Rick Duvall said:
> Okay, maybe I need to clarify what I am trying to do:
>
> I get a bunch of spam from servers that are obviously not SMTP servers
> (ie, if I connect back to them on port 25, I get a timeout).
There is nothing to say that I have outbound servers and inbound servers.
My outbound servers ONLY send mail, my inbound servers ONLY receive mail
because the MX is pointing to them. Maybe I do this so that I can have
some sort of special Spam/Antivirus server receive my email but don't need
that for outbound mail.
Perfectly valid. But in your tests, this would be rejected.
Plus, outbound servers don't need to have an MX record that points to them
and the whole domain doesn't even need an MX record at all. So some of
your checks are not going to be valid for valid mail to begin with.
> Maybe a combination of 2 and 3. People can spoof the domain portion of
> their email address. But if we can proove that the IP they are coming
> from doesn't serve that domain, we can successfully reject it, right?
That might be a stretch too. If you can't get a connection while waiting
to accept the message, are you going to assume it is bad? There are lots
of times there are delays and many domains have multiple servers for
inbound mail that don't always respond on the first try.
like...
earthlink.net. 1800 IN MX 5 mx04.earthlink.net.
earthlink.net. 1800 IN MX 5 mx05.earthlink.net.
earthlink.net. 1800 IN MX 5 mx06.earthlink.net.
earthlink.net. 1800 IN MX 5 mx07.earthlink.net.
earthlink.net. 1800 IN MX 5 mx08.earthlink.net.
earthlink.net. 1800 IN MX 5 mx09.earthlink.net.
earthlink.net. 1800 IN MX 5 mx10.earthlink.net.
earthlink.net. 1800 IN MX 5 mx00.earthlink.net.
earthlink.net. 1800 IN MX 5 mx01.earthlink.net.
earthlink.net. 1800 IN MX 5 mx02.earthlink.net.
earthlink.net. 1800 IN MX 5 mx03.earthlink.net.
for example...
--
Kevin W. Reed - TNET Services, Inc.
Unoffical Exim MTA Info Forums -
http://exim.got-there.com/forums
