[conspire] (forw) [sorbs.net #212641] [Webform] SORBS registration systems sends RFC-ignorant mail

Rick Moen rick at linuxmafia.com
Tue Oct 28 10:47:46 PDT 2008

Quoting Ruben Safir (ruben at mrbrklyn.com):

> I don't really need the RFC quote, but I just want to understand.  This
> check for the deliverable mailing address can take place during the SMTP
> handshake?  Or does a separate inquiry to the sending server need to
> take place?

It's a separate SMTP connection (back) to an MX of the claimed sending

So, if the incoming connection is claimed to be from
ruben at mrbrooklyn.com, my MTA will first try to look up the relevant MX
record (if any):

:r! dig -t mx mrbrooklyn.com +short
[returns null]

SMTP's fallback, absent an explicit MX record, is to use the "A" record:

:r! dig mrbrooklyn.com +short

So, my SMTP host will then open a socket on that IP's port 25, do HELO, 
and initiate a (partial) e-mail to "ruben at mrbrooklyn.com".  If that is 
indicated as an acceptable addresssee ("250 Recipient OK" or something
like that), then my MTA cancels the test message, caches the successful
result, and permits your MTA's pending delivery on the connection the
other way.

Note that my MTA's connection is not necessarily to "the sending
server", just to one of the MXes (mail exchangers) for the claimed
sending domain.

> Doesn't that require that the two machines, client and server, be
> directly connected?  Because most mail I receive seems to be going
> through levels of relays.  

Again, the callout (callback) check's network socket is not necessarily
to the "server" as in the machine that is currently seeking to drop off
mail:  It is to one of the authorised MXes of the claimed sending
domain.  That MX should (must) know what's a valid address within its
mail domain and what is not.

More information about the conspire mailing list