Has anyone investigated the operational effects of causing domains with any abusive MX entries (such as 0.0.0.0 or 127.0.0.1) to fail to verify? For example, with the usual ignore_target_hosts settings the domain below will verify OK because one of its MX hosts is valid. Perhaps it would be better to fail to verify domains like this - though I'm not sure how to achieve this without patching Exim.
; <<>> DiG 8.3 <<>> mx frognet.net.returnreceipt.com ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61015 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3 ;; QUERY SECTION: ;; frognet.net.returnreceipt.com, type = MX, class = IN ;; ANSWER SECTION: frognet.net.returnreceipt.com. 1d7h28m38s IN MX 5 frognet.net.returnreceipt.com. frognet.net.returnreceipt.com. 1d7h28m38s IN MX 10 guardpuppy.com. ;; AUTHORITY SECTION: frognet.net.returnreceipt.com. 1d7h28m38s IN NS guardpuppy.com. frognet.net.returnreceipt.com. 1d7h28m38s IN NS copa.geek.net.au. ;; ADDITIONAL SECTION: frognet.net.returnreceipt.com. 1d7h28m38s IN A 0.0.0.0 guardpuppy.com. 1d7h28m38s IN A 193.114.233.33 copa.geek.net.au. 4h10m4s IN A 203.217.18.13 ;; Total query time: 21 msec ;; FROM: cyan.csi.cam.ac.uk to SERVER: 127.0.0.1 ;; WHEN: Mon May 16 10:53:26 2005 ;; MSG SIZE sent: 47 rcvd: 211 Tony. -- <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${sg{\N${sg{\ N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\ \N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}} -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
