On Fri, 23 Mar 2007 18:39:59 -0400 (EDT) Dean wrote: DA> Real anti-spam groups at large ISPs don't use reverse DNS for spam DA> filtering. There have been attempts to do so in the past, but those DA> ended in (sometimes well-publicized) disasters.
This is patently and provably false. AOL clearly states that "AOL's mail servers will reject connections from any IP address that does not have reverse DNS (a PTR record)." and "AOL's mail servers will not accept connections from systems that use dynamically assigned or residential IP addresses." [1] (I don't know how they are determining 'dynamically assigned or residential IP addresses', so that may or may not be via reverse DNS.) SpamHaus is a rather well know spam-fighting organization, and they clearly state that having reverse DNS is 'highly desirable.' [2] DA> Assuming an 'apparent inability to update reverse tree' is a false DA> assumption: But you can't dictate other peoples assumptions. Assumptions are often based on ones personal experiences, and it's perfectly reasonable for different people to make different assumptions. DA> The fact that the reverse tree doesn't match something the DA> remote site thinks should be there, doesn't mean that the IP address DA> user is unable to update the reverse. Nobody is saying that that is the case. What the spam-fighters are saying is "based on my own experiences, more often than not a system (without reverse DNS|with a reverse DNS record matching a certain pattern) is not a valid source of mail." In some cases, they may be wrong. But its their decision to make. DA> Further, the definition of what is useful to the IP user doesn't have to DA> be "useful" to the remote site for spam-filtering. Indeed. Neither side can force the other side to do what they want. But a mail admin is completely within their rights to say "if you can't bother to provide reverse DNS, I won't accept your mail." This is no different that a restaurant with a "No shirt, no shoes, no service" policy. DA> So reverse DNS entries provide no information on which a spam-score can DA> be based. This is why using reverse DNS for spam-scoring has been a DA> disaster everytime it has been tried. [the proponents who say it works DA> don't use it on a large scale, and don't care if a great deal non-spam, DA> legitimate email is lost] I again refer you to [1], which is certainly a large scale mail system. You appear to want this draft to represent a perfect utopian world, where the authors and other proponents of the draft want to represent the real world. In the real world, lack of reverse DNS can have negative consequences. This is explained in the draft so that the reader can make an informed decision about whether or not to provide reverse DNS. [1] http://www.postmaster.aol.com/guidelines/standards.html [2] http://www.spamhaus.org/faq/answers.lasso?section=ISP%20Spam%20Issues#128 -- Robert Story SPARTA
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop