On Mon, 19 Jul 2004, Len Conrad wrote:
I think PTR-lessness makes any IP sending my MX mail suspect, and one more
mistake, the msg is rejected. I bet AOL has something similar.
They haven't said how the negative treatment works
I recently turned on a similar policy. If there is no SPF record, then
I use a default SPF record (v=spf1 a/24 mx/24 ptr ?all).
If the result of SPF is neutral (from either and official or default record),
and there is no valid PTR for the connecting MTA, then I reject the mail. So,
to send me mail, you have to either have an SPF pass (possibly with my
default record) or softfail, or have a valid PTR.
This blocks 6100 spams per day. (Many of which would have been blocked at
some later point.) We are a 6 person company, and get around 100 legitimate
email per day. We block between 10000 and 40000 spams per day using a variety
of techniques. The number spams in my Bayesian quarantine went from 500+ per
day to 200+ per day.
I am considering tightening this up to treat dynamic IPs the same as
having no PTR. Someone posted a regex to recognize PTR CNAMES for
dynamic IPs, and I'll have to find it.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.