[
https://issues.apache.org/jira/browse/JAMES-3706?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17609239#comment-17609239
]
ouvtam edited comment on JAMES-3706 at 9/25/22 7:06 PM:
--------------------------------------------------------
James already has such a feature implemented in
org.apache.james.protocols.smtp.core.fastfail.ReverseEqualsEhloHeloHandler
was (Author: JIRAUSER291242):
James already has such a feature implemented in ReverseEqualsEhloHeloHandler
> FCrDNS SMTP hook + audit of ValidSenderDomainHandler
> ----------------------------------------------------
>
> Key: JAMES-3706
> URL: https://issues.apache.org/jira/browse/JAMES-3706
> Project: James Server
> Issue Type: Improvement
> Components: SMTPServer
> Reporter: Benoit Tellier
> Priority: Minor
> Labels: easy-fix, newbie
>
> I was having a review of plugins available on Haraka to audit if we missed
> major areas in the plugin space (hopefully not that much except that we are
> globally not good at AntiSpam/AntiVirus)...
> They have the Forward-confirmed reverse DNS
> https://github.com/haraka/haraka-plugin-fcrdns plugin. The idea: you resolve
> the EHLO domain, get an ip, perform the reverse DNS lookup and verify this
> matches the original EHLO.
> James does not have such kind of checks pre-packaged. And this could easily
> be implemented. Please notice that this differs from the existing
> ValidSenderDomainHandler that only ensures the sender domain have a MX record
> attached to it.
> Speaking of which... There's a worrying TODO within the error handling code
> of the DNS lookups, which essentially is ignored, allowing to bypass this
> check. We likely should act!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
