nanog mailing list archives
Re: Incoming SMTP in the year 2017 and absence of DKIM
From: Owen DeLong <owen () delong com>
Date: Thu, 30 Nov 2017 10:01:32 -0800
On Nov 30, 2017, at 09:55 , Bjørn Mork <bjorn () mork no> wrote: Steve Atkins <steve () blighty com> writes:On Nov 30, 2017, at 1:22 AM, Bjørn Mork <bjorn () mork no> wrote: "John Levine" <johnl () iecc com> writes:Broken rDNS is just broken, since there's approximately no reason ever to send from a host that doesn't know its own name.rDNS is not a host attribute, and will therefore tell you exactly nothing about the host.It tells you something about the competence of the operator and whether the host is intended by the owners to send email.No. It only tells you something about the administrative split between IP address management and host management. There is no way my laptop is going to be able to update the rDNS for all addresses it will use in different networks. This does in no way affect its MTA configuration.
Perhaps a better way to word it is “It tells us something about whether the machine is likely to possess properties which make it generally undesirable for us to accept messages from it directly.” I, for one, have no interest in accepting messages into my mail server directly from your laptop, even if they are legitimately from you to me. I’m perfectly happy to insist that you go via an MTA hosted in a more permanent location on your side first in order to avoid receiving messages directly from the much larger quantity of incompetently administered mailservers, many of which I suspect are not intended by their owners (distinct from their pwn3rs) to be mail servers at all.
Or, for a more empirical way to look at it, there's reasonable correlation between having missing, generic or incorrect reverse DNS and the host being a source of unwanted or malicious email.Really? Where did you get those numbers? This is a myth. Spam sources are average Internet hosts. The split between working and non-working rDNS is mostly between IPv4 and IPv6, not between ham and spam. And if there is some correlation there, then I'd say that an IPv4 host is more likely to be a spam source than a dual stack or IPv6 only host.
Really? Most of my hosts have working rDNS for both v4 and v6. As to an IPv4 host being a more likely source of SPAM, I’m not convinced about that, either given the amount of SPAM that hits my mailserver via IPv6. Owen
Current thread:
- Re: Incoming SMTP in the year 2017 and absence of DKIM, (continued)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John R. Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Bjørn Mork (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Rich Kulawiec (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Steve Atkins (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Bjørn Mork (Dec 01)
- RE: Incoming SMTP in the year 2017 and absence of DKIM Keith Medcalf (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Owen DeLong (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Owen DeLong (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Owen DeLong (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John R. Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM valdis . kletnieks (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Owen DeLong (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM bzs (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
- Re: lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)