[xmail] Re: RDNS

2004-11-11 Thread Tracy
At 19:22 11/11/2004, Jeffrey Laramie wrote:
>Hi All-
>
>The mail server belonging to a client of mine "mail.client.com" uses another
>server "relay.client.com" to relay outgoing mail. mail.client.com appears to
>be correctly configured but relay.client.com doesn't resolve. Mail from this
>domain is bounced when it fails the XMail RDNS check. I'm trying not to piss
>off a client, but it's my understanding that according to standards the relay
>must have an A or CNAME record. Is this correct? If so, could someone point
>me to the rfc that states this so I can gently point this out to the client?
>I've been looking in RFC2821 but I'm not finding what I'm looking for.


You may also want to look at RFC 2505

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: RDNS

2004-11-11 Thread Jeffrey Laramie
On Thursday 11 November 2004 19:28, Tracy wrote:
> At 19:22 11/11/2004, Jeffrey Laramie wrote:
> >Hi All-
> >
> >The mail server belonging to a client of mine "mail.client.com" uses
> > another server "relay.client.com" to relay outgoing mail. mail.client.com
> > appears to be correctly configured but relay.client.com doesn't resolve.
> > Mail from this domain is bounced when it fails the XMail RDNS check. I'm
> > trying not to piss off a client, but it's my understanding that according
> > to standards the relay must have an A or CNAME record. Is this correct?
> > If so, could someone point me to the rfc that states this so I can gently
> > point this out to the client? I've been looking in RFC2821 but I'm not
> > finding what I'm looking for.
>
> RFC 2821, section 3.6
>
>
> 3.6 Domains
>
> Only resolvable, fully-qualified, domain names (FQDNs) are permitted
> when domain names are used in SMTP.  In other words, names that can
> be resolved to MX RRs or A RRs (as discussed in section 5) are
> permitted, as are CNAME RRs whose targets can be resolved, in turn,
> to MX or A RRs.  Local nicknames or unqualified names MUST NOT be
> used.  There are two exceptions to the rule requiring FQDNs:
>
> -  The domain name given in the EHLO command MUST BE either a primary
>host name (a domain name that resolves to an A RR) or, if the host
>has no name, an address literal as described in section 4.1.1.1.
>
> -  The reserved mailbox name "postmaster" may be used in a RCPT
>command without domain qualification (see section 4.1.1.3) and
>MUST be accepted if so used.

Ah, there it is. Thanks Tracy

Jeff
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: RDNS

2004-11-11 Thread Tracy
At 19:22 11/11/2004, Jeffrey Laramie wrote:
>Hi All-
>
>The mail server belonging to a client of mine "mail.client.com" uses another
>server "relay.client.com" to relay outgoing mail. mail.client.com appears to
>be correctly configured but relay.client.com doesn't resolve. Mail from this
>domain is bounced when it fails the XMail RDNS check. I'm trying not to piss
>off a client, but it's my understanding that according to standards the relay
>must have an A or CNAME record. Is this correct? If so, could someone point
>me to the rfc that states this so I can gently point this out to the client?
>I've been looking in RFC2821 but I'm not finding what I'm looking for.

RFC 2821, section 3.6


3.6 Domains

Only resolvable, fully-qualified, domain names (FQDNs) are permitted
when domain names are used in SMTP.  In other words, names that can
be resolved to MX RRs or A RRs (as discussed in section 5) are
permitted, as are CNAME RRs whose targets can be resolved, in turn,
to MX or A RRs.  Local nicknames or unqualified names MUST NOT be
used.  There are two exceptions to the rule requiring FQDNs:

-  The domain name given in the EHLO command MUST BE either a primary
   host name (a domain name that resolves to an A RR) or, if the host
   has no name, an address literal as described in section 4.1.1.1.

-  The reserved mailbox name "postmaster" may be used in a RCPT
   command without domain qualification (see section 4.1.1.3) and
   MUST be accepted if so used.


-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] RDNS

2004-11-11 Thread Jeffrey Laramie
Hi All-

The mail server belonging to a client of mine "mail.client.com" uses another 
server "relay.client.com" to relay outgoing mail. mail.client.com appears to 
be correctly configured but relay.client.com doesn't resolve. Mail from this 
domain is bounced when it fails the XMail RDNS check. I'm trying not to piss 
off a client, but it's my understanding that according to standards the relay 
must have an A or CNAME record. Is this correct? If so, could someone point 
me to the rfc that states this so I can gently point this out to the client? 
I've been looking in RFC2821 but I'm not finding what I'm looking for.

Thanks,

Jeff
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: XMail-AV 1.2 released

2004-11-11 Thread Alex Young
 Marvellous. I am now using it with F-Prot and Sophos side by side. All
looks to be working great. Hopefully if F-Prot misses it Sophos will catch
it.

Thanks,
Alex


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Jason J. Ellingson
Sent: 10 November 2004 13:38
To: [EMAIL PROTECTED]
Subject: [xmail] XMail-AV 1.2 released

Announcing an updated XMail-AV for Win32 in .NET 1.1!

 Version: 1.2.1775.12629
Released: 2004-Nov-10
Download: http://www.ellingson.com/xmail/av/xmail-av-1.2.1775.12629.zip
==
Added - Now works with Sophos Anti-Virus (SAV32CLI.EXE).  Again, if
want to run more than one antivirus, then place a filter
command for each one in your filters.post-data.tab file.
==

Jason J Ellingson
Technical Consultant

615.301.1682 : nashville
612.605.1132 : minneapolis

www.ellingson.com
[EMAIL PROTECTED]

-
To unsubscribe from this list: send the line "unsubscribe xmail" in the body
of a message to [EMAIL PROTECTED] For general help: send the line
"help" in the body of a message to [EMAIL PROTECTED]

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: valid eMail address?

2004-11-11 Thread Sönke Ruempler
[EMAIL PROTECTED] wrote on Thursday, November 11, 2004 1:40 =
PM:

> At 07:34 11/11/2004, S=3DF6nke Ruempler wrote:
>> You did not understand me. In my case is not the recipient invalid,
>> but =3D3D the sender ! Xmail accepts the Mail while an Exchange =
behind
>> Xmail doesn't.=20
>=20
> True. This is one of those situations where using a
> connection to the=3D20
> forwarded server at pre-data would help. Because even if the sender
> is=3D20 valid, there are reasons why the final recipient might reject
> it (blocking=3D
> =3D20
> lists, local filters, etc).
>=20
> Although I do understand the original question - why would
> Xmail accept the=3D
> =3D20
> address which is not "valid"... But in a forwarding setup,
> it's usually=3D20
> good to let the final recipient system make the final determination,
> if=3D20 possible.=3D20

Because of that i asked if the address is valid or it is a bug that =
Xmail
accepts it ...
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: valid eMail address?

2004-11-11 Thread Tracy
At 07:34 11/11/2004, S=F6nke Ruempler wrote:
>You did not understand me. In my case is not the recipient invalid, but =3D
>the
>sender ! Xmail accepts the Mail while an Exchange behind Xmail doesn't.

True. This is one of those situations where using a connection to the=20
forwarded server at pre-data would help. Because even if the sender is=20
valid, there are reasons why the final recipient might reject it (blocking=
=20
lists, local filters, etc).

Although I do understand the original question - why would Xmail accept the=
=20
address which is not "valid"... But in a forwarding setup, it's usually=20
good to let the final recipient system make the final determination, if=20
possible.=20

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: valid eMail address?

2004-11-11 Thread Sönke Ruempler
[EMAIL PROTECTED] wrote on Thursday, November 11, 2004 1:14 =
PM:

> Myself, if I'm forwarding all mail for a domain, I request a
> list of all=3D20
> valid users / aliases for the domain, so I can do local
> validity checking=3D20
> before accepting a message for forwarding (in essence,
> setting up a local=3D20
> domain to verify the mail, then using mailprocs to forward
> the message on=3D20
> to the intended server).
>=20
> However it would also be possible to set up a pre-data filter
> to make a=3D20
> connection to the destination server and test that the
> message is addresed=3D
> =3D20
> to a valid recipient.

You did not understand me. In my case is not the recipient invalid, but =
the
sender ! Xmail accepts the Mail while an Exchange behind Xmail doesn't.
-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]



[xmail] Re: valid eMail address?

2004-11-11 Thread Tracy
At 02:03 11/11/2004, S=F6nke Ruempler wrote:
>[EMAIL PROTECTED] wrote on Wednesday, November 10, 2004 4:01 =3D
>PM:
>
> > Why are you accepting, then bouncing, mail? In today's
> > climate of widely=3D3D20
> > forged envelope senders, it doesn't make sense to accept then bounce
> > - as=3D3D20 much as possible, things should be rejected during the
> > protocol session=3D3D20
> > with a SMTP error.=3D3D20
>
>Because Xmail should forward this message.

Forwarding is always a problem, but there are ways to handle it (depending=
=20
on the type of forwarding you're doing).

Myself, if I'm forwarding all mail for a domain, I request a list of all=20
valid users / aliases for the domain, so I can do local validity checking=20
before accepting a message for forwarding (in essence, setting up a local=20
domain to verify the mail, then using mailprocs to forward the message on=20
to the intended server).

However it would also be possible to set up a pre-data filter to make a=20
connection to the destination server and test that the message is addresed=
=20
to a valid recipient.

Of course, there are other reasons for rejecting a message, such as viruses=
=20
or spam content - but since both of those are typically forged, it makes=20
sense to dump those rather than bouncing them. If you're worried about=20
false positives in this sense, perhaps a short note to the intended=20
recipient saying "We quarantined a suspect email from  due to=20
. If you wish to look at this message, please ".

I'm sure there are other ways, as well - these are just two that I'm=20
familiar with.

But (in my opinion, of course) sending NDNs for anything these days is=20
really not the best idea. There is way too much forgery going on for NDNs=20
to be even close to reliable - and there are a lot of domains out there who=
=20
are doing "block on sight" of NDNs to forged senders.=20

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]