On Mon, 2010-02-08 at 22:08 -0500, dar...@chaosreigns.com wrote: > You get an email delivered from 64.71.152.40 (last untrusted > relay). You look up the DNS A record for that IP, and get > mail.chaosreigns.com. Then you look up the DNS PTR record of > 40.152.71.64.designatedsender.mail.chaosreigns.com, and if it's > 127.0.0.1, it's a legit email sender and gets some negative SA score. > Otherwise it's not, and gets some positive SA score (low at first until > adoption spreads). > > So it's not tied to the SMTP MAIL FROM or anything. > Forwarding doesn't break. > > Eventually you reject all email from IPs without such records. > > Obviously you'd need a blacklist of spammer domains that list spamming > IPs as legit senders. Not an RHSBL / MAIL FROM blacklist, but a blacklist > where, when the A record of a delivering IP is in a blacklisted domain, the > mail gets rejected. > > I am not at all attached to the format of the PTR record and would > like suggestions. > > > Is there any way this wouldn't be very useful? >
Apparently you want to check if non mail servers are sending mails .. but what percentage of spams today come from non mail servers ?
