>...
>
>There's a rule NO_DNS_FOR_FROM which checks for an A or MX record for
>the sending IP, but no similar rule checking for PTR (reverse DNS)
>entries - and it's not clear to me why not.
>
>Anyone able to enlighten me?
>
>=20- steve
>
>PS: I'm aware that these checks are often used at the MTA level to block
>- but from bitter experience I know that that's not really always a good
>idea - I'd rather just bump up the SA score a bit for such senders.
>
>...
Only a guess, but the existing rule does check the "sender", you
may or may not mean what you are saying - the more expected rule would be
to check the "client" for rDNS (and even FCrDNS). Remember, there are
at least three parties in a SMTP transaction, the sender, the client and
the recipient. The sender is the easiest to forge. Sites like AOL and
myself reject mail when the client has no rDNS. Unlike some people, I
would mind too much a low scoring rule for sender rDNS - even though I
don't have any (i.e. the domain this is sent from uses servers configured
with MX records, but the sender has no A RR - now the client I send from
does have FCrDNS - simply rDNS that matches the forward DNS). Still I think
what you mean to ask for is a rule for client rDNS as that is the typical
case checked for at the MTA level, but you might have meant just what you
said and want a sender check (the existing rule and one like that still
won't do any good for forged senders - it is hard, but not impossible to
forge the client, but too slow a process for most spammers - but if you
are trying to joe-job someone...).
Paul Shupak
[EMAIL PROTECTED]
