Re: [exim] Ultimate spam defense - check for the sender MX r…

Top Page
Delete this message
Reply to this message
Author: Renaud Allard
Date:  
To: Craig Whitmore
CC: exim-users, Artem S. Tashkinov
Subject: Re: [exim] Ultimate spam defense - check for the sender MX record


Craig Whitmore wrote:
>>> I would like to increase a spam defense of our server by checking if a
>>> sender really represents an MX server of his/her organization. So if a
>>> certain PC is trying to send me an e-mail from user@??? then we
>>> will check if this person's IP address is within MX servers of
>>> domain.com, otherwise we'll refuse to accept the mail.
>>>
>>> Is it feasible? How can I achieve this?
>>>
>
> If a domain has set up SPF or SenderID records then you can use those so
> make sure the emails are coming from the correct places.
>



Unfortunately, many sites who have implemented SPF have implemented them
incorrectly.
Here is a very good example:
/var/log/exim4/rejectlog.13.gz:2006-12-14 15:51:53 H=host60.citrix.com
(FTLPEXCHSMTP01.citrite.net) [66.165.176.60]
F=<citrix_license@???> rejected RCPT <sorryfor@obfuscation>: SPF
check failed.

If you strictly check SPF, you will reject good mails because many sites
administrators just forget they have servers sending mails from web
interfaces or in an automated way.