According to Janos Zsako:
What I think as the best solution is to patch sendmail to check from the name service if we really are in the mx list for the incoming mail.
We have been doing that for half a year now, and it works fine.
The idea is good indeed. I am, however, somewhat concerned about the following potential dangers:
1. The DNS can contain bogus info (including MX records).
Well if the MX record is wrong, you won't get any email anyway.
2. You could be a victim of a malicious setup. For example, the primary of foo.domain puts an MX to one of your hosts protected in the way you suggest. When the secondaries have updated the zone, you get a large number of spam destined for foo.domain. Your resources may be abused, and you can even suffer a DoS. (At the same time, foo.domain may even filter out SMTP connections from you, to make sure *his* resources are not wasted...).
So they setup their *own* nameserver to spam their *own* domain using you as a relay? Not very likely.. No, the real problem is when a MX is moved to another host. Cached MX records on other nameservers will cause the mail to be sent to the old MX, which doesn't accept it anymore. This _can _ cause bounced email if you are not careful (like lowering TTL 1 day before the tranfer, etc) Mike. -- Miquel van Smoorenburg | The dyslexic, agnostic, insomniac lay in his bed miquels@cistron.nl | awake all night wondering if there is a doG