Subject: Re: Sendmail and anti-spam
To: Andrew Brown <firstname.lastname@example.org>
From: John Nemeth <email@example.com>
Date: 02/28/1999 20:13:14
On Feb 17, 9:37pm, Andrew Brown wrote:
} >} We should perhaps deny relaying and perhaps also accepting mail from
} >} hosts that have no valid mx or such.
} > Absolutely NOT, this is completely bogus. MX records indicate
} >machines that are intended to receive mail, NOT one's that are
} >intended to send mail.
} a generic bsd4.4 config file from sendmail 8.9.3 will not openly relay
} mail from anyone. indeed, it will only accept mail that originates or
} terminates locally (modulo any local forwarding rules of course).
} it will also not accept mail from an invalid sender address, ie, the
} domain portion after the @ must either have an mx record or an a
} record associated with it.
} refusing to accept mail from hosts that cannot receive mail (because
} they have no mx or a records) is problematic at best.
Personally, I agree with this. People have no business sending
out mail with invalid return addresses. This catches a lot of spam
without any false positive (I don't consider mail that violates the
RFC's to be false positives).
} i recommend a configuration where the mc file contains
This is a very bad idea. Since anybody can create an MX record
for their domain that points at your mail server, it would open you up
to uncontrolled relaying.
} since that will allow the least amount of reconfiguration for most
} people. without that, all the domains for which your host is a
} secondary (or other) mx host for a zone will have to have all those
} zones listed in its /etc/mail/relay-domains file. which is a pain.
It's also the only way to prevent your server from being used for
}-- End of excerpt from Andrew Brown