On Oct 5, 2011, at 10:23 AM, Murray S. Kucherawy wrote:
[mailto:owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of
Sent: Wednesday, October 05, 2011 6:40 AM
To: SMTP Interest Group
Subject: RE: The anti-abuse rDNS check that FTP gave up
True statement on both accounts. I'd add to it, that invalid rDNS is
still a viable anti-abuse mechanism. There are plenty of compromised
machine operators that are "asleep at the wheel." Checking rDNS
scrapes off that chaff.
I generally agree, but implementing it on my small site with only a handful
of users did lead to a number of false positive complaints that then needed
to be handled.
It's probably not a good idea to standardize such a practice (yet?), but it
does seem like a useful tool to have around.
IMO, any time you're basing an abuse test on something that is fundamentally
irrelevant, it's of short-term value at best. rDNS is such a check.