[Andriy G. Tereshchenko]
IMHO, PTR is nothing more that exists:RSPF.jrandomdomain.com
[...]
I see clear benefit from "exists".
It increases required DNS zone data - but reduce lookup timing and
administrative burden.
As well it give you complete control over IPs allowed to send mail.
One more benefit from correctly configured and developed
"exists:{4}.{3}.{2}.{1}.rsft.jrandomdomain.com".
It supports early forgery detection. You will be able to analyze _your_ DNS
server logs.
As result you can detect source of forgery early and prevent/prosecute it ASAP.
For example windowsupdate.microsoft.com administrator will know about forgery
before first complain come to them based on
validation requests from others server.
But PTR lookups will hide this information because they will be addressed to
some China netblock owner.
PTR data is not trusted source of information. RIPE/ARIN/APNIC/LACNIC whois are
trusted.
I do not care if IP named
"We.Deliver.Spam.To.Your.MailBox.24hours.7days.a.week.Using.Inter.Net.cn" and
have valid A record
for this name.
Anyway I will use trusted source to get contact information about netblock
owners.
I will never use names of domains/PTR data to block spam - it's trivial to
reply on PTR requests using random (but still valid
for A verification) DNS names.
--
Andriy G. Tereshchenko
TAG Software
Odessa, Ukraine
http://www.24.odessa.ua