[105663] in North American Network Operators' Group
Re: Mail Server best practices - was: Pandora's Box of new TLDs
daemon@ATHENA.MIT.EDU (Phil Regnauld)
Sat Jun 28 14:02:25 2008
Date: Sat, 28 Jun 2008 20:02:13 +0200
From: Phil Regnauld <regnauld@catpipe.net>
To: michael.dillon@bt.com
In-Reply-To: <C0F2465B4F386241A58321C884AC7ECC06E1E29B@E03MVZ2-UKDY.domain1.systemhost.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
michael.dillon@bt.com (michael.dillon) writes:
>
>
> http://www.maawg.org/about/MAAWG_Sender_BCP/MAAWG_Senders_BCP_Combine.pdf
Thanks for the pointer. I don't necessarily agree with all of it,
but it's definitely a good reference.
I just get irritated by actions that penalize end users who feel they
don't have other options other than just using some horrible webmail
service, because their operator/ISP is clueless. I do make a
distinction.
> On page 5 they do recommend matching reverse DNS and in
> Appendix A they go on to state that RFC 1912 states that
> all hosts on the Internet should have a valid rDNS entry.
Indeed it does, but rejecting a mail based on a missing PTR
is still arbitrarily useless (and I'm speaking in terms of
volume of spam emanating from hosts with a missing PTR, vs
spam origination from hosts that do have a PTR).
> Perhaps the RFC series doesn't have as many gaps as we think.
For mail operations, we're half a galaxy away from "be conservative
in what you send, be liberal in what you accept".
> > absurd, but I guess colateral damage is acceptable.
>
> If collateral damage is acceptable, then how is this
> absurd?
Apologies, I was being sarcastic.
> Once you accept that it is better to reject
> good email than let bad email through, the game has
> changed. It may end up by destroying the business usefulness
> of the existing email architecture, but not without a
> push from someone who has a better mousetrap.
Yep.
> This is quite simply, wrong. It is warranted.
Not agreeing :) But fair enough, any site is allowed to operate
mail the way it wants.
> > Don't go preaching
> > it as a best practice, though.
>
> Too late, the MAAWG has already published this as a best practice
> for quite some time. If you don't follow the MAAWG best practices
> then you are not a serious email operator. If email is mission
> critical to your business, then you really should be an MAAWG
> member as well.
We work for several customers and operate large mail installations.
We implement quite a few requirements that are fairly strict, but
rejecting based on missing PTR is not one of them.
Neither is blacklisting entire TLDs for that matter, but I digress.
I still feel like a serious mail operator, just because I don't
conclude that I as the receiver should reject mail from a host with
a missing PTR, because the MAAWG *Senders* BCP says that hosts
should have a reverse.
Phil
