At 14:31 2/2/2004, Liron Newman wrote: > >>Personally, I'd like to be able to tell the server to reject (At SMTP > >>level) all messages from non-existant domains, and I don't know about > >>rejecting messages from addresses that don't exist... > >> > >I agree that checking MX and/or A for RHS MAIL FROM is a good idea. (I > >actually restricted that to MX checks, since a domain intended to receive > >mail *should* have an MX - so I don't fall back to an A check on a MAIL > >FROM RHS check.) > > >If I'm not mistaken RFCs allow mail routing by A records... I don't >think you should be so strict.. Anyway, *that* is not what will stop spam.. The RFCs do allow mail routing by A record. However, I choose to not accept mail from places which have not defined an MX record. My users have been informed of this and are satisfied with it.
> >Plus (and this is becoming more prevalent) some mail servers are adding > >people who do this sort of sender verification to their local blocking > lists. > > > >Something to consider. > > >I never heard of this.. Seems silly to me. Breaks to much of the standards.. Visit one of the spam lists, such as spam-l on peach.ease.lsoft.com. You'll hear it discussed quite frequently. Verizon is one of the "big offenders" right now - I know of several mid-size providers who are blocking some Verizon IP blocks because of callback sender verification. I can't recall their arguments at the moment (they are in the archives of that list if you want to go check them out). I'm not saying they are right or wrong, just saying they are doing it. And I can sort of see their point - I mean, such a callback is expensive for a server - there are DNS lookups and blacklist / whitelist checks to perform, and all of this takes time and resources that could be better devoted to actual incoming mail. And in the case of joe-jobs, the load for callback sender verification can easily outstrip the load for actual incoming mail.... - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
