ideajam: SMTP whitelist should trump verify connecting hostname in DNSPlease vote to promote this (for these very good reasons).
Update: Not bad so far, thanks. But let's see if we can get this into the hot list on the side bar at ideajam. At the time of this update, the score stood at 21 and the lowest scoring ideas in the side bar hot list were at 39, so this would currently require at least another 18 net promotions *.
* ideally 18 promotions and no demotions 
Category: Domino
Technorati: DNS Domino Idea+Jam SMTP Whitelist
1. Mark Gottschalk30/11/2007 08:03:25
Homepage: http://www.2roads.com
Excellent idea. It's the way the whitelist function should have worked in the first place.
BTW, I've noted here before that you can crudely achieve this result if you host your own internal DNS. Our inward facing DNS server is private and does not provide service to the internet. By "faking" PTR records in this DNS server for legit sites from which we want to receive mail but are missing their own valid reverse-DNS records, we trick Domino into accepting this mail while enabling the powerful "verify connecting hostname in DNS" function.
We don't receive legit mail from Asia or parts of the world where it is more common for mail servers to be missing PTR records, so managing the whitelisting in DNS has been simple. I've entered eight (8) "fake" reverse-DNS records in probably six months to accomodate clients who can't seem to get their DNS working properly. That's it.
An actual whitelist capability in Domino would be better. But for those who receive little to zero legit mail from servers with missing PTR records, doing the "fake DNS record" thing works fine.
2. Chris Linfoot30/11/2007 08:36:10
You are right about the fake DNS thing, but it doesn't scale and would be unmanageable here.
Unable to post a comment? Please read this for a possible explanation...
- 
