Ronald I. Nutter wrote: > I am getting quite a bit of spam coming in today that is scoring well > below the 5.0 min (i.e. 2.4 or so out of 5.0). The common thread I am > seeing is that they all fail the NO_DNS_FOR_FROM Rule. I noticed that > it is only set to 1.1. I am thinking about raising the value of this > score. I don't think that I should loose any email, should I ? Guess > I have a simplistic view of the world that no legitimate company would > run a mail server without a valid A and MX record. > > Thoughts ?
Their DNS, or your internet connection, could be down at the time you scan mail. Thus, this test could occasionally hit for legitimate companies with a proper MX record if either their end end has flaky DNS hosting. Generally, I find it infinitely better to check this at SMTP time. i.e. turn OFF accept_unresolvable_domains in sendmail.cf. This way you temp-fail messages with unresolvable return paths, and they eventually deliver when the source domains DNS is resolvable again. No legitimate mail should ever have an unresolvable envelope return path (except the NULL return path, which isn't counted as unresolvable by sendmail). I know *I* certainly don't want such a message in my mail queues. Any DSN that might get generated is certain to end up stuck in my mail queue, then eventually double-bounce into postmaster's box. Ick.
