[45938] in North American Network Operators' Group
Re: Reverse DNS and SMTP
daemon@ATHENA.MIT.EDU (Paul Timmins)
Thu Feb 28 19:29:02 2002
Message-Id: <5.1.0.14.2.20020228192920.01add430@new.workbench.net>
Date: Thu, 28 Feb 2002 19:29:47 -0500
To: Nicole Harrington <nmh@daemontech.com>,
Jared Mauch <jared@puck.Nether.net>, nanog@merit.edu
From: Paul Timmins <paul@timmins.net>
Cc: Patrick Muldoon <doon@inoc.net>,
Daniel Lark <dlark@elmresources.com>
In-Reply-To: <XFMail.020228162902.nmh@daemontech.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
http://www.spambouncer.org
I have no connection to this software other than being a satisfied user.
-Paul
At 07:29 PM 2/28/2002, Nicole Harrington wrote:
> Hi
> Does anyone know of a program that can flag such things and alter mail
> headers
>on the fly like this?
>
>
> Nicole
>
>
>On 28-Feb-02 Unnamed Administration sources reported Jared Mauch said :
> >
> > On Thu, Feb 28, 2002 at 01:35:09PM -0700, Daniel Lark wrote:
> >>
> >> You are most correct, it is definitely a double edged sword. Let's say
> >> you try to reverse DNS on an address who's nameserver is down or
> >> otherwise unreachable, what then? Some admins I know deliberately do run
> >> reverse DNS as they view it as system cracker tool, or they feel it is
> >> an unwarranted load, RFCs be damned. Is this admin decision the fault of
> >> the user?
> >
> > Use a non clueless isp. the market is fairly saturated in
> > most places with service providers.
> >
> >> You are not first one to try this. I have tried this myself and a
> >> financial type didn't get an important email because of it. You know the
> >> rest of the story.
> >
> > What I do is format my smtp headers such that a very simple
> > regex can find mail with no reverse dns and dump it in a spam folder.
> > I find this catches a lot of the messages.
> >
> > I try and let people know but for example, I am unable to
> > find anyone at American Express or NWA that can fix their dns.
> > (others are prompt in fixing their dns problems).
> >
> >> A better solution is to check the ip and see if it is an MX record for
> >> the domain the mail purports to be from.
> >
> > This has a number of flaws. I won't delve into them though.
> >
> >> Just my opinion, and I could wrong.
> >
> > - Jared
> >
> >>
> >> -dan
> >>
> >> -----Original Message-----
> >> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
> >> Patrick Muldoon
> >> Sent: Thursday, February 28, 2002 1:15 PM
> >> To: nanog@merit.edu
> >> Subject: Reverse DNS and SMTP
> >>
> >>
> >> We have recently implemented a policy on our mail servers of not
> >> accepting mail from hosts that do not correctly resolve via reverse DNS.
> >> While we on the technical side love the idea, there have been some
> >> questions from the business side of the house.
> >>
> >> If an ISP who doesn't have reverse DNS setup correctly on their
> >> mail servers, we point them to the RFC's and generally offer to help
> >> them correct it.
> >> We have noticed that our spam has reduced drastically, and the
> >> complaints are few, but alas this is a double edged sword, where if you
> >> even block 1 legitimate e-mail out of the 100K+ that we receive daily,
> >> someone is going to complain.
> >>
> >> Just curious if anybody here is doing the same and the response that
> >> they have had from doing so. Replies off list are fine and I will
> >> summarize if people are interested.
> >>
> >> Thanks,
> >> Patrick
> >>
> >> --
> >> Patrick Muldoon, Network/Software Engineer
> >> INOC, LLC
> >> doon@inoc.net
> >>
> >> Press Ctrl-Alt-Del now for IQ test.
> >>
> >>
> >
> > --
> > Jared Mauch | pgp key available via finger from jared@puck.nether.net
> > clue++; | http://puck.nether.net/~jared/ My statements are only mine.
>
>
>
> |\ __ /| (`\
> | o_o |__ ) )
> // \\
> Daemon Technologies(tm) | Phone: 510.895.9667
> nicole@daemontech.com |
>-------------------(((---(((-----------------------
> - Powered by FreeBSD -
> Email, DNS, SiteHosting, FTP Services,
> Dedicated Servers, Co-Location, and a Lot More
>------------------------------------------------------
> " Daemons" will now be known as "spiritual guides"
>-Politically Correct UNIX Page
