The Sender-MX-Check needs some enhancements. ;)
Spammers mostly use RFC1918-adresses or unresolveable names as MX-RR, e.g.:

@  IN  MX  $PRI   127.0.0.1
@  IN  MX  $PRI   has.no.a-record.
@  IN  MX  $PRI   has.rfc1918.a-record.

latest examples (all of the domains below are only used to deliver SPAM):

$ dig MX radiocompa.com
,-----
| ;; ANSWER SECTION:
| radiocompa.com.         86289   IN   MX   0 127.0.1.51.
`-----

or:

$ dig MX fflowershop.com                         
,-----
| ;; ANSWER SECTION:
| fflowershop.com.        3600    IN   MX   10 localhost.fabulous.com.
`-----
$ dig A localhost.fabulous.com @ns1.darkbluesea.com
,-----
| ;; ANSWER SECTION:
| localhost.fabulous.com. 3600    IN   A    127.0.0.1
`-----

If I had the time and better C skills, I  would add the tests myself but... ;)

regards,
  Lars

Reply via email to