The rfc prescribes (MUST) the use of your public domain in the domain part of your mid. So the dns tests are just the first in the queue. The dimain must also match early in the Reveived list. If you fail with it, then you have problems with every rfc-compliant smtp server world-wide. This filter is especially useful against scripts, spamming programs, and web-based mailers. Sent from ProtonMail Mobile
On Wed, Jul 26, 2017 at 6:07 PM, Ian Zimmerman <i...@very.loosely.org> wrote: > On 2017-07-26 02:48, Rupert Gallagher wrote: > When a mail arrives without > mid, either the sender did not use a real > SMTP server or tried to hide it. > We have a custom SA rule for it. We > also reject upfront any mid with a > syntax error, or whose domain does > not have a rdns (eg. > @localhost.localdomain or @test.com). I suspect you'll miss this message, > then. My Message-IDs intentionally identify the originating host, which makes > me more confident that they're unique. The originating host is behind two > layers of NAT and DHCP, and naturally doesn't have rDNS. I don't know how to > ensure uniqueness if I use the relaying SMTP server's domain, or the domain > of the perimeter of the NATted network, which can have rDNS (and does, via a > dyn-like update service), but which I do not own or control. -- Please don't > Cc: me privately on mailing lists and Usenet, if you also post the followup > to the list or newsgroup. Do obvious transformation on domain to reply > privately _only_ on Usenet.
