[conspire] (forw) [sorbs.net #212641] [Webform] SORBS registration systems sends RFC-ignorant mail
Rick Moen
rick at linuxmafia.com
Tue Oct 28 10:47:46 PDT 2008
Quoting Ruben Safir (ruben at mrbrklyn.com):
> I don't really need the RFC quote, but I just want to understand. This
> check for the deliverable mailing address can take place during the SMTP
> handshake? Or does a separate inquiry to the sending server need to
> take place?
It's a separate SMTP connection (back) to an MX of the claimed sending
domain.
So, if the incoming connection is claimed to be from
ruben at mrbrooklyn.com, my MTA will first try to look up the relevant MX
record (if any):
:r! dig -t mx mrbrooklyn.com +short
[returns null]
SMTP's fallback, absent an explicit MX record, is to use the "A" record:
:r! dig mrbrooklyn.com +short
216.21.239.197
So, my SMTP host will then open a socket on that IP's port 25, do HELO,
and initiate a (partial) e-mail to "ruben at mrbrooklyn.com". If that is
indicated as an acceptable addresssee ("250 Recipient OK" or something
like that), then my MTA cancels the test message, caches the successful
result, and permits your MTA's pending delivery on the connection the
other way.
Note that my MTA's connection is not necessarily to "the sending
server", just to one of the MXes (mail exchangers) for the claimed
sending domain.
> Doesn't that require that the two machines, client and server, be
> directly connected? Because most mail I receive seems to be going
> through levels of relays.
Again, the callout (callback) check's network socket is not necessarily
to the "server" as in the machine that is currently seeking to drop off
mail: It is to one of the authorised MXes of the claimed sending
domain. That MX should (must) know what's a valid address within its
mail domain and what is not.
More information about the conspire
mailing list