[Sidewinder] Sendmail bounces to 127.0.0.1 - recommendations?
Sidewinder moderated discussion list
sidewinder at adeptech.com
Wed Sep 26 15:09:05 EDT 2007
--On Dienstag, September 25, 2007 12:00:02 -0400
sidewinder-request at adeptech.com wrote:
> But some of those guys are overly clever, using a sender
> domain with a primary MX resolving to 127.0.0.1.
Hi,
(did not try this on sidewinder, so beware :)
I recently developed a sendmail FEATURE macro to check exactly that.
Unfortunately, I developed that for a customer so I probably cannot publish
it. But here is the basic idea:
- in Ruleset Local_check_mail, do an MX lookup (map "bestmx") on the
sender address
- do an A record lookup on the resulting host name (map "dns -R A")
- lookup that IP address in the access table, using a
new prefix for the entries there
- use error codes or "OK" values from access lookup
- use "OK" for default
That allows you to reject those mail completely, and you can configure
also sender mx entries like 10.x.x.x to be refused. It even allows you
to configure exceptions, just in case an important customer (or even
your own IT department :) exports some internal DNS to outside.
Downside is that it increases DNS traffic and adds some
latency in processing.
Best regards
Matthias
--
Matthias Ferdinand EDV-Beratung
Goethestrasse 5
D-66121 Saarbruecken
+49-681-96869-80
mf at mfedv.net
More information about the Sidewinder
mailing list