[CLUE-Tech] reverse DNS

Charles Oriez coriez at oriez.org
Mon Sep 13 11:19:19 MDT 2004 

At 10:54 AM 9/13/2004, Angelo Bertolli wrote:

>>I would say that it is trumped by the later RFC 2821
>>
>>http://www.faqs.org/rfcs/rfc2821.html
>>
>>"It is a well-established principle that an SMTP server may refuse to 
>>accept mail for any operational or technical reason that makes sense to 
>>the site providing the server."
>>
>>Rejecting for invalid rdns rather than waiting for the dnsbl to tell the 
>>receiver to reject it saves on cpu cycles on the receiving server.  That 
>>is the same reason that I put the most prolific spammers in my access.db 
>>with a reject instruction - no bandwidth wasted waiting for a remote db 
>>to tell me what I already know.
>Also, what do you think about just accepting all mail, and then maybe not 
>delivering it if you don't like it?  (What is the term for this?)
>This would have the effect of not only reducing the payoff of spammers 
>(like with blocking), but also leaving them in the dark about which 
>servers are delivering their mail, which ones aren't, etc.  But I guess 
>there are legitimate reasons for mail to get bounced back... so that may 
>not be a good thing.  I know one thing I have found annoying is when 
>people respond with a 400 error to something that should be a 500 error, 
>because they want to delay spammers as much as possible.

There is always the chance of a false positive.  While I am an advocate of 
not sending back warnings when viral loads are delivered, I do think that 
it is important to bounce undelivered messages for several reasons.

1) The occasional false positive needs to be dealt with
2) If a sender knows that their mail is being rejected because their ISP 
harbors spammers, they can choose to put pressure on the ISP or vote with 
their wallet by changing ISPs.  If they make the choice to help finance the 
spammers by sticking with the ISP without complaint, then they can't 
complain that they didn't know that they were the subject of a boycott


>Also, what do you think about tar pits?  They seem kind of aggressive, but 
>are they really changing anything?


those who implement them swear by them.  I haven't bothered to spend the 
bandwidth to implement one.  I think I'd want it on a separate IPA and 
separate box to avoid impact on my production systems



--

Charles Oriez     coriez at oriez.org    39  34' 34.4"N / 105 00' 06.3"W
"Drag God into politics, and you'll ruin his reputation in no time." -- 
Molly Ivins

More information about the clue-tech mailing list