-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mark Andrews wrote:
You do realise that there a mail clients that check MX records *before* submitting email (or before on sending the email) so that typos get detected in the client before any email is sent from the client.
I think you are not familiar with the difference between the DROP list and the XBL. The DROP list is *not* an RBL! I do not allow any traffic at all to or from the DROP list-- including MX lookups. I can't think of any good reasons why I would. The XBL is used only to block mail transport-- it is configured in sendmail, not at the firewall. The scenario you lay out will still work: - - end user on a dial up that happens to be on the XBL (common) - - end user queries MX records, either directly or via their name server - - end user submits mail to their SMTP server (not on the XBL) - - SMTP server transports mail to my system Unless one of those systems mentioned above is a hijacked name server in Kyiv (and thus on the DROP list), everything will work. ... alec - -- `____________ / Alec Berry \______________________________ | Senior Partner and Director of Technology \ | PGP/GPG key 0xE8E9030F | | http://alec.restontech.com/#PGP | |-------------------------------------------| | RestonTech, Ltd. | | http://www.restontech.com/ | | Phone: (703) 234-2914 | \___________________________________________/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIv/dTREO1P+jpAw8RAqiyAKDJt7FbFvplXB1JTe+dKDOOSXUijQCdH/cZ 4m4o9vE5FS96huARs2Rq5yU= =Paen -----END PGP SIGNATURE-----