[Mimedefang] OT - Using rDNS sendmail hack - your experiences
Chris Gauch
cgauch at digicon.net
Wed Apr 27 16:02:32 EDT 2005
> As an aside, I think Carl et al have done a great job at turning around
> one of the biggest spam problems of a few years ago. I remember when most
> spam I got came from AOL.
I certainly agree there -- as an ISP receiving roughly 700k-1 million
messages per day, we receive the least amount of crap from AOL. The worst
offenders are yahoo, hotmail, and MSN in our case.
> No problems sending to AOL so far. I'm sure there are lots of other
> people in the same boat. I guess if AOL changes to full reverse
> validation then we'll be forced to degrade our domain's DNS service level
> and host it all our self.
>
> If you do strict reverse checking you'll definitely throw out valid mail.
> You'll just have to see if that's OK or how much BOFH you can get away
> with.
I would definitely caution anyone in using rDNS as a determining factor in
whether or not to accept mail. Most of our clients are small to medium
businesses -- they're always looking for the cheapest broadband, mail
hosting, web, and DNS hosting. So, some of these clients will have
completely different providers for all of the above. Adelphia, the largest
provider of broadband in our area (WNY), absolutely outright refuses to set
up custom PTR records for *any* of their clients, business or residential.
Due to several organizations now using strict rDNS checking, we've had to
host several client mail servers (MS Exchange, Lotus, Groupwise, etc.) at
our NOC in order to help these clients get around the rDNS validation (in
that case we provide the IP and the rDNS PTR for the client server, and have
to go through a pain-in-the-a$$ process of setting up VPN over DSL and cable
PVCs).
While rDNS validation is a good way to ensure that you're receiving mail
from a "valid", unique domain/network, it just causes headaches in the long
run. We simply bump the spam score by a few points whenever mail comes
through with invalid rDNS, and that has worked very well for us.
- Chris
------------------------------------------
Chris Gauch
Systems Administrator
Digicon Communications, Inc.
http://www.digiconcommunications.com
cgauch at digicon.net
More information about the MIMEDefang
mailing list