[CentOS] SPAM on the List
Devin Reade
gdr at gno.org
Sun Jul 17 17:06:41 UTC 2011
Ljubomir Ljubojevic <office at plnet.rs> wrote:
> I use it too. Reverse-DNS check is best SPAM repellent there is. Only
> mail from properly set mail servers is accepted.
That's fine if your check is that a reverse DNS entry exists,
or that the HELO/ELHO exists in forward DNS or, if your MTA is
smart enough, it does a reverse-forward* check, but if
you only check that the HELO/ELHO matches the reverse entry
then you're blocking a bunch of valid mailers because there is
no specification requirement that those two match (and they don't
in the general case).
(*) reverse-forward here means do a reverse lookup on the connecting
IP, then doing a forward lookup on the result, and then ensure that
original IP is one of the 'A' records resolved from the forward
lookup.
Devin
--
I don't suffer from insanity. I enjoy every minute of it.
More information about the CentOS
mailing list