-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of RNuno Sent: Friday, April 01, 2005 4:12 PM To: CentOS mailing list Subject: Re: [CentOS] postfix tightening
Ajay Sharma wrote:
I run an "office" mail server and my boss would kill me if
we bounced a
message just because the client is using a brain dead ISP. So our approach is a little different in that we accept a lot of mail and I spend my time on tuning spamassassin.
Same here. We cannot going on rejecting every server that don't reverse I'ts not that I would like to but the truth is MANY companies have them.
I have never understood the precived connection between reverse DNS and spam. I have seen some go as far as if the reverse DNS does not match the senders domain they will kick it.
I am all for blocking spam, but it is a fine line to block it without being an ass and catching all kinds of legitimate mail in the process. Perfect example is the one RBL that will list entire ISPs until the sufficently grovel in their newsgroup, all the while not caring that this is impacting hundreds or thousands of servers that are not spamming or supporting spam.
On Fri, 2005-04-01 at 20:19 -0600, Mark A. Lewis wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of RNuno Sent: Friday, April 01, 2005 4:12 PM To: CentOS mailing list Subject: Re: [CentOS] postfix tightening
Ajay Sharma wrote:
I run an "office" mail server and my boss would kill me if
we bounced a
message just because the client is using a brain dead ISP. So our approach is a little different in that we accept a lot of mail and I spend my time on tuning spamassassin.
Same here. We cannot going on rejecting every server that don't reverse I'ts not that I would like to but the truth is MANY companies have them.
I have never understood the precived connection between reverse DNS and spam. I have seen some go as far as if the reverse DNS does not match the senders domain they will kick it.
---- it doesn't seem to be too difficult to have the smtp server helo to be locatable in reverse dns - the thing that this blocks is people running smtp servers on dynamic ip space and forces them to use a smart host - can't see what the big deal is here since it provides accountability for the mail path.
Now that AOL is doing this, it pretty much dictates that smtp servers comply with this restriction. I don't see the problem with it. ----
I am all for blocking spam, but it is a fine line to block it without being an ass and catching all kinds of legitimate mail in the process. Perfect example is the one RBL that will list entire ISPs until the sufficently grovel in their newsgroup, all the while not caring that this is impacting hundreds or thousands of servers that are not spamming or supporting spam.
---- rbl's have had their share of issues, continue to have their issues and each administrator has to decide on whether it's worth using them.
Craig
On Fri, 2005-04-01 at 20:19 -0600, Mark A. Lewis wrote:
I have never understood the precived connection between reverse DNS and spam. I have seen some go as far as if the reverse DNS does not match the senders domain they will kick it.
Mostly because a trojaned machine on a broadband connection spewing SPAM will not have a valid reverse DNS entry.
By forcing a policy of accurate reverse DNS, most of the home-broadband- SPAM factories are shut down.
Most ISPs will reject mail if the DNS doesn't reverse correctly, AOL being one of the largest.
-
Craig White -
Mark A. Lewis -
ryanag@zoominternet.net