> I don't think they check for the reverse lookup matching the forward. > If they do, it will break way too many legitimate servers. They may > be bouncing mail with NO reverse lookup (I do that myself)
Technically it is not legitimate unless the A matches the PTR record. No 2 ways about it. > Sounds like they may be using the MAPS (Mail Abuse Prevention System) > DUL (Dial Up Listing). Most of the addresses on this list were > reported to the list by the ISP's responsible for them. And lots of > systems other than AOL use this list. Yeah, but ISPs are constantly adding new pools, phasing out old pools et cetera, the ISPs may not even own this block of IP anymore and it could be assigned to a Co-Lo someplace and peoples' mail could be getting rejected because sometime in the past it was announced as a DUL pool. > If they are using the MAPS DUL, they are in good company and it does > stop a lot of spam. Not as much as it used to, but still quite a bit. > Enough so that most spammers are now abusing open proxies rather than > sending direct to mx or using open relays. This is true, with the advent of the vulnerability that SQL slammer abused, I've seen countless instances of people injecting masked port 25 proxies into windows machines. Its probably the most common vulnerability i've seen abused in the last 2-3 months. -Drew -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
