I did read in the knowledge base that larger ISP's are starting to use reverse DNS to make sure that the sender's IP yields the correct name on a reverse lookup. I ran a lookup test on our IP and it yields "h-67-100-163-220.CHCGILGM.covad.net
Here's how we block that one, by PTR domain name:
/(^h.*\.covad\.net)/ 554 ACL subscriber network
or if covad isn't consistent in the PTR labelliing, we have joker blocks:
/(.*[0-9]{2,3}\-[0-9]{1,3}\-[0-9]{1,3}.*)/ 554 ACL subscriber network
/(.*[0-9]{2,3}\.[0-9]{1,3}\.[0-9]{1,3}.*)/ 554 ACL subscriber network... which catches PTR's with any strings containing: X-X-X or X.X.X
rather than our host name. I guess the DSL provider is doing this part.
But I still can't tell from this SMTP error log if reverse DNS not matching is what is happening here.
First of all, your IP at least has an PTR record, so you won't be blocked for not having one.
But it's clearly a subscriber PTR so you are in very bad company of 1000's of subscriber IPs that send millions of spam messages. Subscriber nets are infested with home spammers, no firewalls, infected with mailer-worms, open proxies, open relays, U NAME IT, subscriber networks have it in such quantities that the amt of legit mail coming from subscriber networks is minuscule.
I suggest you relay your outbound through through covad's smtp gateway (but they may not trust you, either), or if you have a web server somewhere not on subscriber nets, relay through that, or find a commericial service or partner org. Another solution is to ask covad to delegate your subnet to your DNS, or give your mail server an IP a PTR in your domain, not covad's reverse subdomain. Or ask covad to assign you to a "business" network, with a non-subscriber PTR hostname, like something.biz.rr.com.
ie, you're not screwed, just badly positioned and identified, facing increasing difficulty getting your mail delivered with the IP/PTR domain name, but there are several solutions.
Another way to look at it, your PTR hostname being in a subscriber domain is is one negative criterion/negative weight. The trigger is half cocked, one more slip up by your server, and you'll be shot into block lists. Then you'll waste a lot of time getting unblocked, as you probably will with earthlink.
Len
_____________________________________________________________________ http://MenAndMice.com/DNS-training: San Jose; Wash DC; Dallas; Atlanta IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
