ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] Amend the RFC to require reverse DNS

2003-03-18 13:57:49
from [Sauer, Damon] [Permanent Link] 
-----Original Message-----
From: M Wild [mailto:asrg(_at_)wildm(_dot_)com]
Sent: Tuesday, March 18, 2003 2:04 PM
To: asrg(_at_)ietf(_dot_)org
Subject: [Asrg] Amend the RFC to require reverse DNS




Greetings - One of the most effective anti-spam measures I have taken on my
mail servers is to require the sending mail server's IP address to reverse
resolve to the name it uses in its HELO command.  While this is a violation
of the RFC it eliminates lying machines and forces accountability on the
sending server.  Yes, I know it can be forged or spoofed however it still
significantly raises the level of effort required on the part of the
spammer.  I've had to turn this check off due to customer complaints

however

I am reconsidering this decision.  Amending the RFC to *REQUIRE* correct

and

complete DNS setup for a SMTP client would go a long way towards reducing

my

undesired traffic.  It would also address the customer (and clueless
administrator) complaints with a simple "I am following the rules"  How can
you argue with that?


I can't- I like the idea.. but it has to go further than that.
 Example: MOMandPOP.com hosts their website and mail systems at their local
ISP. 
They send email as recipes(_at_)MOMandPOP(_dot_)com(_dot_)
Because their ISP has closed port 25, all email from MOMandPOP.com must go
to the relay server first.
 You see at your end-
HELO megamail1.isp.com   << reverse lookup of megamail1.isp.com shows an IP
address of 198.10.10.2
mail from: recipes(_at_)MOMandPOP(_dot_)com << reverse lookup of MOMandPOP.com 
shows an
IP address of 198.10.210.53

 In your example, this email would fail.
 Even though MOMandPOP.com are real and just wanted to send you your
requested apple pie recipe.

 The DNS needs a key or something that would define MOMandPOP.com as part of
mega.isp.com.
Please see the "Position paper, in zipped HTML" posts by Valdis Kletnieks.

Regards,
Damon Sauer



*****
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material.  Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited.  If you received
this in error, please contact the sender and delete the material from all
computers."
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Thoughts so far, Chuq Von Rospach
Next by Date:  Re: [Asrg] Domain-Authorized SMTP Mail, David Green
Previous by Thread:  Re: [Asrg] Amend the RFC to require reverse DNS, Justin Mason
Next by Thread:  Re: [Asrg] Amend the RFC to require reverse DNS, Chris Lewis
Indexes:  [Date] [Thread] [Top] [All Lists]