Mail Server best practices - was: Pandora's Box of new TLDs

Phil Regnauld regnauld at catpipe.net
Sat Jun 28 13:02:13 CDT 2008


michael.dillon at bt.com (michael.dillon) writes:
> 
> 
> http://www.maawg.org/about/MAAWG_Sender_BCP/MAAWG_Senders_BCP_Combine.pdf

	Thanks for the pointer.  I don't necessarily agree with all of it,
	but it's definitely a good reference.
	
	I just get irritated by actions that penalize end users who feel they
	don't have other options other than just using some horrible webmail
	service, because their operator/ISP is clueless.  I do make a
	distinction.

> On page 5 they do recommend matching reverse DNS and in
> Appendix A they go on to state that RFC 1912 states that
> all hosts on the Internet should have a valid rDNS entry.

	Indeed it does, but rejecting a mail based on a missing PTR
	is still arbitrarily useless (and I'm speaking in terms of
	volume of spam emanating from hosts with a missing PTR, vs
	spam origination from hosts that do have a PTR).

> Perhaps the RFC series doesn't have as many gaps as we think.

	For mail operations, we're half a galaxy away from "be conservative
	in what you send, be liberal in what you accept".

> > 	absurd, but I guess colateral damage is acceptable.  
> 
> If collateral damage is acceptable, then how is this
> absurd?

	Apologies, I was being sarcastic.

> Once you accept that it is better to reject
> good email than let bad email through, the game has
> changed. It may end up by destroying the business usefulness
> of the existing email architecture, but not without a
> push from someone who has a better mousetrap.

	Yep.

> This is quite simply, wrong. It is warranted.

	Not agreeing :)  But fair enough, any site is allowed to operate
	mail the way it wants.

> > Don't go preaching
> > 	it as a best practice, though.
> 
> Too late, the MAAWG has already published this as a best practice
> for quite some time. If you don't follow the MAAWG best practices
> then you are not a serious email operator. If email is mission
> critical to your business, then you really should be an MAAWG
> member as well.

	We work for several customers and operate large mail installations.
	We implement quite a few requirements that are fairly strict, but
	rejecting based on missing PTR is not one of them.
	Neither is blacklisting entire TLDs for that matter, but I digress.
	I still feel like a serious mail operator, just because I don't
	conclude that I as the receiver should reject mail from a host with
	a missing PTR, because the MAAWG *Senders* BCP says that hosts
	should have a reverse.

	Phil





More information about the NANOG mailing list