On 11/09/16 11:07,
dl8...@dl8fbh.ampr.org wrote:
...
>
> I recommend mailfromd in general, one of the best.
>
> Mike
I've just had a look at that - maybe I'm misunderstanding something, but
I think the 'strict' 'callout' test for sender email address validity is
wrong.
Rather than check the given domain name ("standard" check), "strict"
does a reverse lookup on sender IP, gets an MX list for that name, and
checks whether any of those will accept mail for the sender's email
address. That's fine if outbound and inbound email are handled by the
exact same server(s).
But an outbound route is not necessarily the same as inbound: my own
home setup is a case in point, where outbound mail all passes through my
ISP's mail server, yet I handle inbound directly on my own server, the
ISP server knowing nothing about my domain. Thus if I send mail to
someone using mailfromd's "strict" mode, they'll see my ISP's IP
address, get my ISP's domain name and MX records, test /my/ email
address against each of /those/, which will of course fail, and bounce
the email. Which is quite wrong behaviour, as everything I'm doing is
legitimate.
Or have I not understood correctly?