[Greylist-users] Possible Enhancements

Deke Clinger dclinger at qualcomm.com
Tue Jan 25 11:49:20 PST 2005

On Tue, 25 Jan 2005, Steven Grimm wrote:

> I took the proposal to mean, check the MX record for the domain in
> question, and let the mail through if the MX record contains the IP
> address of the sending host. Which would block joe-jobs unless the
> spammer listed his entire network of hijacked machines in his MX record
> (which would be handy for anti-spam people!)

This technique assumes that the MX for a given domain (the inbound mail
handler) is also always the outbound mail handler. This is almost never true
for domains of significant size and it's becoming less and less true for
smaller sites, what with hosted mail service, etc.

There's a lot of work afoot to define and publish 'designated sender' records
in DNS (RMX, SPF, caller-id, etc) but it's not sound to assume that mail for a
given domain will come _from_ the machines in the MX record.


More information about the Greylist-users mailing list