On Tue, Sep 01, 2015 at 06:42:33PM +0000, Archil Imnadze wrote:
> I have an Exim instance running on Debian Jessie. For each mail that is
> received by Exim I would like to check if the reverse DNS for the sender
> domain matches the connecting IP and if not reject the mail.
>
> Consider the following scenarios.
> * A spammer sends an email from the IP 94.123.123.123 with
> info@??? in the "From" field but the domain
> spammerwebsite.com doesn't resolve to 94.123.123.123. I want this to be
> blocked.
> * A spammer sends an email from the IP 94.123.123.123 with
> info@??? in the "From" field. In this case example.com is my own
> domain and it cannot be located at 94.123.123.123. I want this to be
> blocked too.
Generally mail domains do not match ip addresses. They have MX records,
may be multiple, each could resolve to multiple adressess. However,
MX records list relays for incoming mails, for outgoing situation is
different: in some cases SPF records are used, but generally you have
no pointers to sender's ip. So your plan is conceptially wrong.
> * Where can I find the correct documentation?
On
www.exim.org and in "exim4-doc-html" package on Debian.
> * How do I debug a configuration file?
Read man/docs about "-d" command line option.
> * Why can't the configuration start from an empty file?
There is no benefit to store configuration defaults into compiled binary.
May be it has some sense for end-user programs, but not for MTA.
--
Eugene Berdnikov
