Ok, accepting email from only authorized MX is, by now, a crazy idea beca= use=20 the biggers free email servers do not use them. What about a combined host DNS check ? Example: * sender with ip 10.10.10.10 connect to mailserver * MAIL FROM: [EMAIL PROTECTED] * is 10.10.10.10 a valid MX for bogus.net ? * yes: Receive it. End. * ----------------- * no: mailserver make a gethostbyaddr(10.10.10.10) and compare with right= side=20 of address (bogus.net) * is true: Receive it. End.=20 * ----------------- * not true: mailserver search in bogus.net for 10.10.10.10 (A record, not= MX=20 record) * found: Receive it. End. * ----------------- * not found: discard message. End.
3 levels of checking or no checking. I did a gethostbyaddr with sender ip of a email received from hotmail.com= and=20 it's ok. Please tellme about other situations where this check can fail (except=20 spammers ;) of course) Gustavo - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
