Eugene Podshivalov wrote:
> I've just received a spam email from a client who presented itself as
> emx.mail.ru but its ip 117.30.137.22 resolves to
> 22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
>
> Are reverse client hostname and the ehlo one not supposed to match?
It's been an old traditional recommendation and best practice.
https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
RFC1912 dates from 1996. Back then we could count the number of
systems on the Internet. Possibly someone knew each of them
individually! I'm not saying it wasn't possible then. And requiring
reverse DNS to map was one way to avoid dynamically assigned
addressing often used by abusers. But now there are so many systems
on the network and they change so fast that this is definitely not
possible now.
And now some very large service providers will not provide Reverse-DNS
mapping for server's IP addresses. This means that valid servers will
not be able to have a valid reverse mapping. This means that if one
hard blocks on this full circle validity check then they will drop
valid email and people will not be happy.
Instead of Forward-Reverse-DNS matching the newer Best Practice is to
set up SPF, DKIM, DMARC for your own outgoing mail and other
anti-abuse for incoming mail.
Bob
