(was: Re: dnsbls) For several years we've applied a VERY high degree of distrust for mails with automatically-generated rDNS. We understand many other sites do similar. Experience suggests such connections stand an extremely high chance of being spam. Granted, this is not perfect, and we happily whitelist any legit mail servers with generic hostnames where we encounter them. But the overwhelming majority of such attempts are spamming or virus-infected machines.
There is also an issue of accountability. Say we encounter an abuse or security problem involving a host (which might be a legit mailserver) with generic rDNS, e.g: cust-11-22-33-44.dsl.mega-isp.net Who should we contact to report the problem or incident ?? The sender details on any spam/virus email received are almost certainly counterfeit. So, the rDNS may well be the only thing we have to go on. Attempting to contact someone at the ISP itself (ie. [EMAIL PROTECTED]) sadly isn't likely to get us very far, especially in the case of massive global telecoms companies (zen might be different). In general, in such a siutation, we're kinda stuck. Hence, for an important resource like a mail server, we advise configuring a specific rDNS name - such as "somthing.yourdomain.org" or even better "mailout1.yourdomain.org". In which case it's immediately clear that [EMAIL PROTECTED] or [EMAIL PROTECTED] would be suitable contacts. Martin A. Brooks wrote: | So, if i understand your argument correctly, if the PTR were | "z0mgpuppieslolzw000000000000pony.antibodymx.net", that would make my | email somehow more likely to be legitimate? Clearly *your* email is legitimate. But, percentage-wise, a hostname like that is probably less likely to be spamming than an obvious generic name. | How do you know that "z0mgpuppieslolzw000000000000pony" isn't somehow | derived from the IP address? Short anwer: you don't. Correct - we don't know. But that's not a problem. If a spammer were to use a name like that, then yes, it would incorrectly *pass* the generic hostname test. But hopefully we'd catch it out on something else. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
