[65608] in North American Network Operators' Group
Re: AOL rejecting mail from IP's w/o reverse DNS ?
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Wed Dec 3 12:23:31 2003
Date: Wed, 03 Dec 2003 12:08:24 -0500
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: Jeffrey Paul <jeffreypaul@diamondcard.com>
Cc: nanog@merit.edu
In-Reply-To: <6262718D3C369148944D18200671A9E52642@gfmail.groupfinancialllc.com>
Errors-To: owner-nanog-outgoing@merit.edu
Jeffrey Paul writes on 12/3/2003 11:39 AM:
>
> Perhaps I'm being naïve, but this seems like a very good way to cause spammers to suddenly start having valid PTR RRs. Thoughts?
>
A lot of spam these days comes from trojaned windows machines on dialup
/ broadband IPs.
Most ISPs in the USA and the world over already have generic PTR records
(ip-foo-bar.ppp.provider.net and such) on their dhcp pools.
So, yes, the mere presence of rDNS for an IP is not an indicator that
the traffic coming at your mailserver from that IP is not spam.
On the other hand, the absence of rDNS on an IP seems to often be
accompanied by assorted other brokenness, such as open relays / proxies
and compromised hosts.
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
