Email rejected, what reason to give client??

Glenn Steen glenn.steen at gmail.com
Thu Apr 6 10:57:02 IST 2006


On 05/04/06, Rob Morin <Rob at thehostmasters.com> wrote:
> Hello all....
>
(snip, since others covered this nicely)

> Also i have a friend of mine that has his own mail server and he says he
> does a white list by adding to the white list any email address that the
> server sends email to...  IE any of his clients that send email via that
> server to a person, that email is put itn the white list
> automatically... is this safe? is it possible?

If he is whitelisting the email addresses, then he's opening himself
to badness, yes.
This means that all those "autowhitelists" are open to
address-forgery. Not good.
It's safer to whitelist IP addresses, but then, the receiving MTA of
an organization is not necessarily the sending MTA, and there is no
mandate (in RFC or otherwise) that the sending MTA even has a DNS
record, so... Not easy to go that route.

My PHB forced me to WL all "business associates" by address when we
started out with MS, but after a few forgeries slipping through he has
"seen the light", so now we aim at having a well-tuned SA/MS instead
of massive whitelists... So far (couple of years) this has been a much
better approach.

--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se


More information about the MailScanner mailing list