[CentOS] SPAM on the List
Ljubomir Ljubojevic
office at plnet.rs
Sun Jul 17 21:49:08 UTC 2011
Devin Reade wrote:
> Ljubomir Ljubojevic <office at plnet.rs> wrote:
>
>> I use it too. Reverse-DNS check is best SPAM repellent there is. Only
>> mail from properly set mail servers is accepted.
>
> That's fine if your check is that a reverse DNS entry exists,
> or that the HELO/ELHO exists in forward DNS or, if your MTA is
> smart enough, it does a reverse-forward* check, but if
> you only check that the HELO/ELHO matches the reverse entry
> then you're blocking a bunch of valid mailers because there is
> no specification requirement that those two match (and they don't
> in the general case).
>
> (*) reverse-forward here means do a reverse lookup on the connecting
> IP, then doing a forward lookup on the result, and then ensure that
> original IP is one of the 'A' records resolved from the forward
> lookup.
>
> Devin
I only check reverse DNS entry for FQDN, I think HELO/EHLO is not checked.
Ljubomir
More information about the CentOS
mailing list