[Mimedefang] OT: DNS sanity check

Jeff Rife mimedefang at nabs.net
Thu Jul 5 22:10:33 EDT 2007 

On 5 Jul 2007 at 12:01, John Rudd wrote:

> > Look at the messages that are being rejected solely because of the 
> > extra 5 points you score for bad DNS.  I'm willing to bet that this is 
> > a very small number of messages.
> 
> It's not.  Further, it means that the message had to be both spammy 
> enough to score a 5 on its own, AND come from a host with poorly managed 
> DNS.  That really does narrow down the field.

You still misunderstand.

Count the number of messages that you reject *solely* because of the 
bad DNS check.  If you can't figure out how to do this, you will always 
misunderstand.  If you do figure it out, you will see that the number 
is much smaller than you believe.

I say this because I *also* mark up at an SA score of 5 and reject at 
10, and end up with less than 1% of messages delivered being marked up 
as spam.  It's very, very, *very* unlikely that all that I deliver 
marked as spam would *all* hit your "bad DNS" rule, and even if they 
did, that's still only 1% of all messages total.

As an example, the one spam that got through today had the following 
characteristics:

Connecting IP: 80.55.105.126
Reverse DNS:   tb126.internetdsl.tpnet.pl
DNS of above:  80.55.105.126
HELO:          tb126.internetdsl.tpnet.pl 

> > Second, it's very likely that that in that small number of messages, 
> > the the number of false positives is rather high, simply because the 
> > total number of messages is small and the primary reason for rejection 
> > has a *huge* false positive rate.
> 
> I can't speak for the internet as a whole, but it does NOT have a huge 
> false positive rate.  It has a _tiny_ false positive rate.  Most 
> legitimate outbound email servers do appear to have their DNS properly 
> configured.

Configured not to be null...yes.  Configured so that reverse and 
forward mappings match up...not nearly as often as you think.  For 
example, mine would fail that test because I have an ISP that won't 
change reverse DNS.


--
Jeff Rife | "She just dropped by to remind me that my life 
          |  is an endless purgatory, interrupted by profound 
          |  moments of misery." 
          |         -- Richard Karinsky, "Caroline in the City"

More information about the MIMEDefang mailing list