Mark Martinec writes:
> The only place that such loss can be prevented is to check
> that the sending domain has its MX or A or record,
> right away while the message is being received.
> It is prudent to reject such unbouncible mail right away,
> before even accepting it. This is the only o
On Sam, 2011-02-26 at 10:51 -0500, David F. Skoll wrote:
[...]
> rfc-ignorant.org is very good at the "Be conservative in what you
> send" part of the Robustness Principle, but no so good at "be liberal
> in what you accept."
The problem with the "be liberal in what you accept" quote is, that
his
On Fre, 2011-02-25 at 09:37 +0100, Giles Coochey wrote:
> On 24/02/2011 21:30, Dominic Benson wrote:
> > On 24 Feb 2011, at 20:01, Michelle Konzack wrote:
> >
> >> Hello Mahmoud Khonji,
> >>
> >> Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
> >>> A sending mail server should accept ab..
David F. Skoll wrote:
> On Sat, 26 Feb 2011 16:17:28 +0100
> Matus UHLAR - fantomas wrote:
>
> [...]
>
>> ...and we still don't have better standardized and documented way to
>> report abuse, do we?
>
> postmaster@ *has* to be there for sure, so if abuse@ is not, send
> your reports to postmas
On Sat, 26 Feb 2011 16:17:28 +0100
Matus UHLAR - fantomas wrote:
[...]
> ...and we still don't have better standardized and documented way to
> report abuse, do we?
postmaster@ *has* to be there for sure, so if abuse@ is not, send
your reports to postmaster@
I understand what rfc-ignorant.org
> On Fri, 25 Feb 2011 21:55:12 +0100
> Matus UHLAR - fantomas wrote:
> > Incorrect. You must have abuse@addresses iat your domain registration
> > boundary, if you can receive e-mail.
>
> > http://www.rfc-ignorant.org/policy-abuse.php
On 25.02.11 16:04, David F. Skoll wrote:
> That quotes RFC 21
On 2/25/11 4:04 PM, David F. Skoll wrote:
That quotes RFC 2142, which is only a proposed standard. rfc-ignorant.org
is pretty well known for being... how to put this delicately... aggressive.
'back in the day', if an isp/email provider or luser did not have a
postmaster and abuse account, it
David F. Skoll wrote:
> On Fri, 25 Feb 2011 21:55:12 +0100
> Matus UHLAR - fantomas wrote:
>
>> Incorrect. You must have abuse@addresses iat your domain registration
>> boundary, if you can receive e-mail.
>
>> http://www.rfc-ignorant.org/policy-abuse.php
>
> That quotes RFC 2142, which is onl
On Fri, 25 Feb 2011 21:55:12 +0100
Matus UHLAR - fantomas wrote:
> Incorrect. You must have abuse@addresses iat your domain registration
> boundary, if you can receive e-mail.
> http://www.rfc-ignorant.org/policy-abuse.php
That quotes RFC 2142, which is only a proposed standard. rfc-ignorant.o
> Hello Mahmoud Khonji,
>
> Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
> > A sending mail server should accept ab...@example.com, and number of
On 24.02.11 21:01, Michelle Konzack wrote:
> This is wrong because, only public ISP offering MAILSERVICES must have
> an addresses. The
On 24/02/2011 21:30, Dominic Benson wrote:
On 24 Feb 2011, at 20:01, Michelle Konzack wrote:
Hello Mahmoud Khonji,
Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
A sending mail server should accept ab...@example.com, and number of
This is wrong because, only public ISP offering MAIL
On 24 Feb 2011, at 20:01, Michelle Konzack wrote:
> Hello Mahmoud Khonji,
>
> Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
>> A sending mail server should accept ab...@example.com, and number of
>
> This is wrong because, only public ISP offering MAILSERVICES must have
> an addres
Hello Joseph Brennan,
Am 2011-02-24 09:43:24, hacktest Du folgendes herunter:
> I have no sense of how productive this would be. Have you looked up
> a good sample of sender domains and found that spammers are significantly
> less likely to have an MX? That would make it interesting to check.
D
Hello Mahmoud Khonji,
Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
> A sending mail server should accept ab...@example.com, and number of
This is wrong because, only public ISP offering MAILSERVICES must have
an addresses. The only one required, is the which
is clearly writte in
Multiple comments ...
I just want Spamassassin to check if there is a MX Record in DNS for
the sender.
I have no sense of how productive this would be. Have you looked up
a good sample of sender domains and found that spammers are significantly
less likely to have an MX? That would make it
On Thu, 24 Feb 2011 09:48:21 +0100
Bernd Petrovitsch wrote:
> On Mit, 2011-02-23 at 18:48 +, RW wrote:
> > On Wed, 23 Feb 2011 19:30:20 +0100
> [...]
> > That's true for person to person mail, but there are kinds of mail
> > where loss is inconsequential and no-one is going to read the DSNs
On Thu, 24 Feb 2011 09:49:43 +0100, Bernd Petrovitsch
>> And postmas...@example.com is _required_.
> So all sender-only domains should simply put on rfc-ignorant.org.
not really a fault of rfc-ignorant that it will be disabled default in
upcomming next version of spamassassin, but mx scoreing is
On Mit, 2011-02-23 at 11:08 -0800, John Hardin wrote:
> On Wed, 23 Feb 2011, Mahmoud Khonji wrote:
>
> > It is against best practices to have a send-only domain.
> >
> > A sending mail server should accept ab...@example.com, and number of
> > other IDs according to best practices.
>
> And postma
On Mit, 2011-02-23 at 18:48 +, RW wrote:
> On Wed, 23 Feb 2011 19:30:20 +0100
[...]
> That's true for person to person mail, but there are kinds of mail
> where loss is inconsequential and no-one is going to read the DSNs
> e.g. newsletters.
Sounds like a spammer? SCNR
And that's a dec
On 02/23, Henry | Security Division wrote:
> Being able to detect domains that never accept email offers many
^^^
> Then you will reject Mails from nearly ANY big ISPs because they have
> seperated OUT-BOUND and IN-BOUND servers...
Am 23.02.11 18:51, schrieb Michelle Konzack:
> Hello Henry | Security Division,
>
> Am 2011-02-23 13:50:19, hacktest Du folgendes herunter:
>> This is also very interesting, Michael:
>>
>> (From the RFC link I sent before)
>>
>> Being able to detect domains that never accept email offers many
>> re
On Wed, 23 Feb 2011 18:48:51 +
RW wrote:
> That's true for person to person mail, but there are kinds of mail
> where loss is inconsequential and no-one is going to read the DSNs
> e.g. newsletters.
Strongly disagree.
If you're sending newsletters, you'd *darn better* have a bounce-processo
On Wed, 23 Feb 2011 23:03:46 +0400
Mahmoud Khonji wrote:
> However, since many legit senders ignore this, it turns out that FP
> rate is too high for now.
I am unaware of a single FP from our policy of rejecting
MAIL FROM: where example.org lacks MX, A and records.
Do you have an example o
On Wed, 23 Feb 2011, Mahmoud Khonji wrote:
It is against best practices to have a send-only domain.
A sending mail server should accept ab...@example.com, and number of
other IDs according to best practices.
And postmas...@example.com is _required_.
--
John Hardin KA7OHZ
It is against best practices to have a send-only domain.
A sending mail server should accept ab...@example.com, and number of
other IDs according to best practices.
However, since many legit senders ignore this, it turns out that FP
rate is too high for now.
On 2/23/11, Michelle Konzack wrote:
On 23/02/11 18:48, RW wrote:
On Wed, 23 Feb 2011 19:30:20 +0100
Mark Martinec wrote:
David F. Skoll writes:
Well... any domain that sends mail must be prepared to receive it
also, if only to receive DSNs.
It is routine to block mail from a sending domain if it lacks MX, A
and r
You are confusing servers with *domains*. It's perfectly acceptable that
an outgoing mail server not accept incoming mail but the issue here is
whether is it is valid for a *domain* to be "send-only".
It's an interesting question. For DSN's to work, you need to accept
email for that domain. But is
On Wed, 23 Feb 2011 19:30:20 +0100
Mark Martinec wrote:
> David F. Skoll writes:
> > Well... any domain that sends mail must be prepared to receive it
> > also, if only to receive DSNs.
> > It is routine to block mail from a sending domain if it lacks MX, A
> > and records. Sendmail does th
David F. Skoll writes:
> Well... any domain that sends mail must be prepared to receive it
> also, if only to receive DSNs.
> It is routine to block mail from a sending domain if it lacks MX, A and
> records. Sendmail does that by default.
> Blocking simply for a lack of MX records is wrong,
Hello Henry | Security Division,
Am 2011-02-23 13:50:19, hacktest Du folgendes herunter:
> This is also very interesting, Michael:
>
> (From the RFC link I sent before)
>
> Being able to detect domains that never accept email offers many
> resource savings to an SMTP server. In the first instanc
On Wed, 23 Feb 2011 18:43:58 +0100
Michelle Konzack wrote:
> And WHY should my domain have a
> MX record if the will NEVER receive any mails?
Well... any domain that sends mail must be prepared to receive it
also, if only to receive DSNs.
It is routine to block mail from a sending domain if
Hello Henry | Security Division,
Am 2011-02-23 12:59:58, hacktest Du folgendes herunter:
> Hi Martin,
>
> i know what you mean. Your sender domain is gregorie.org. There are
> two MX records in your DNS Zone. So that´s fine. I just want
> Spamassassin to flag mails from senders who have no MX Rec
Hello Henry | Security Division,
Am 2011-02-23 11:24:27, hacktest Du folgendes herunter:
> I have a question. Is it possible to check with a Spamassassin rule
> for existing MX records of a sender domain and give points if the MX
> records exist or not exist?
The problem, is that a MX record is N
On 02/23, Mark Martinec wrote:
> reject_unknown_sender_domain
>
> Reject the request when Postfix is not final destination for the sender
> address, and the MAIL FROM address has no DNS A or MX record, or when
> it has a malformed MX record such as a record with a zero-length MX
> hostname
On Wed, 23 Feb 2011 08:44:45 -0500, dar...@chaosreigns.com wrote:
On 02/23, Michael Scheidell wrote:
>http://tools.ietf.org/html/draft-delany-nullmx-00
>
read the rfc again. missing mx is not NULL mx.
Also, that's a *draft*, not an accepted standard.
And I'm curious if you are asking the que
Darxus,
> And I'm curious if you are asking the question you mean to. What exactly
> is the way postfix checks this? Specifically, I'm wondering if you're
> referring to reject_unknown_client, which I've used for years, and which
> does not use MX addresses.
>
> I don't know of an option to rej
On 02/23, Michael Scheidell wrote:
> >http://tools.ietf.org/html/draft-delany-nullmx-00
> >
> read the rfc again. missing mx is not NULL mx.
Also, that's a *draft*, not an accepted standard.
And I'm curious if you are asking the question you mean to. What exactly
is the way postfix checks this?
On Wed, 23 Feb 2011 07:44:05 -0500, Michael Scheidell wrote:
On 2/23/11 7:40 AM, Henry | Security Division wrote:
Hi Per,
you are right. I´d just like to check for missing mx records.
Here is a draft RFC about that topic "A NULL MX Resource Record
means
"I never accept email""
http://too
On Wed, 2011-02-23 at 12:59 +0100, Henry | Security Division wrote:
> domain gregorie.org -> at least one MX record -> 0 Points
>
Partial FAIL on my part when checking facts for my last message.
I forgot to specify the DNS server used by the host command, so of
course running host from here saw
On Wed, 23 Feb 2011 12:40:21 +, RW wrote:
On Wed, 23 Feb 2011 13:22:22 +0100
Per Jessen wrote:
Henry | Security Division wrote:
> Hi Martin,
>
> i know what you mean. Your sender domain is gregorie.org. There
are
> two MX records in your DNS Zone. So that´s fine. I just want
> Spa
On 2/23/11 7:40 AM, Henry | Security Division wrote:
Hi Per,
you are right. I´d just like to check for missing mx records.
Here is a draft RFC about that topic "A NULL MX Resource Record means
"I never accept email""
http://tools.ietf.org/html/draft-delany-nullmx-00
read the rfc again. m
On Wed, 23 Feb 2011 13:33:48 +0100, Giles Coochey wrote:
On 23/02/2011 13:22, Per Jessen wrote:
Henry | Security Division wrote:
The "default" MX is the A-record for the domain.
Quite, not having an MX record does not really mean anything as the A
record for the domain would (or should) be
On Wed, 23 Feb 2011 13:22:22 +0100, Per Jessen wrote:
Henry | Security Division wrote:
Hi Martin,
i know what you mean. Your sender domain is gregorie.org. There are
two MX records in your DNS Zone. So that´s fine. I just want
Spamassassin to flag mails from senders who have no MX Records.
On Wed, 23 Feb 2011 13:22:22 +0100
Per Jessen wrote:
> Henry | Security Division wrote:
>
> > Hi Martin,
> >
> > i know what you mean. Your sender domain is gregorie.org. There are
> > two MX records in your DNS Zone. So that´s fine. I just want
> > Spamassassin to flag mails from senders w
On 23/02/2011 13:22, Per Jessen wrote:
Henry | Security Division wrote:
The "default" MX is the A-record for the domain.
Quite, not having an MX record does not really mean anything as the A
record for the domain would (or should) be used, which comes from a time
before MX records existed.
Henry | Security Division wrote:
> Hi Martin,
>
> i know what you mean. Your sender domain is gregorie.org. There are
> two MX records in your DNS Zone. So that´s fine. I just want
> Spamassassin to flag mails from senders who have no MX Records. I
> have tested this anti-spam mechanism in a
Hi Martin,
i know what you mean. Your sender domain is gregorie.org. There are two
MX records in your DNS Zone. So that´s fine. I just want Spamassassin to
flag mails from senders who have no MX Records. I have tested this
anti-spam mechanism in a big environment on a commercial mailgateway an
On Wed, 2011-02-23 at 11:24 +0100, Henry | Security Division wrote:
> Hi list,
>
> I have a question. Is it possible to check with a Spamassassin rule for
> existing MX records of a sender domain and give points if the MX records
> exist or not exist?
>
> I know that such a check is possibl
On Wed, 23 Feb 2011 11:36:57 +0100, Giles Coochey wrote:
On 23/02/2011 11:24, Henry | Security Division wrote:
Hi list,
I have a question. Is it possible to check with a Spamassassin rule
for existing MX records of a sender domain and give points if the MX
records exist or not exist?
I know
On 23/02/2011 11:24, Henry | Security Division wrote:
Hi list,
I have a question. Is it possible to check with a Spamassassin rule
for existing MX records of a sender domain and give points if the MX
records exist or not exist?
I know that such a check is possible with Postfix, but I don´t w
50 matches
Mail list logo
