[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ingress SMTP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Andrews wrote:
>> You do realise that there a mail clients that check MX
>> records *before* submitting email (or before on sending the
>> email) so that typos get detected in the client before any
>> email is sent from the client.
I think you are not familiar with the difference between the DROP list
and the XBL. The DROP list is *not* an RBL!
I do not allow any traffic at all to or from the DROP list-- including
MX lookups. I can't think of any good reasons why I would.
The XBL is used only to block mail transport-- it is configured in
sendmail, not at the firewall. The scenario you lay out will still work:
- - end user on a dial up that happens to be on the XBL (common)
- - end user queries MX records, either directly or via their name server
- - end user submits mail to their SMTP server (not on the XBL)
- - SMTP server transports mail to my system
Unless one of those systems mentioned above is a hijacked name server in
Kyiv (and thus on the DROP list), everything will work.
...
alec
- --
`____________
/ Alec Berry \______________________________
| Senior Partner and Director of Technology \
| PGP/GPG key 0xE8E9030F |
| http://alec.restontech.com/#PGP |
|-------------------------------------------|
| RestonTech, Ltd. |
| http://www.restontech.com/ |
| Phone: (703) 234-2914 |
\___________________________________________/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIv/dTREO1P+jpAw8RAqiyAKDJt7FbFvplXB1JTe+dKDOOSXUijQCdH/cZ
4m4o9vE5FS96huARs2Rq5yU=
=Paen
-----END PGP SIGNATURE-----