[xmail] Re: RDNS
At 19:22 11/11/2004, Jeffrey Laramie wrote: >Hi All- > >The mail server belonging to a client of mine "mail.client.com" uses another >server "relay.client.com" to relay outgoing mail. mail.client.com appears to >be correctly configured but relay.client.com doesn't resolve. Mail from this >domain is bounced when it fails the XMail RDNS check. I'm trying not to piss >off a client, but it's my understanding that according to standards the relay >must have an A or CNAME record. Is this correct? If so, could someone point >me to the rfc that states this so I can gently point this out to the client? >I've been looking in RFC2821 but I'm not finding what I'm looking for. You may also want to look at RFC 2505 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: RDNS
On Thursday 11 November 2004 19:28, Tracy wrote: > At 19:22 11/11/2004, Jeffrey Laramie wrote: > >Hi All- > > > >The mail server belonging to a client of mine "mail.client.com" uses > > another server "relay.client.com" to relay outgoing mail. mail.client.com > > appears to be correctly configured but relay.client.com doesn't resolve. > > Mail from this domain is bounced when it fails the XMail RDNS check. I'm > > trying not to piss off a client, but it's my understanding that according > > to standards the relay must have an A or CNAME record. Is this correct? > > If so, could someone point me to the rfc that states this so I can gently > > point this out to the client? I've been looking in RFC2821 but I'm not > > finding what I'm looking for. > > RFC 2821, section 3.6 > > > 3.6 Domains > > Only resolvable, fully-qualified, domain names (FQDNs) are permitted > when domain names are used in SMTP. In other words, names that can > be resolved to MX RRs or A RRs (as discussed in section 5) are > permitted, as are CNAME RRs whose targets can be resolved, in turn, > to MX or A RRs. Local nicknames or unqualified names MUST NOT be > used. There are two exceptions to the rule requiring FQDNs: > > - The domain name given in the EHLO command MUST BE either a primary >host name (a domain name that resolves to an A RR) or, if the host >has no name, an address literal as described in section 4.1.1.1. > > - The reserved mailbox name "postmaster" may be used in a RCPT >command without domain qualification (see section 4.1.1.3) and >MUST be accepted if so used. Ah, there it is. Thanks Tracy Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: RDNS
At 19:22 11/11/2004, Jeffrey Laramie wrote: >Hi All- > >The mail server belonging to a client of mine "mail.client.com" uses another >server "relay.client.com" to relay outgoing mail. mail.client.com appears to >be correctly configured but relay.client.com doesn't resolve. Mail from this >domain is bounced when it fails the XMail RDNS check. I'm trying not to piss >off a client, but it's my understanding that according to standards the relay >must have an A or CNAME record. Is this correct? If so, could someone point >me to the rfc that states this so I can gently point this out to the client? >I've been looking in RFC2821 but I'm not finding what I'm looking for. RFC 2821, section 3.6 3.6 Domains Only resolvable, fully-qualified, domain names (FQDNs) are permitted when domain names are used in SMTP. In other words, names that can be resolved to MX RRs or A RRs (as discussed in section 5) are permitted, as are CNAME RRs whose targets can be resolved, in turn, to MX or A RRs. Local nicknames or unqualified names MUST NOT be used. There are two exceptions to the rule requiring FQDNs: - The domain name given in the EHLO command MUST BE either a primary host name (a domain name that resolves to an A RR) or, if the host has no name, an address literal as described in section 4.1.1.1. - The reserved mailbox name "postmaster" may be used in a RCPT command without domain qualification (see section 4.1.1.3) and MUST be accepted if so used. - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] RDNS
Hi All- The mail server belonging to a client of mine "mail.client.com" uses another server "relay.client.com" to relay outgoing mail. mail.client.com appears to be correctly configured but relay.client.com doesn't resolve. Mail from this domain is bounced when it fails the XMail RDNS check. I'm trying not to piss off a client, but it's my understanding that according to standards the relay must have an A or CNAME record. Is this correct? If so, could someone point me to the rfc that states this so I can gently point this out to the client? I've been looking in RFC2821 but I'm not finding what I'm looking for. Thanks, Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: XMail-AV 1.2 released
Marvellous. I am now using it with F-Prot and Sophos side by side. All looks to be working great. Hopefully if F-Prot misses it Sophos will catch it. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason J. Ellingson Sent: 10 November 2004 13:38 To: [EMAIL PROTECTED] Subject: [xmail] XMail-AV 1.2 released Announcing an updated XMail-AV for Win32 in .NET 1.1! Version: 1.2.1775.12629 Released: 2004-Nov-10 Download: http://www.ellingson.com/xmail/av/xmail-av-1.2.1775.12629.zip == Added - Now works with Sophos Anti-Virus (SAV32CLI.EXE). Again, if want to run more than one antivirus, then place a filter command for each one in your filters.post-data.tab file. == Jason J Ellingson Technical Consultant 615.301.1682 : nashville 612.605.1132 : minneapolis www.ellingson.com [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: valid eMail address?
[EMAIL PROTECTED] wrote on Thursday, November 11, 2004 1:40 = PM: > At 07:34 11/11/2004, S=3DF6nke Ruempler wrote: >> You did not understand me. In my case is not the recipient invalid, >> but =3D3D the sender ! Xmail accepts the Mail while an Exchange = behind >> Xmail doesn't.=20 >=20 > True. This is one of those situations where using a > connection to the=3D20 > forwarded server at pre-data would help. Because even if the sender > is=3D20 valid, there are reasons why the final recipient might reject > it (blocking=3D > =3D20 > lists, local filters, etc). >=20 > Although I do understand the original question - why would > Xmail accept the=3D > =3D20 > address which is not "valid"... But in a forwarding setup, > it's usually=3D20 > good to let the final recipient system make the final determination, > if=3D20 possible.=3D20 Because of that i asked if the address is valid or it is a bug that = Xmail accepts it ... - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: valid eMail address?
At 07:34 11/11/2004, S=F6nke Ruempler wrote: >You did not understand me. In my case is not the recipient invalid, but =3D >the >sender ! Xmail accepts the Mail while an Exchange behind Xmail doesn't. True. This is one of those situations where using a connection to the=20 forwarded server at pre-data would help. Because even if the sender is=20 valid, there are reasons why the final recipient might reject it (blocking= =20 lists, local filters, etc). Although I do understand the original question - why would Xmail accept the= =20 address which is not "valid"... But in a forwarding setup, it's usually=20 good to let the final recipient system make the final determination, if=20 possible.=20 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: valid eMail address?
[EMAIL PROTECTED] wrote on Thursday, November 11, 2004 1:14 = PM: > Myself, if I'm forwarding all mail for a domain, I request a > list of all=3D20 > valid users / aliases for the domain, so I can do local > validity checking=3D20 > before accepting a message for forwarding (in essence, > setting up a local=3D20 > domain to verify the mail, then using mailprocs to forward > the message on=3D20 > to the intended server). >=20 > However it would also be possible to set up a pre-data filter > to make a=3D20 > connection to the destination server and test that the > message is addresed=3D > =3D20 > to a valid recipient. You did not understand me. In my case is not the recipient invalid, but = the sender ! Xmail accepts the Mail while an Exchange behind Xmail doesn't. - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
[xmail] Re: valid eMail address?
At 02:03 11/11/2004, S=F6nke Ruempler wrote: >[EMAIL PROTECTED] wrote on Wednesday, November 10, 2004 4:01 =3D >PM: > > > Why are you accepting, then bouncing, mail? In today's > > climate of widely=3D3D20 > > forged envelope senders, it doesn't make sense to accept then bounce > > - as=3D3D20 much as possible, things should be rejected during the > > protocol session=3D3D20 > > with a SMTP error.=3D3D20 > >Because Xmail should forward this message. Forwarding is always a problem, but there are ways to handle it (depending= =20 on the type of forwarding you're doing). Myself, if I'm forwarding all mail for a domain, I request a list of all=20 valid users / aliases for the domain, so I can do local validity checking=20 before accepting a message for forwarding (in essence, setting up a local=20 domain to verify the mail, then using mailprocs to forward the message on=20 to the intended server). However it would also be possible to set up a pre-data filter to make a=20 connection to the destination server and test that the message is addresed= =20 to a valid recipient. Of course, there are other reasons for rejecting a message, such as viruses= =20 or spam content - but since both of those are typically forged, it makes=20 sense to dump those rather than bouncing them. If you're worried about=20 false positives in this sense, perhaps a short note to the intended=20 recipient saying "We quarantined a suspect email from due to=20 . If you wish to look at this message, please ". I'm sure there are other ways, as well - these are just two that I'm=20 familiar with. But (in my opinion, of course) sending NDNs for anything these days is=20 really not the best idea. There is way too much forgery going on for NDNs=20 to be even close to reliable - and there are a lot of domains out there who= =20 are doing "block on sight" of NDNs to forged senders.=20 - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
