DNS: Sends No Mail

I really wish there was a way to indicate, in DNS, that a domain never sends mail.

That way, if a mail server recieves mail claiming to be from that domain, it can be discarded out of hand.

I’ve got a bunch of domains that JUST do web serving … they never send mail.  If the web server that they are hosted on does send mail, it’s sent from via the midrange.com mail server (and is identified as such).

If I could indicate that the domain’s never send mail … I could avoid any possible false positive spam reports (of course, since the server’s that are on the hosts A record don’t process mail for those domains, any possible reports go nowhere anyways).

Theoretically, you can create (and I have) a SPF record that indicates that the domain doesn’t send mail …

v=spf1 -all

… but I don’t think it’s widely recognized.  It doesn’t seem to be supported in SpamAssassin.  This SPF record indicates that no mail servers are allowed to send mail for this domain and the SPF routines should discount any that do.

There was, a number of years ago, a RFC proposal for a ‘Null MX‘ … but that just indicates the server won’t receive mail.  This proposal didn’t go anywhere … and wouldn’t solve my particular quandry anyways.

Maybe the IETF should create a special domain name that DNS server’s could use as a MX record that indicates the domain sends no mail.  Something like ‘nomail.example.com’.  Any mail server that receives a mesage from a domain that uses that MX records would simply reject the mail.

Hmmm … I wonder how hard it is to submit a RFC?

 

One thought on “DNS: Sends No Mail

  1. Jonathan Angliss

    SpamAssassin has supported SPF since 3.0 via a plugin if I remember correctly, and ups the score.

    I liked SPF when it came out, but then realized it was used extensively by spammers over regular users. I found the same with DKIM.

    It would be handy to specify a “no sender domain”.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *