nanog mailing list archives

RE: Reverse DNS RFCs and Recommendations

From: "Tony Hain" <alh-ietf () tndh net>
Date: Thu, 31 Oct 2013 15:49:56 -0700

John Levine wrote:

Right.  Spam filtering depends on heuristics.  Mail from hosts without
matching forward/reverse DNS is overwhelmingly bot spam, so checking for
it is a very effective heuristic.


Leading digit is clearly in widespread use beyond 3com & 1and1. One of the most effective heuristics in my acl list is:
\N^.*@\d{3,}\.(cn|com|net|org|us|asia)

In the last few hours it has picked off multiple messages from each of these:
Carol28 () 8447 com
Jeff17 () 3550 com
Ronald79 () 0785 com
Kevin57 () 2691 com
Deborah76 () 3585 com
Kimberly34 () 5864 com
Sarah94 () 0858 com
zavfdv () 131 com
qgmklyysyn () 163 com
pjpeng () 163 com
fahuyrw () 163 com
Daniel57 () 4704 com
Helen95 () 2620 com

Current thread:

Re: Reverse DNS RFCs and Recommendations, (continued)
- - - Re: Reverse DNS RFCs and Recommendations Joe Abley (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Scott Howard (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Mark Andrews (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations William Herrin (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Valdis . Kletnieks (Oct 30)
    - Re: Reverse DNS RFCs and Recommendations Barry Shein (Oct 30)
  - Re: Reverse DNS RFCs and Recommendations Matthias Leisi (Oct 30)
- Re: Reverse DNS RFCs and Recommendations Masataka Ohta (Oct 30)
- Re: Reverse DNS RFCs and Recommendations Stefan Förster (Oct 30)
  - Re: Reverse DNS RFCs and Recommendations John Levine (Oct 31)
    - RE: Reverse DNS RFCs and Recommendations Tony Hain (Oct 31)
    - Re: Reverse DNS RFCs and Recommendations John Levine (Oct 31)
    - Re: Reverse DNS RFCs and Recommendations Scott Howard (Oct 31)