Thanks for the explanation but i think i'm not understanding you. I understand MX records are not mandatory but i'm wondering what am i supposed to do when someone tries to send an email and the from address is not valid but an A or CNAME RR exists? By not valid i mean replying to the from address will never reach any mailbox.
My worries are: * I'm responsible for sending email for domain.com but not for *.domain.com. * I'm only signing and following the rules - like DKIM, SPF, DMARC - for domain.com but haven't done anything special for *.domain.com. And i don't want my server to be responsible for sending not signed emails, etc. * I do not want to send emails if the from address is not reachable. Probably the best solution should be to make sure the from address matches the login address? I'm already using reject_unknown_sender_domain. Thank you so much. On Sat, Mar 22, 2014 at 11:21 AM, li...@rhsoft.net <li...@rhsoft.net> wrote: > > > Am 22.03.2014 10:29, schrieb Pau Peris: > > The issue here is mail.domain.com <http://mail.domain.com> is > responsible of sending email for domain.com > > <http://domain.com> but not *.domain.com <http://domain.com> so the > latter are not DKIM signed and obviously are > > not valid recipient addresses as those domains are not able to recieve > email so i would like to reject clients > > using a from domain address which is not able to receive email like *. > domain.com <http://domain.com>. > > please don't post in HTML, i destroys quoting in a thread and has no > benefit > > "domains without MX records" is a bad idea, there is no RFC saying > that a MX record is mandatory, that is why any MTA falls back to the > A-record of the domain if there is no MX > > and to avoid Stan jumping out and shout "but in this decade there are no > domains > without MX": they exists and they are used, i learned that after a > customer complaint > becausem y email-verification on the webserver rejected addresses without > MX > > not sure how it does in case if non-existing subdomains > however, that should be enabled on any public MX and catchs spam > http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain >
