nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Incoming SMTP in the year 2017 and absence of DKIM

From: Owen DeLong <owen () delong com>
Date: Thu, 30 Nov 2017 10:01:32 -0800


On Nov 30, 2017, at 09:55 , Bjørn Mork <bjorn () mork no> wrote:

Steve Atkins <steve () blighty com> writes:


On Nov 30, 2017, at 1:22 AM, Bjørn Mork <bjorn () mork no> wrote:

"John Levine" <johnl () iecc com> writes:


Broken rDNS is just broken, since there's approximately no reason ever
to send from a host that doesn't know its own name.


rDNS is not a host attribute, and will therefore tell you exactly
nothing about the host.


It tells you something about the competence of the operator and
whether the host is intended by the owners to send email.


No.  It only tells you something about the administrative split between
IP address management and host management.

There is no way my laptop is going to be able to update the rDNS for all
addresses it will use in different networks.  This does in no way affect
its MTA configuration.


Perhaps a better way to word it is “It tells us something about whether the
machine is likely to possess properties which make it generally undesirable
for us to accept messages from it directly.”

I, for one, have no interest in accepting messages into my mail server directly
from your laptop, even if they are legitimately from you to me. I’m perfectly
happy to insist that you go via an MTA hosted in a more permanent location on
your side first in order to avoid receiving messages directly from the much
larger quantity of incompetently administered mailservers, many of which I suspect
are not intended by their owners (distinct from their pwn3rs) to be mail servers
at all.


Or, for a more empirical way to look at it, there's reasonable correlation
between having missing, generic or incorrect reverse DNS and the host
being a source of unwanted or malicious email.


Really?  Where did you get those numbers?  This is a myth.  Spam sources
are average Internet hosts.  The split between working and non-working
rDNS is mostly between IPv4 and IPv6, not between ham and spam.  And if
there is some correlation there, then I'd say that an IPv4 host is more
likely to be a spam source than a dual stack or IPv6 only host.


Really? Most of my hosts have working rDNS for both v4 and v6.

As to an IPv4 host being a more likely source of SPAM, I’m not convinced about
that, either given the amount of SPAM that hits my mailserver via IPv6.

Owen
Previous By Date Next
Previous By Thread Next

Current thread: