Of course. There are even patches (note the plural form) that allow
you to do so at http://www.qmail.org/. However, depending on who
you corresponding with, you may have troubles once you have enactivated
such anti-spam measure. I made a post in bind-user mailing list this
morning, followed up by Markus Stumpf <[EMAIL PROTECTED]>,
who is also active in this mailing list. He stated that other than
the one I pointed out below, he is also aware of
rolemail.internic.net
lists.internic.net
So, think about such before you take further actions...
Regards,
Chin Fang
[EMAIL PROTECTED]
-------------------------------------------------------------------------
I got the following bounce today:
From [EMAIL PROTECTED] Fri Sep 01 08:51:24 2000
Return-Path: <[EMAIL PROTECTED]>
.....
Received: (from rereg@localhost)
by qatestsession1.qa.netsol.com (8.8.8+Sun/8.8.8) id EAA10916;
Fri, 1 Sep 2000 04:48:27 -0400 (EDT)
Date: Fri, 1 Sep 2000 04:48:27 -0400 (EDT)
Message-Id: <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
[.... rest removed ...]
So, it's a domain name application. Feeling curious, I did a nslookup
on qatestsession1.qa.netsol.com, immediately got the "Non-existent
host/domain" error.
The fact that the lowest Received: line shows the host indicates to me
that the host is resolvable via internal name servers inside of NSI,
but the hostname is not announced in NSI's external name servers.
However, if my understanding of the following from RFC 2505 is correct:
2.9. Verify "MAIL From:"
The MTA SHOULD be able to perform a simple "sanity check" of the
"MAIL From:" domain and refuse to receive mail if that domain is
nonexistent (i.e. does not resolve to having an MX or an A record).
If the DNS error is temporary, TempFail, the MTA MUST return a 4xx
Return Code (Temporary Error). If the DNS error is an Authoritative
NXdomain (host/domain unknown) the MTA SHOULD still return a 4xx
Return Code (since this may just be primary and secondary DNS not
being in sync) but it MAY allow for an 5xx Return Code (as configured
by the sysadmin).
then by not making the hostname available for A or MX record checking,
Network Solutions, Inc. is foiling other people anti-spam effort, and
causing more administrative burden to administrators at other sites.
I would like to listen to others comments.
Regards,
Chin Fang
[EMAIL PROTECTED]
--------------------------------------------------------------------------
>
> Can qmail be configured to do sender domain verification (as mentioned
> below), ie, reject mail from domains that do not resolve?
>
> Thanks,
> kw
>
>
> ----- Original Message -----
> From: "Michael T. Babcock" <[EMAIL PROTECTED]>
> To: "QMAIL List" <[EMAIL PROTECTED]>
> Sent: 31 August 2000, Thursday 15:16
> Subject: Sender domain verification ...
>
>
> A quick one ... ?
>
> ... mail is being rejected from one of my clients to one of their partners
> because their mail server is claiming that the sending machine's dns doesn't
> resolve. We aren't authoritative (in the Internet sense ;-) for our subnet
> for our ISP, so we can't easily make it resolve if they're doing reverse DNS
> and checking the host names (which I've seen some mail server software, like
> Imail, do). Logs:
>
> Deferral reasons: (from qmailanalog)
> 22 56.96 Connected to 209.146.143.99 but my name was rejected./Remote
> host said: 504 DNS verification of sending machine failed: no mail will be
> accepted/
>
> [ remaining lines snip-snapped ]
>
>
>
>
>
>
