On Tue, 26 Apr 2005 14:56:42 -0500 (CDT), Ian Mitchell wrote > > The only thing I can figure that makes me questionable is that the > outbound email server for a company does not nessassarily have to > have an MX record in DNS, so detecting if it's legit could be difficult.
And in many cases the mail exchangers (MX servers) are entirely different than the outbound mail servers... this is almost always 100% true where the company outsources their spam/virus filtering to a third party (which we do alot of now days). Many large organizations do this for load balancing reasons as well or simply for tighter security. Bottom line is... SPF lets the organization that implementted their solution tell you where mail should originate from... your solution is you "guessing" and even if you guess right... what heappens when they change their infrastructure down the road? If you were to do anything like this I think it would be best to use something like SPF as a basis for your MX check... you can also disable FEATURE(`accept_unresolvable_domains') in your sendmail.mc file and rebuild sendmail (it really should only be enabled in a few firewall/NAT related incidents anyways) and that will take care of alot of them. Jim -- EsisNet.com Webmail Client _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
