only an A record, some server
somewhere SHOULD (again, according to RFC's) have an MX record for the
domain 'example.com'. If there is no MX record for the domain
'example.com' then the 'mailout.example.com' will be used as the return
path for the generated mail. In this case, it had better be prepared to
accept the returned mail.
Unfortunately, many companies these days do not setup correct DNS
records for their mail servers. It is not neccessarily a valid test to
check whether a given relay server has both A and MX records. It may be
~ more appropriate to test whether a given server has both an A and a
PTR record that match and use this to modify the score for the message
although, again, in today's internet this isn't as likely to be setup
Bernard L. Madoff Investment Securities LLC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the MIMEDefang