On 08.02.10 22:08, dar...@chaosreigns.com wrote: > You get an email delivered from 64.71.152.40 (last untrusted > relay). You look up the DNS A record for that IP, and get
You won't look up A records for an IP, IP address do NOT have A records. You can look up PTR (or any other record) for 40.152.71.64.in-addr.arpa. > mail.chaosreigns.com. Then you look up the DNS PTR record of > 40.152.71.64.designatedsender.mail.chaosreigns.com, and if it's > 127.0.0.1, it's a legit email sender and gets some negative SA score. Then I will look A record of mail.chaosreigns.com and see if it's 64.71.152.40. If you compare these two, you see that I need to control the same domains no matter which wsay I go. Just now I can do what you propose (and many spammers can too) but that doesn't mean my mail is legitimate. > Otherwise it's not, and gets some positive SA score (low at first until > adoption spreads). > > So it's not tied to the SMTP MAIL FROM or anything. > Forwarding doesn't break. What do you mean by this? Do you want to implement new way of defining which hosts are permitted to send e-mail? There already are attempts to do this, with false positives and negatives. Yours is a bit complicated and new which means everyone would need to implement this (otherwise he'd get false positives on his outgoing mail). Therefore I think it won't work this way. If you want to implement new way of defining which hosts are permitted to send e-mail from which domain, the same applies. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "They say when you play that M$ CD backward you can hear satanic messages." "That's nothing. If you play it forward it will install Windows."