1) The name the mailserver announces in it's HELO line must resolve via forward DNS. It doesn't matter to what, it just has to resolve. 2) The IP of the server must reverse resolve to something, it doesn't matter to what: except that that name is then tested on a forward DNS check, which must work.
This is actually in the FAQ: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/misc.html#FREEBSD-MAIL-BOUNCES
My understanding is that these simple tests block thousands of spam emails per second!
per hour, not per second.
Either way ... pretty good statistics.
The most common mistake I've seen people make is to add multiple reverse DNS records (when the machine has multiple forward DNS records) Most DNS servers will allow you to do this, but it doesn't work.
DNS works fine having a set of PTR records per ip. What doesn't work is that applications that query for PTR records only use the physically first PTR record returned in the DNS responce packet, which, due to caching, is uncontrollable.
Which means that the system (effectively) doesn't work with multiple PTR records, which was all I was trying to say.
-- Bill Moran Potential Technologies http://www.potentialtech.com
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
