[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: greylisting on debian.org?

On Mon, Jul 10, 2006 at 05:57:45PM +0200, Adrian von Bidder wrote:
> On Monday 10 July 2006 02:17, Matthew R. Dempsky wrote:
> > On Sun, Jul 09, 2006 at 05:02:39PM -0700, Thomas Bushnell BSG wrote:
> > > Another problem is with hosts that do not accept a message from an MTA
> > > unless that MTA is willing to accept replies.  This is a common spam
> > > prevention measure.
> >
> > It also prevents mail from setups that use different servers for inbound
> > and outbound mail.
> Hmm.  I've not seen this kind of sender verification.  As I know it, the 
> receiving MX connects the regular MX for the sender address to see if 
> *that* is ready to receive mail.  Works beautifully if outbound != inbound.

In fact, broken servers which don't obey MX will _already_ fail:

debian.org		A
debian.org		MX	master.debian.org
master.debian.org	A

[~]$ telnet 25
Connected to
Escape character is '^]'.
220 gluck.debian.org ESMTP Exim 4.50 Mon, 10 Jul 2006 18:06:29 -0600
helo utumno.angband.pl
250 gluck.debian.org Hello acrc58.neoplus.adsl.tpnet.pl []
mail from: foo@utumno.angband.pl
250 OK
rcpt to: sgran@debian.org
550 relay not permitted

MX records have been with us for 20 years, so I don't think a
legitimate mailer can ever disobey one.  Of course, illegitimate
mailers often do.

1KB		// Microsoft corollary to Hanlon's razor:
		//	Never attribute to stupidity what can be
		//	adequately explained by malice.

Reply to: