Re: [Exim] Drop connection if sender's domain doesn't match …

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM 
MStephen Gran at ->
Delete this message
Reply to this message
Author: Rick Duvall
Date:  
To: Kevin W. Reed, exim-users
Subject: Re: [Exim] Drop connection if sender's domain doesn't match MX
Okay, maybe I need to clarify what I am trying to do:

I get a bunch of spam from servers that are obviously not SMTP servers (ie,
if I connect back to them on port 25, I get a timeout). I figure I can
eliminate alot of my spam simply by seeing if there is an MX record for the
sending host. On a previous email in this thread I mentioned something to
the effect of if in the SMTP dialog the sending mail server put's in "mail
from: <joeblow@???>", I do an MX lookup for "domain.com". I then
check to see if the connecting host's IP address matches any of the MX
records IP's returned by the lookup, and if it doesn't, reject the message
because joeblow@??? either doesn't exist, or is not supposed to be
sending email from that host.

So, I see 3 possible options:

1. Do a reverse lookup on the connecting IP, then lookup the MX record for
the domain portion of the hostname returned, and see if the connecting host
matches any of the IP's returned for any of the MX records.

2. Look at the envelope sender, do a MX lookup on the domain portion, and
reject if the sender's IP isn't in the list of MX records returned.

3. Look at the connecting IP address and try to connect back to it on port
25. If it doesn't respond or it times out, reject the message.

Maybe a combination of 2 and 3. People can spoof the domain portion of
their email address. But if we can proove that the IP they are coming from
doesn't serve that domain, we can successfully reject it, right?

Sincerely,

Rick Duvall
----- Original Message -----
From: "Kevin W. Reed" <listaccount@???>
To: <exim-users@???>
Sent: Wednesday, October 22, 2003 6:29 PM
Subject: Re: [Exim] Refuse connection if no MX for sending host


> Rick Duvall said:
> > Is there a way to refuse an SMTP connection if the connecting host
doesn't
> > have an MX record in DNS? Is there a downside to doing this?
>
> I don't think there is an RFC requirement that a sending mail server have
> an MX record that points to it if that is what you are asking. If you are
> attempting to match the MX record to the actual host/IP that is connecting
> to you you are going to have a lot of problems getting mail.
>
> MX records are for receiving mail. It is used when you need to send mail
> back to them. Even then, they are not required, and a lot of sites don't
> have one but instead rely on the domain/hostname the have an A record that
> tells you where the server is.
>
> --
> Kevin W. Reed - TNET Services, Inc.
> Unoffical Exim MTA Info Forums - http://exim.got-there.com/forums
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##
>
>



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Refuse connection if no MX for sending hostRe: Fixed Re: [Exim] how do you override default helo->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)