I never said anything about the domain matching the MAIL FROM. Or anything else. Just that the sending IP have a PTR record which matches an A record which matches the sending IP. Any domain. And, of course, the test would have false positives, as do most others.
But as I said, I already block all email at my MTA that doesn't pass it. Since January 2007, apparently. So I think it's worth having a test for. On 10/30, m...@khonji.org wrote: > How do you expect this to handle cases when a single IP address (i.e single > MTA) is responsible for sending emails for multiple domains. The domain name > match won't happen for all. > > That's why we have SPF, SenderID (MS didn't want to feel left out, and DKIM > (RFC standard). > > As far as reverse lookup goes, AOL requires MTAs to have a reverse PTR zone > in a form of FQDN, but doesn't mandate exact match of the domain found in > MAIL FROM in SMTP header. Which is less restricted than your sugge stion. > > BTW, back in dark ages, there were discussions in RFC mailing lists of > similar approaches like yours but got rejected. Paul Vixie had his own > suggestions too. -- "There never has been an answer. There never will be an answer. That's the answer." - Gertrude Stein http://www.ChaosReigns.com
