[Mimedefang] md_check_against_smtp_server and md_graphdefang_log

kd6lvw at yahoo.com kd6lvw at yahoo.com
Tue Mar 26 14:33:33 EDT 2013

--- On Tue, 3/26/13, Tilman Schmidt <t.schmidt at phoenixsoftware.de> wrote:
> Am 26.03.2013 um 04:35 schrieb kd6lvw at yahoo.com:
> >  If it were to be limited to servers under one's
> control and enforced as such, the routine would have to
> obtain the recipient's MX-RRset internally and test all
> higher priority MTAs; thus it would not need the remote host
> address parameter.  It would determine which host in
> the MX-RRset it is running on based on the macro variables
> passed in via the milter interface.
> That would exclude a lot of useful and legitimate
> applications. Hint: Not every mail server has an MX RR
> pointing to it. 

1)  I don't consider sender callbacks useful.  Such is abuse.

2)  If this is to be used by secondary MXs to test the primary, there will be MX records present in the DNS for that domain/hostname label.  In the case where there is a single incoming mail server (thus no MX record and the address record(s) are used to contact the host directly), just what other server would be tested?

3)  Forwarding services shouldn't be randomly probing the ultimate destinations.  They should simply attempt to deliver directly.  Without entering the data phase, there's no guarantee that the message would be delivered (cf. content spam filters), and thus a bounce DSN (not SMTP rejection) would be generated anyway.  Where there are multiple forwarders in a chain and they all attempt to test, one may get timeouts at the first forwarder before others further down the line respond back to their predecessors, thus not yielding a useful conclusion (i.e. tempfails).

More information about the MIMEDefang mailing list