[Mimedefang] MX -> 127.0.0.1

[Kelson]

Matthew.van.Eerde at hbinc.com wrote:
> Comment: not sufficiently general
> 
> Failing 127.0.0.1 and 0.0.0.0 is a good start... but there's all
> kinds of invalid IP assignments that are being missed.  How often are
> they used?  I don't know.
...
> Checking the IP against all of these "bad" subnets is probably cheap
> computationally, as the expensive part is getting the DNS lookup in
> the first place.

The risk, of course, is that you have to remember you're making these 
checks in the event that IANA ever changes anything.  I recall a while 
back they opened up a previously unused section of IP address space, and 
people who moved into it had to deal with traffic and mail being 
rejected because it was "obviously" forged.  It wasn't resolved quickly, 
either.  IIRC it took some sites months (or longer) to catch up.

-- 
Kelson Vibber
SpeedGate Communications <www.speed.net>