[CLUE-Tech] reverse DNS

Adam Bultman adamb at glaven.org
Fri Sep 10 13:00:33 MDT 2004 

Angelo Bertolli wrote:

> Even if there is no RDNS, can't you still block based on IP address?  
> I mean is it now a requirement to have RDNS set up?
>
If you want to send to AOL, you basically *need* RDNS data, or they'll 
can your email. I spend a lot of time getting RDNS information  and 
whitelists set up for AOL specifically, only to have them change tack 
and say they want something else. too.

You do NOT need RDNS to send mail, heck no. Mail sent to my work and 
personal servers will make it juuuust fine without RDNS. 

Yes, you can block based on an IP address, but for a company like AOL, 
it's easier to force everyone else in the world to chase blindly after 
you than it is for AOL to start blocking people and dealing with the 
reactions.

At my lats job, I wrote a script that would parse through SPAM email and 
take the sending IPs and block them.  SPAM email went down like crazy, 
and by the time I stopped, I had 5000+ IP addresses in my blocklist.  I 
didn't even run it for 5 months.


If you want to block SPAM, your best bet is to work an RBL into your 
mail server and use spamassassin to catch the rest.  Using those RBLs 
cans my spam quite nicely, and what made it through was newer servers  
and stuff that threw off SpamAssassin.  Unfortunately, I can't whitelist 
IP addresses, so I had to take them off, and now spam pours in again :(

Anyway, you'll want to look into this:
http://spf.pobox.com/

Allegedly, AOL and other companies are going to start rolling that out 
as a means of stomping SPAM. Some people say it's the next big thing.  
Lots of people are already publishing these records, too. SPF records 
(Essentially TXT DNS records) are pretty easy to set up.

Adam



> Adam Bultman wrote:
>
>> Well, it doesn't really 'keep it in check' unless you are 
>> specifically denying the ability of people without RDNS to send you 
>> mail, like AOL does.
>>
>> RDNS is *meant* to assist with things like mail, etc so that you can 
>> trully 'know' where mail is coming from. Unfortunately, very few 
>> people actually deny mail based on RDNS info because you'll be 
>> blocking too many people.
>>
>> For mail, SPF is the next big thing...
>>
>> Adam
>>
>> William wrote:
>>
>>> Simply put, it serves something like an ID card for your host.  
>>> Additionally, thanks to the
>>> delegated nature of DNS and who controls the DNS servers, it is much 
>>> more difficult to spoof than,
>>> say, an SMTP HELO response.  I can't say how many thousands of hits 
>>> I get against my servers ever
>>> day that 'claim' to be one host, when their RDNS lookup indicates 
>>> who they truly are -- usually
>>> dial-up, cable, and DSL users, all from dynamic IP beds.  Spoofing 
>>> is rampant, and RDNS help to
>>> keep it in check.
>>>
>>>
>
>
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options: 
> http://clue.denver.co.us/mailman/listinfo/clue-tech

More information about the clue-tech mailing list