[RFC] Anti-Spam Recommendations for SMTP MTAS (BCP30) for anti-spam recommendations for SMTP MTAS

xiaoxiao2021-03-06  113

RFC2505: Anti-Spam Recommendations for SMTP MTAS (BCP30) Anti-spam recommendation for SMTP MTAS 1) Must Be Able To Restrict Unauthorized Use As Mail Relay. Must limit unauthenticated email forwarding

2) Must Be Able To Provide "Received:" Lines with enough information to make it it), despite spammers use forged host name in Helo Statements etc. Must be available with "Received:" line with complete information. To track the path of the message, even if spammers use false hostnames in helo commands or other places. 3) Must Be Able To Provide Local Log Information That Makes It Possible To Trace The EventAfterWards. You must provide a local log for tracking events later.

4) SHOULD BE ABLE TO LOG All Occurrence of Anti-relay / Anti-spam Actions. You should be able to record all reverse / anti-garbage action event details

5) Should Be Able To Refuse Mail from a host or a group of hosts. You should be able to refuse mail from a particular host or a set of specific hosts

6A) Must Not Refuse "Mail from: <>". You can't reject mail similar to the mail from: "mail from: <>" form

6b) Must Not Refuse "Mail from: ". You can't reject the Mail from command to: "mail from: " form

7a) Should Be Able To Refuse Mail from A Specific "Mail from:" User, . You should be able to reject mail from specific email addresses or users from specific email or users

7B) SHOULD be Able To Refuse Mail from an entire "Mail from:" Domain <. * @ Domain.example>. You should be able to reject all mail from specific domains in the Mail from command

8) Should Be Able To Limit ("Rate Control") Mail Flow. You should limit mail traffic (rate control)

9) Should Be Able To Verify "Mail from:" Domain (Using DNS or Other Means). You should check the legality of the domain in the Mail from (using DNS or other means)

10) Should Be Able To Verify in outgoing mail. The legitimacy of the local part should be able to check the legitimacy of the local part 11) Should Be Aable To Control SMTP VRFY and EXPN. You should control the SMTP's VRFY and EXPN commands. use

12) Should Be Able To Control SMTP ETRN. Should be able to control the use of SMTP's ETRN command

13) Must Be Able To Configure to Provide Different Return Codes for Different Rules (EG 451 Temp Fail vs 550 Fatal Error) Must be able to provide different response code by configuring different rules (classes such as Temp Fail vs 550 Fatal Error) )

转载请注明原文地址:https://www.9cbs.com/read-126184.html

New Post(0)