[RPZ] RPZ and MX

Fred Morris m3047 at m3047.net
Fri Jun 1 21:51:48 UTC 2012

On Fri, 1 Jun 2012, Alan Doherty wrote:
> (as yes rpz can be served to a mailserver, IF and ONLY if its responses
> have been tailored so it isn't claiming to senders that "their domain
> dosn't exist"

Can you point me to an RFC which covers this response code? I think what
you're talking about is a common check, but I don't think it's in any RFC

> when it should be claiming "we are not accepting mail from
> your domain due to policy"

Too much information in my opinion.

In summary rejecting mail because their domain doesn't exist, OR FOR ANY
OTHER SIMILAR REASON such as internally (within my organization) as NX
*is* policy based rejection.


Fred Morris

More information about the DNSfirewalls mailing list