"John Keown" <jdk(_at_)nni(_dot_)com> writes:
Reverse dns is an RFC yet there are millions of mailservers that do
not have proper reverse dns. We have tested reverse dns blocking by
filtering all email received from an IP address without the proper
reverse dns and found that 70 plus percent of spam can be blocked
this way. Unfortunately it also block 20% plus valid email servers.
That is not always the fault of the domain or server owner. Where a
customer 'owns' a smallish netblock, the owner/controller of the
larger netblock is sometimes either unwilling or unable to either
setup the reverse DNS to point to the customer's domain/host name or
to delegate the reverse DNS for the customer's netblock.
I run mail servers both at home and at work, both in ADSL lines. At
home I use a 'good' ISP which gives me full control of the DNS (both
forward and reverse) for my domain. I could, if I wanted to, even have
the reverse DNS for my netblock delegated to me - but the ISP provides
sufficient control (via a web interface) that I do not need to do
this. At work though, we run the primary (forward) DNS for our domain
but the reverse DNS is set to a 'generic' name in the ISP's (not the
same ISP I use at home) namespace and they will neither change it to
our hostnames nor delegate the reverse DNS for the /29 to us.