[Greylist-users] Possible Enhancements

Deke Clinger dclinger at qualcomm.com
Tue Jan 25 12:19:23 PST 2005


On Tue, 25 Jan 2005, Steven Grimm wrote:

> Deke Clinger wrote:
>
> >This technique assumes that the MX for a given domain (the inbound mail
> >handler) is also always the outbound mail handler. This is almost never true
> >for domains of significant size and it's becoming less and less true for
> >smaller sites, what with hosted mail service, etc.
> >
> >There's a lot of work afoot to define and publish 'designated sender' records
> >in DNS (RMX, SPF, caller-id, etc) but it's not sound to assume that mail for a
> >given domain will come _from_ the machines in the MX record.
> >
> >
> At which point you greylist and are no worse off than before.
>
> (Again, I don't think this is a good idea, but that's not why it's bad.)

I'm glad to hear that. I'm beating this to death to make certain that the
people on the list understand that using any technique that only accepts mail
for a given domain that comes from an MX for that domain will result in loss
of ALL mail from substantially all domains of any significant size.

There. I feel better now.

-Deke


More information about the Greylist-users mailing list