On Tue, Aug 10, 2010 at 01:10:22AM +0200, Nicolas Michel wrote: > On 08/09/2010 10:43 PM, Martin Schütte wrote: > >On 08/09/10 16:29, Nicolas Michel wrote: > >>I want to know if there is a way to reject connections from host not > >>listed in the MX records of the domain it claims to be. > > > >Try http://www.policyd-weight.org/ > > > >It checks and compares the client IP, its HELO, the from address. > >Among other attributes it also checks whether the client is an MX for > >its domain or in the same /24 subnet as the MX. > > > >I also use it to include DNSBLs; because it uses a scoring system and a > >single false positive attribute or BL listing will not cause a reject. > > > I just read some articles about DKIM. Someone already tried it?
No. > There's something I'm not sure about : once a mail is encrypted, > only receivers which have DKIM feature on their mail can decrypt the DKIM does not encrypt the whole email (this was pgp;). DKIM adds an encrypted header wich can be decrypted with a public key obtained from the nameserver of the sending domain. I hope I did not compress this to much. for further reference about DKIM have a look at http://www.dkim.org/. > mail? Or this is compatible with standard mail server with no DKIM? Yes it is fully compatible with DKIM-free M*As.
