Folks,
I did a query to a community of anti-abuse email receivers, asking about
actual back-checks that they do. I am forwarding the responses I get, after
getting the author's permission, to add to the source data the working group
has.
Here's the first, albeit for rfc2821.mailfrom, rather than rfc2822.from:
-------- Original Message --------
Subject: Re: What is the standard DNS "call back"?
Date: Wed, 28 May 2008 16:57:02 -0400
From: Victor Duchovni <Victor(_dot_)Duchovni(_at_)morganstanley(_dot_)com>
On Wed, May 28, 2008 at 01:39:37PM -0700, Dave Crocker wrote:
Victor Duchovni wrote:
We reject mail with an invalid envelope sender domain. All further
decisions
are based on the reputation of client IP.
What objective tests are performed to determine whether the envelope sender
domain is valid?
The domain must have at least one MX host with with at least one "A"
(some day "AAAA") record, or if no MX hosts are present, the domain
itself must have a valid "A" (or "AAAA") record.
This boils down to there being at least one network address to which one
would attempt a TCP port 25 connection were one inclined to send a message
to the domain in question.
This is an *existence* test, not an *authenticity of origin* test. We do
not perform SPF checks, do not publish SPF records, and do not expect to
perform DKIM SSP tests. Our use of DKIM will be entirely for whitelisting.
We may at some point allow some external DKIM signers to bypass some of
our content filters. This will have nothing to do with rfc822.From.
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html