Folllow-up Test Code - Re: [Mimedefang] Potential for Businessmail servers to nothavereverse DNS

[John Rudd]

John Rudd wrote:
> 
> 
> Kevin A. McGrail wrote:
>>
>> I've taken a while to digest it for a more thorough response but 
>> really only found one issue with the fundamental differences between 
>> our approaches.
>>
>>> b) I look for elements of the IP address in the domain (or, in the 
>>> sub-domain in your case).
>>
>> I would recommend against this because large vendors like 
>> MCI/WorldComm/Verizon have gone with this naming scheme for business 
>> static users:
>>
>> static-70-21-118-207.res.east.verizon.net.
>>
> 
> My primary reaction to this is:
> 
> if their ISP wont give them a custom PTR record, then they should use 
> their ISP's SMTP server for outbound email.  This is absolutely true, 
> but lots of people bristle at the suggestion that their business mail 
> server shouldn't talk directly to the world.  So, I've been considering 
> moving those checks to filter_end and having it generate tags that 
> indicate the message should be treated as spam instead of being rejected.
> 

I meant to add one more thing there:

What I mean by "treat it as spam" is:

a) put it in my quarantine file,

b) send me a notice that it has been quarantined (notice tells me 
sender, date and subject of message)

c) let me decide if I want to fish it out of quarantine and/or whitelist 
that IP address or sender vs. leaving it in the quarantine folder for 3 
days and letting sa-learn pick it up to reinforce the spam potential.