Re: Mail Server best practices - was: Pandora's Box of new TLDs

Sat, 28 Jun 2008 11:02:34 -0700 

[EMAIL PROTECTED] (michael.dillon) writes:
> 
> 
> http://www.maawg.org/about/MAAWG_Sender_BCP/MAAWG_Senders_BCP_Combine.pdf

        Thanks for the pointer.  I don't necessarily agree with all of it,
        but it's definitely a good reference.
        
        I just get irritated by actions that penalize end users who feel they
        don't have other options other than just using some horrible webmail
        service, because their operator/ISP is clueless.  I do make a
        distinction.

> On page 5 they do recommend matching reverse DNS and in
> Appendix A they go on to state that RFC 1912 states that
> all hosts on the Internet should have a valid rDNS entry.

        Indeed it does, but rejecting a mail based on a missing PTR
        is still arbitrarily useless (and I'm speaking in terms of
        volume of spam emanating from hosts with a missing PTR, vs
        spam origination from hosts that do have a PTR).

> Perhaps the RFC series doesn't have as many gaps as we think.

        For mail operations, we're half a galaxy away from "be conservative
        in what you send, be liberal in what you accept".

> >     absurd, but I guess colateral damage is acceptable.  
> 
> If collateral damage is acceptable, then how is this
> absurd?

        Apologies, I was being sarcastic.

> Once you accept that it is better to reject
> good email than let bad email through, the game has
> changed. It may end up by destroying the business usefulness
> of the existing email architecture, but not without a
> push from someone who has a better mousetrap.

        Yep.

> This is quite simply, wrong. It is warranted.

        Not agreeing :)  But fair enough, any site is allowed to operate
        mail the way it wants.

> > Don't go preaching
> >     it as a best practice, though.
> 
> Too late, the MAAWG has already published this as a best practice
> for quite some time. If you don't follow the MAAWG best practices
> then you are not a serious email operator. If email is mission
> critical to your business, then you really should be an MAAWG
> member as well.

        We work for several customers and operate large mail installations.
        We implement quite a few requirements that are fairly strict, but
        rejecting based on missing PTR is not one of them.
        Neither is blacklisting entire TLDs for that matter, but I digress.
        I still feel like a serious mail operator, just because I don't
        conclude that I as the receiver should reject mail from a host with
        a missing PTR, because the MAAWG *Senders* BCP says that hosts
        should have a reverse.

        Phil

Reply via email to