Filtering on missing rDNS and rDNS that doesn't resolve to the hostname
is one of the few spam-fighting tools available. Spamassassin and
blacklists such as Spamhaus's bundled xbl help to some extent, but their
abilities are limited.
Several years ago, AOL started filtering rDNS. If it didn't resolve, it
rejected the connection. Since then virtually all the big ISPs and most
of the smaller ISPs that have modern MTA software filter rDNS. My logs
show that every single rejection based on rDNS is garbage mail--no
collateral damage.
I do agree that most ISPs won't delegate rDNS. But if you're using a
biz-class service, they'll gladly set the rDNS for you. Those who buy
class C service do get it delegated.
Ben
Phil Leinhauser wrote:
I have found that filtering mail that doesn't have PTR (Reverse) is not a good
idea. Most service providers don't give you the delegation for the reverse so
therefore you have to contact them to set it for you in their servers. This is
mostly because most people just don't understand DNS forwards enough and
reverse can be a bit more tricky. Just because you may have PTR records in
your DNS server does not mean you have the delegation for that IP or range. In
otherwords, it will only be effective for users on your own network, the
Internet itself will not know about it.
If you decide to block by no Rdns, you should expect problems getting mail from
some of the medium to lower level legitimate post offices. In fact, I would
bet better than half of the Qmail users here don't have their Rdns setup
correctly and would be blocked by no Rdns filters.
Phil
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
