[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: mx checking ?
-> 1) If sender IP address is in networks that belong to
-> our customers ( - that have Smart-Host agreenment with
-> us), accept the message [ network in CIDR sense; anything
-> from single IP address to "A"-supernets ]
-> 2) If sender's MAIL FROM has domain address (or address suffix)
-> matching our customers, accept the message
-> [ fake protection: domain suffix, sender addresses must match! ]
-> [ fake protection fault: .forward ! -- SPAM-protection is
-> seriously hard problem! ]
what about rejecting mail when we got MAIL FROM <fake@address.domain>
- we can always look if such host/domain exists, can't we ?
- the same if the host/domain exists, but it is in 'shitlist' -
hosts/domains which allows spamming, file editable by root etc...
-> 3) If recipient address has matching in above manner, accept the
-> recipient address
-> 4) If recipient address does not match in above manner, OPTIONALLY
-> reject the recipient address (alternate: log the data)
-> 5) If no recipient address were accepted, reject the message
-> ( address rejection is optional, but if all addresses are
-> rejected, the message must be rejected too! )
-> Opt6) Reject relaying to non-local addresses
-> Opt7) Reject !%@-kludge addresses
great, now what ? will it be included in the newest zmailer ? :)
--
E-mail: Matus.Uhlar@tuke.sk WWW: http://ccsun.tuke.sk/users/uhlar
IRC: fantomas, TALK: uhlar@ccnews.ke.sanet.sk
...and if you think I'm talking for my employer, you're wrong...