|
How to Use:
Submit to: Lookup Listing Policy: Hosting of RFCI |
dsn.rfc-ignorant.org listing policyPrecedent - Annotated References: RFCs 5321, 2505Type: DomainDomains are listed in thedsn.rfc-ignorant.org zone based on the
following criterion:
If the publicly listed MX record for domain refuses to accept mail with a originator given as <>, then the domain will be considered a viable candidate for inclusion in the zone. For example, let's say the domain in question is "example.tld", and an MX query for "example.tld" returns two mail servers, "mx1.example.tld" and "backup-mx.example.tld". If you connect to either of those MXes and mail FROM "<>" and TO an address in the example.tld domain is rejected (unless it is clear it is being rejected because the target address doesn't actually exist), then example.tld could be listed. Generally, sending MAIL FROM:<> and RCPT TO:<postmaster@example.tld> is a good test case, since the former address should exist and the latter address should not be cause for rejection (if it is rejected, see postmaster.rfc-ignorant.org). All MX candidates are considered, and if any of them "fail the test", the domain is listed. This is because any one of those MX handlers can cause problems for the postmaster of the host attempting to send a bounce (which is sent with a MAIL FROM of "<>" to prevent loops). This is all best summed up by section 5.2.9 of RFC1123, which says: The syntax shown in RFC-821 for the MAIL FROM: command omits the case of an empty path: "MAIL FROM:<>" (see RFC-821 Page 15). An empty reverse path MUST be supported. In the case of "temporary failures", where the MX returns a 4xx series response to e-mails under consideration, it shall be considered a "fatal error" if, after the default sendmail queue-return time (5 days), the recipient MX fails to accept the mail. In the case of a fatal error, the domain shall be considered to meet the listing criteria. If the rejection message clearly indicates the reason for denial as not being something related to the null-envelope (or above-mentioned timeout) ("{ip} rejected as listed on the MAPS RBL", etc.), then that spam-blocking shall not be considered grounds to list a domain. If any of the valid MX servers for a domain have private, reserved, or otherwise bogus IP addresses, then the domain would be listed. (E.g., given an address of <foo@example.tld>, if the MX for example.tld is mail.example.tld, and the A record listed in DNS for mail.example.tld is 127.0.0.1, then example.tld would be listed.) Likewise, if all of the given MX RRs for a domain are invalid, for example by all being IP addresses instead of hostnames, then that domain shall be considered "undeliverable", since an RFC-compliant MTA would be unable to find a valid MX to contact after invalidating the bogus MX RRs. Such undeliverable status would cause a domain to be subject to listing.
$Id: policy-dsn.php,v 1.18 2008-10-13 14:07:53 dredd Exp $ |
