On Wed, 25 Nov 2015 12:32:59 +0100 Matthias Apitz wrote:
> I think we can close this thread now :-) IIWY I'd still use the Botnet plugin. The absence of reverse DNS gives you three problem: 1. You have no test for the absence of rDNS 2. You have no test for the absence of full-circle DNS 3. You have no test for dynamic rDNS If I'm understanding it correctly, the patch only fixes 1, Botnet fixes all three. The same problem exists more generally with Postfix. Presumably it suppresses non-full-circle rDNS because it's easily forged - the trouble is that this also suppresses incriminating rDNS. I think this is probably a more significant problem than the inability to distinguish between no rDNS and bad rDNS. It's common that ISP dynamic rDNS isn't full-circle.