Matt wrote:
I had the same issue and found that the system that's relaying
(216.129.105.40) those confirmation emails doesn't have a PTR record.
You'd think someone selling a antispam/email appliance would be familiar
with the RFCs.
That would explain why I got no confirmation, we do not accept email
from IP's without a PTR record.
I agree, if true this looks pretty bad for a so called antispam
company.
In fairness -- if you drop mail with no rDNS, you are dropping 3.6% of
legit email in general, going by the test results for our RDNS_NONE
rule... ;)
Everyone should block/defer ALL email with no reverse DNS. Then maybe
those email admins would get a clue.
No, they shouldn't.
There are plenty of places still using mail gateways where the mail
server used for sending is still on an internal network, for a variety
of legitimate reasons, and those mail servers may resolve to a private
address. If you discard all mail with no appropriate reverse DNS,
you'll be discarding a lot of legitimate mail too from a lot of
legitimate mail configurations.
By discarding mail with no reverse DNS you are making assumptions about
SMTP that aren't necessarily true. There is only so much you can assume
about the protocol before you start breaking things. I don't have a
problem with saying that no reverse DNS means we should suspect this a
little more -- add a point or two -- but discarding mail because there
is no reverse DNS is broken behavior.
We are making many assumptions about how things /should/ be under SMTP
even though the RFC has no requirements for some of these things. When
you make assumptions like this, you have to be careful. Tossing mail
out because you don't like how another system is configured makes spam
filtering potentially more damaging to email than spam itself.
Best,
Jesse Stroik
