On Mon, 29 Jan 2007, Don Lee wrote:
rDNS can therefore be used to detect certain kinds of forgery that
resolving the HELO cannot.
For instance, It is easy for me to set up spamdomain.com -> 18.104.22.168, and
set up SPF so that 22.214.171.124 is OK to send mail. However, if
rr.com "owns" 126.96.36.199, they may not let me change the
rDNS to "spamdomain.com" - esp. if it's a "pool" IP.
If the spammers owns spamdomain.com, then setting it to 188.8.131.52 is not
forgery. He is providing a registered name that you can validate.
Forgery and spam are two different issues. Using the validated name,
you can chalk up spam demerits without fear of harming an innocent party.
Again, I agree that rDNS is a useful input for spam detection. But
it does *not* add anything over a validated HELO for forgery detection.
I would hope that living in an area without competent broadband providers
does not doom one to be unable to send email - even with proper HELO, SPF,
etc and competent management. But that seems to be a fading hope. It may be
that going to IPv6, where everyone can set their own rDNS, is the only way
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
please go to http://v2.listbox.com/member/?list_id=735