Reverse DNS and SMTP

• Previous message (by thread): Reverse DNS and SMTP
• Next message (by thread): Reverse DNS and SMTP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 28, 2002 at 01:35:09PM -0700, Daniel Lark wrote:
> 
> You are most correct, it is definitely a double edged sword. Let's say
> you try to reverse DNS on an address who's nameserver is down or
> otherwise unreachable, what then? Some admins I know deliberately do run
> reverse DNS as they view it as system cracker tool, or they feel it is
> an unwarranted load, RFCs be damned. Is this admin decision the fault of
> the user?

	Use a non clueless isp.  the market is fairly saturated in
most places with service providers.

> You are not first one to try this. I have tried this myself and a
> financial type didn't get an important email because of it. You know the
> rest of the story.

	What I do is format my smtp headers such that a very simple
regex can find mail with no reverse dns and dump it in a spam folder.
I find this catches a lot of the messages.

	I try and let people know but for example, I am unable to
find anyone at American Express or NWA that can fix their dns.
(others are prompt in fixing their dns problems).

> A better solution is to check the ip and see if it is an MX record for
> the domain the mail purports to be from.

	This has a number of flaws.  I won't delve into them though.

> Just my opinion, and I could wrong.

	- Jared

> 
> -dan
> 
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
> Patrick Muldoon
> Sent: Thursday, February 28, 2002 1:15 PM
> To: nanog at merit.edu
> Subject: Reverse DNS and SMTP
> 
> 
> 	We have recently implemented a policy on our mail servers of not
> accepting mail from hosts that do not correctly resolve via reverse DNS.
> While we on the technical side love the idea, there have been some
> questions from the business side of the house.  
> 
> 	If an ISP who doesn't have reverse DNS setup correctly on their
> mail servers, we point them to the RFC's and generally offer to help
> them correct it.  
> 	We have noticed that our spam has reduced drastically, and the
> complaints are few, but alas this is a double edged sword, where if you
> even block 1 legitimate e-mail out of the 100K+ that we receive daily,
> someone is going to complain.   
> 
> Just curious if anybody here is doing the same and the response that
> they have had from doing so.  Replies off list are fine and I will
> summarize if people are interested.  
> 
> Thanks, 
> Patrick
> 
> --
> Patrick Muldoon, Network/Software Engineer
> INOC, LLC
> doon at inoc.net
> 
> Press Ctrl-Alt-Del now for IQ test.
> 
> 

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

• Previous message (by thread): Reverse DNS and SMTP
• Next message (by thread): Reverse DNS and SMTP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]