|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Wietse Venema (wietse_at_porcupine.org)
Date: Mon Dec 02 2002 - 19:08:45 CST
Victor.Duchovni
morganstanley.com:
> On Tue, 3 Dec 2002, Colin Campbell wrote:
>
> > Hi,
> >
> > On Mon, 02 Dec 2002 16:53:24 +0100
> > Matthias Andree <madt.e-technik.uni-dortmund.de> wrote:
> >
> > > "nearest" in Wietse's logs might mean this, but I didn't check; it makes
> > > some sense because backup MX often enough do not know what users are
> > > acceptable, but blindly accept the whole domain -- and bounce later.
> >
> > There's something that is bugging me about these checks. What happens when the
> > MX returns 127.0.0.1? Will postfix, sending to "itself" accept all mail? I ask
> > because there are a (growing?) number of domains from which we receive "mail"
> > where the MX for that domain returns 127.0.0.1.
>
> It would be better to reject such mail because of the invalid MX records
> rather than the failure of the probe. This has been discussed before, I
> think someone suggested an address match list for filtering MX records
> when deciding whether a sender domain is valid. Perhaps this could
> finally be implemented to make the probes more meaningful.
Why stop at 127.0.0.1, and why not disallow any local IP address?
In any case, such mail would bounce with "mail for domain X loops
back to myself", unless best_mx_transport was specified, then it
depends on the transport what happens.
Wietse
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]