RobWMemberFebruary 25, 2008 at 6:45 am #130638
Are there any disadvantages to SAV? I have been asked to consider implementing it and I recall last year there was a risk of losing legitimate e-mail from senders that did not participate.
KillerbeMemberFebruary 25, 2008 at 6:54 am #305721
Re: Sender address verification
Well that risk is still there.
Sender Address Verification is the relatively simple process of probing each mailserver, MX record, listed for a given sender’s email address. The probe basically asks the mailservers whether or not the given sender’s email address is actually handled by that server. This probe is performed until one of the mailservers gives a definite positive or negative reply.
In general, here’s how the probe works. Let’s say your mailserver (SMTP) receives an email that indicates that it’s from “[email protected]”. In trying to deliver the email to you, the remote mailserver connects to your local mailserver and issues a “MAIL FROM: [email protected]” command. However, if you have Sender Address Verification enabled, your mailserver doesn’t just trust and take for delivery the email. Instead, it uses the domain portion of the originating email address (i.e. abcdomain.com) and queries the Domain Naming Service (DNS) about the Mail Exchange (MX) records for that domain. The DNS query would return something like the following:
The Sender Address Verification would start by connecting to the first MX server (i.e. mail.abcdomain.com) using Simple Mail Transport Protocol (SMTP). It would then go through the steps of trying to send an email to the originating address (i.e. [email protected]). This “conversation” with the remote mailserver is the “probe” mentioned earlier. If the remote mailserver accepts the recipient address as valid for receiving emails, your local mailserver accepts the original email for delivery. Conversely, if the remote mailserver rejects the recipient address, your mailserver simply discards the email. This probe continues through the list of servers listed in the MX records until either a positive or negative response is received.
You must be logged in to reply to this topic.