[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Forged sender test
On 11 Jan 2003 at 14:49, Vince Puzzella wrote:
> > Just note that you will reject a lot of legitimate mail.
> I am aware of the potential pitfalls of such a test. I was just wondering
> if it is at all possible.
Everything is possible in open-source world, just "man vi" :-). Maybe, those
"pitfails" just explan why this idea is still not present in standard MTA. Do
you really want to reject mail from Yahoo (REAL Yahoo, not forged)?
For comparison, examples of real client tests (Postfix MTA):
1. HELO name must be present in DNS as valid A or MX RR.
2. Reverse DNS must exist, including "paranoid check" IP->PTR->A.
In my knowledge, all "well-maintained" mail systems satisfy those two tests,
and most (really most!) of garbage sources don't.
> On 11 Jan 2003 at 9:52, Vince Puzzella wrote:
> From: "Vince Puzzella" <firstname.lastname@example.org>
> To: <email@example.com>
> Subject: Re: Router file naming convention
> Date sent: Sat, 11 Jan 2003 09:52:08 -0500
> > Is there anyway to get the zmailer smtp server to test for forged sender
> > addresses at the MAIL FROM:<> phase?
> > Essentially, I want to perform a DNS MX record query to verify that the
> > source IP is a valid mail exchanger for the sender's domain.
> To unsubscribe from this list: send the line "unsubscribe zmailer" in
> the body of a message to firstname.lastname@example.org
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to email@example.com
- Re: Forged sender test
- From: "Vince Puzzella" <firstname.lastname@example.org> (Sat, 11 Jan 2003 22:53:16 +0200)