North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Reverse DNS and SMTP
On Thu, Feb 28, 2002 at 01:35:09PM -0700, Daniel Lark wrote: > > You are most correct, it is definitely a double edged sword. Let's say > you try to reverse DNS on an address who's nameserver is down or > otherwise unreachable, what then? Some admins I know deliberately do run > reverse DNS as they view it as system cracker tool, or they feel it is > an unwarranted load, RFCs be damned. Is this admin decision the fault of > the user? Use a non clueless isp. the market is fairly saturated in most places with service providers. > You are not first one to try this. I have tried this myself and a > financial type didn't get an important email because of it. You know the > rest of the story. What I do is format my smtp headers such that a very simple regex can find mail with no reverse dns and dump it in a spam folder. I find this catches a lot of the messages. I try and let people know but for example, I am unable to find anyone at American Express or NWA that can fix their dns. (others are prompt in fixing their dns problems). > A better solution is to check the ip and see if it is an MX record for > the domain the mail purports to be from. This has a number of flaws. I won't delve into them though. > Just my opinion, and I could wrong. - Jared > > -dan > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Patrick Muldoon > Sent: Thursday, February 28, 2002 1:15 PM > To: [email protected] > Subject: Reverse DNS and SMTP > > > We have recently implemented a policy on our mail servers of not > accepting mail from hosts that do not correctly resolve via reverse DNS. > While we on the technical side love the idea, there have been some > questions from the business side of the house. > > If an ISP who doesn't have reverse DNS setup correctly on their > mail servers, we point them to the RFC's and generally offer to help > them correct it. > We have noticed that our spam has reduced drastically, and the > complaints are few, but alas this is a double edged sword, where if you > even block 1 legitimate e-mail out of the 100K+ that we receive daily, > someone is going to complain. > > Just curious if anybody here is doing the same and the response that > they have had from doing so. Replies off list are fine and I will > summarize if people are interested. > > Thanks, > Patrick > > -- > Patrick Muldoon, Network/Software Engineer > INOC, LLC > [email protected] > > Press Ctrl-Alt-Del now for IQ test. > > -- Jared Mauch | pgp key available via finger from [email protected] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
|