nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reverse DNS and SMTP

From: Paul Timmins <paul () timmins net>
Date: Thu, 28 Feb 2002 19:29:47 -0500

http://www.spambouncer.org

I have no connection to this software other than being a satisfied user.
-Paul

At 07:29 PM 2/28/2002, Nicole Harrington wrote:



 Hi
Does anyone know of a program that can flag such things and alter mail headers 
on the fly like this?


  Nicole


On 28-Feb-02 Unnamed Administration sources reported Jared Mauch said :
>
> On Thu, Feb 28, 2002 at 01:35:09PM -0700, Daniel Lark wrote:
>>
>> You are most correct, it is definitely a double edged sword. Let's say
>> you try to reverse DNS on an address who's nameserver is down or
>> otherwise unreachable, what then? Some admins I know deliberately do run
>> reverse DNS as they view it as system cracker tool, or they feel it is
>> an unwarranted load, RFCs be damned. Is this admin decision the fault of
>> the user?
>
>       Use a non clueless isp.  the market is fairly saturated in
> most places with service providers.
>
>> You are not first one to try this. I have tried this myself and a
>> financial type didn't get an important email because of it. You know the
>> rest of the story.
>
>       What I do is format my smtp headers such that a very simple
> regex can find mail with no reverse dns and dump it in a spam folder.
> I find this catches a lot of the messages.
>
>       I try and let people know but for example, I am unable to
> find anyone at American Express or NWA that can fix their dns.
> (others are prompt in fixing their dns problems).
>
>> A better solution is to check the ip and see if it is an MX record for
>> the domain the mail purports to be from.
>
>       This has a number of flaws.  I won't delve into them though.
>
>> Just my opinion, and I could wrong.
>
>       - Jared
>
>>
>> -dan
>>
>> -----Original Message-----
>> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
>> Patrick Muldoon
>> Sent: Thursday, February 28, 2002 1:15 PM
>> To: nanog () merit edu
>> Subject: Reverse DNS and SMTP
>>
>>
>>      We have recently implemented a policy on our mail servers of not
>> accepting mail from hosts that do not correctly resolve via reverse DNS.
>> While we on the technical side love the idea, there have been some
>> questions from the business side of the house.
>>
>>      If an ISP who doesn't have reverse DNS setup correctly on their
>> mail servers, we point them to the RFC's and generally offer to help
>> them correct it.
>>      We have noticed that our spam has reduced drastically, and the
>> complaints are few, but alas this is a double edged sword, where if you
>> even block 1 legitimate e-mail out of the 100K+ that we receive daily,
>> someone is going to complain.
>>
>> Just curious if anybody here is doing the same and the response that
>> they have had from doing so.  Replies off list are fine and I will
>> summarize if people are interested.
>>
>> Thanks,
>> Patrick
>>
>> --
>> Patrick Muldoon, Network/Software Engineer
>> INOC, LLC
>> doon () inoc net
>>
>> Press Ctrl-Alt-Del now for IQ test.
>>
>>
>
> --
> Jared Mauch  | pgp key available via finger from jared () puck nether net
> clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



                     |\ __ /|     (`\
                     | o_o  |__  ) )
                    //      \\
 Daemon Technologies(tm)  |  Phone: 510.895.9667
 nicole () daemontech com    |
-------------------(((---(((-----------------------
            -  Powered by FreeBSD  -
     Email, DNS, SiteHosting, FTP Services,
  Dedicated Servers,  Co-Location, and a Lot More
------------------------------------------------------
 " Daemons" will now be known as "spiritual guides"
-Politically Correct UNIX Page
Previous By Date Next
Previous By Thread Next

Current thread: