RFC2505: Anti-Spam Recommendations for SMTP MTAS (BCP30) Anti-spam recommendation for SMTP MTAS 1) Must Be Able To Restrict Unauthorized Use As Mail Relay. Must limit unauthenticated email forwarding
2) Must Be Able To Provide "Received:" Lines with enough information to make it it), despite spammers use forged host name in Helo Statements etc. Must be available with "Received:" line with complete information. To track the path of the message, even if spammers use false hostnames in helo commands or other places. 3) Must Be Able To Provide Local Log Information That Makes It Possible To Trace The EventAfterWards. You must provide a local log for tracking events later.
4) SHOULD BE ABLE TO LOG All Occurrence of Anti-relay / Anti-spam Actions. You should be able to record all reverse / anti-garbage action event details
5) Should Be Able To Refuse Mail from a host or a group of hosts. You should be able to refuse mail from a particular host or a set of specific hosts
6A) Must Not Refuse "Mail from: <>". You can't reject mail similar to the mail from: "mail from: <>" form
6b) Must Not Refuse "Mail from:
7a) Should Be Able To Refuse Mail from A Specific "Mail from:" User,
7B) SHOULD be Able To Refuse Mail from an entire "Mail from:" Domain <. * @ Domain.example>. You should be able to reject all mail from specific domains in the Mail from command
8) Should Be Able To Limit ("Rate Control") Mail Flow. You should limit mail traffic (rate control)
9) Should Be Able To Verify "Mail from:" Domain (Using DNS or Other Means). You should check the legality of the domain in the Mail from (using DNS or other means)
10) Should Be Able To Verify
12) Should Be Able To Control SMTP ETRN. Should be able to control the use of SMTP's ETRN command
13) Must Be Able To Configure to Provide Different Return Codes for Different Rules (EG 451 Temp Fail vs 550 Fatal Error) Must be able to provide different response code by configuring different rules (classes such as Temp Fail vs 550 Fatal Error) )