> Those people checking for valid MX records for a sender's domain from > within MIMEdefang ... is anybody checking if a sender's one and only MX > record is a fake MX tempfailing service? Has anyone ever seen this type > of setup for legitimate e-mail?
Our commercial product has a setting to reject mail from any domain that has an MX record that resolves back to 127.0.0.0/8 or ::1. We've had no false-positives reported. A more aggressive setting also rejects mail from domains with MX records in RFC 1918 private address space and non-unicast addresses. Believe it or not, there are some domains that have MX records resolving to 192.168.0.0/16 (but other MX records that really are routable) so you may get some FPs if you use the more aggressive approach. Regards, David. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
