New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verify return-path for incoming messages #41
Comments
I wonder whether we should require rDNS records to be present for the source server. Gmail requires that and so any legitimate and properly configured mail server that wants to work with it (almost all?) should have it. |
Counter-argument to requiring rDNS - I run a mailserver at home but my ISP won't configure rDNS since I don't host from a business plan (and they won't let me upgrade to one...). This breaks sending to only a limited number of recipients, and most mailservers seem to not care about rDNS and receive my email just fine. |
Alright, we will leave the rDNS check turned off by default then. |
I wonder if we should define something to run these checks before client sends us a body to not waste traffic on messages that will be rejected anyway. |
@NamedKitten is working on it ( |
Should probbaly be done by optimizing the whole pipeline to be streaming instead. |
Following conditions should be met for verification to pass:
These checks are built on the assumption that we have a DNSSEC-enabled resolver and the source server does have DNSSEC enabled.
The text was updated successfully, but these errors were encountered: