Re: educating rDNS violators

[Derek Schaible <dschaible () cssiinc com>]

On Mon, 2004-08-23 at 15:17, token wrote:

>   However, I'm not sure exactly how this is suppose to stop spam. 
> Most implementations I've seen just check to see if a reverse DNS
> entry exists.   You can put anything you want in there.  Only the
> implementations that check that a reverse DNS record exists and then
> checks that the forward resolves to the same IP seem to do any good.

The way this helps spam reduction is that the vast majority of spam
comes from exploited machines running rogue MTAs or some script kiddie
on their DSL or cable modem. Such hosts will typically not have a valid
rDNS entry. Additionally, if a company is sending legitimate email they
will have no issues with you verifying their hosts in this manner. Many
spam attempts will spoof a name of an smtp server that most people will
allow. Adding rDNS stops this action.

Mail servers should have correct DNS info. Forward and reverse. It is
the sysadmin's responsibility to ensure that their systems are
configured properly. Period.

Of course, there are some companies with correctly configured DNS who
are spam friendly and this tactic will not block them. However, those
companies are few in comparison to the hacked/violated/kiddie machines
that will not have correct DNS info. These spam-friendly systems with
correct DNS info are trivial to black list.

Hope this helps, too!

-- 
Derek Schaible <dschaible () cssiinc com>
CSSI, Inc.

Attachment: signature.asc
Description: This is a digitally signed message part