[Mimedefang] OT: DNS sanity check
John Rudd
john at rudd.cc
Fri Jul 6 12:01:49 EDT 2007
Jeff Rife wrote:
> On 5 Jul 2007 at 12:01, John Rudd wrote:
>
>>> Look at the messages that are being rejected solely because of the
>>> extra 5 points you score for bad DNS. I'm willing to bet that this is
>>> a very small number of messages.
>> It's not. Further, it means that the message had to be both spammy
>> enough to score a 5 on its own, AND come from a host with poorly managed
>> DNS. That really does narrow down the field.
>
> You still misunderstand.
>
> Count the number of messages that you reject *solely* because of the
> bad DNS check. If you can't figure out how to do this, you will always
> misunderstand. If you do figure it out, you will see that the number
> is much smaller than you believe.
No, I do understand. You're just wrong. I do get those statistics in a
nightly report. The rate of you're talking about varies between 25% and
50% (yesterday was 40%) of all of the ones that were rejected. And of
last night's 40%, none were false positives.
(the "flagged for no ptr record at all, and rejected for a score between
10 and 15" group was 15%)
Don't assume that because I don't come to the same conclusion that you
do that I don't understand. That's just condescending.
> Configured not to be null...yes. Configured so that reverse and
> forward mappings match up...not nearly as often as you think. For
> example, mine would fail that test because I have an ISP that won't
> change reverse DNS.
that doesn't mean you can't have matching forward and reverse entries.
You could have:
myhost.exmaple.com IN A W.X.Y.Z
Z.X.Y.W.in-addr.arpa IN PTR isphost.isp.net
isphost.isp.net IN A W.X.Y.Z
Now you've got both a personal/customized domain, AND matching PTR and A
records, even though the ISP wont customize your PTR record.
More information about the MIMEDefang
mailing list