gdsawyer

The MX solution is a good idea, but it may also reject legitimate posters. We tried this at work, and we uncovered some flaws.

The MX record effectively is an alias for a general domain name to a specific mail server so that senders don’t have to remember that your mail server is “mymailserver.example.com” when sending email — they can just send to “example.com” and the MX entries for the domain will automatically pull up an email server.

The problem is — as we found out — that there are a fair number of domains out there that do not use MX records. Apparently, it is their policy to specify the name of the actual mail server machine in the address. Thus, as a fallback, you have to query the domain for a DNS A or CNAME record. Most mail transport agents such as Sendmail and Postfix automatically retry for an A if DNS doesn’t return an MX, but it does not look like the getmxrr() function does.

From what I’ve seen, the poker folk like to completely spoof their email addresses, and the domain portion of the address is some odd hexadecimal string that looks like an encryption key. So their addresses will fail no matter what type of DNS record you query for the domain. Its just those folk who come from odd domains that may be affected. (Anyone coming from the RoadRunner domains will definitely be affected, e.g. ny.rr.com, rochester.rr.com, etc.)