On Mon, 9 Apr 2018 09:56:20 -0500
David Jones <djo...@ena.com> wrote:

> On 04/09/2018 09:44 AM, Reindl Harald wrote:
> > you simply don't want connect to every innocent MX which inbound
> > mail is forged because for the sake of god you are attacking the
> > victim of spoofed mails and you are easily part of a distributed
> > DOS when your few connections back are only a small part

Also, if an innocent domain's MX server just happens to be down
when you check, you could get a FP.

Checking for the existence of a sane MX record is good practice.
I'm not so sure about actually trying to connect to said MX, even if
you take basic precautions to minimize connections.



Reply via email to