LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 10-19-2005, 10:18 PM   #1
jrbush82
Member
 
Registered: Mar 2002
Location: Hampton, VA
Posts: 86

Rep: Reputation: 15
Sendmail - How to only relay if mx resolves for sender?


Basically, I want to configure sendmail to only relay e-mails destined for my network by resolving the from domain's mx record to that of the sending server.

I think this would significantly reduce spam in doing this. For example, I send an e-mail from my home system with sendmail, the from domain is hotmail.com. So, when I resolve hotmail's mx records and it comes back with:

hotmail.com mail exchanger = 5 mx3.hotmail.com.
hotmail.com mail exchanger = 5 mx4.hotmail.com.
hotmail.com mail exchanger = 5 mx1.hotmail.com.
hotmail.com mail exchanger = 5 mx2.hotmail.com.

mx1.hotmail.com internet address = 64.4.50.50
mx1.hotmail.com internet address = 64.4.50.99
mx1.hotmail.com internet address = 65.54.166.99
mx1.hotmail.com internet address = 65.54.252.99

mx2.hotmail.com internet address = 65.54.252.230
mx2.hotmail.com internet address = 65.54.166.230
mx2.hotmail.com internet address = 65.54.190.7
mx2.hotmail.com internet address = 65.54.190.50

mx3.hotmail.com internet address = 64.4.50.239
mx3.hotmail.com internet address = 65.54.167.5
mx3.hotmail.com internet address = 65.54.253.99
mx3.hotmail.com internet address = 64.4.50.179

mx4.hotmail.com internet address = 65.54.190.179
mx4.hotmail.com internet address = 65.54.190.230
mx4.hotmail.com internet address = 65.54.253.230
mx4.hotmail.com internet address = 65.54.167.230

So unless the senders IP address is equal to that of the list above, it will reject it.

Does anybody have any experience with this and know how I can go about doing this?

Thanks,
Jason Bush

Last edited by jrbush82; 10-19-2005 at 10:35 PM.
 
Old 10-20-2005, 08:03 PM   #2
tedfordgif
Member
 
Registered: Dec 2003
Posts: 43

Rep: Reputation: 15
You're looking for http://spf.pobox.com/. For sendmail support, see http://spf.pobox.com/downloads.html

MX records are for hosts that _receive_ mail for a domain, not send it.
 
Old 10-21-2005, 07:45 AM   #3
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 230Reputation: 230Reputation: 230
"double reverse DNS lookup"

He's right, MX records tell you where to send mail, not where to expect it from; so they aren't going to help you detect spoofing. Remember POP, IMAP, & SMTP are 3 different services, w/ 3 different port numbers, potentially running on 3 different servers.

What you want to do is a technique which I do not know the official name for. Informally, I call it "double reverse DNS lookup" & I'd like to know what its real name is. It is in common, but not universal, use & works like this:

Do a reverse DNS lookup on the originating IP, then do a forward (regular) DNS lookup on the result. The result should match the original IP; if not, suspect spoofing & bounce. Please don't ask me how to implement this or what to do if the e-mail headers contain a long chain of, possibly spoofed, IP addresses.

This technique fails for legitimate mail sources that have several physical servers (w/ unique IPs) lumped under 1 domain name. The result is that an apparently bogus IP is returned for all but the 1 server pointed to by the domain name. I have been told that somewhere in the RFCs that define the 'Net, there is a rule that says this shouldn't happen -- that all boxen like this should have unique domain names; but there are no "domain name police" to enforce this, and it does not break things often enough to motivate everyone who causes the problem to immediately fix it. My ISP is a prime example & the result is that I have one friend to whom I can't send e-mail at his work address, because his employer does this kind of filtering.

Perhaps someone can enlighten us about both the name & implementation.
 
Old 10-21-2005, 07:46 AM   #4
archtoad6
Senior Member
 
Registered: Oct 2004
Location: Houston, TX (usa)
Distribution: MEPIS, Debian, Knoppix,
Posts: 4,727
Blog Entries: 15

Rep: Reputation: 230Reputation: 230Reputation: 230
"double reverse DNS lookup"

Accidental duplicate post, please remove.

Last edited by archtoad6; 10-21-2005 at 08:07 AM.
 
Old 10-21-2005, 10:48 AM   #5
tedfordgif
Member
 
Registered: Dec 2003
Posts: 43

Rep: Reputation: 15
One caveat about SPF: even spammers can publish spf records (for their own domains). But at that point they'll become a little easier to filter/blacklist.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail - wrong mail sender domain display jika Linux - Newbie 1 05-27-2005 02:29 AM
sendmail to fake sender? wizardmax Linux - Newbie 1 09-23-2004 03:18 PM
relay mail to sendmail relay server??? lemay_jeff Linux - Newbie 0 07-06-2004 04:54 PM
Sendmail: Domain of sender address does not exist 360 Linux - Networking 1 02-02-2003 08:40 PM
Sendmail Domain of sender address does not exist mantiev Linux - Networking 0 05-08-2001 07:58 AM


All times are GMT -5. The time now is 05:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration