Date: Fri, 28 Nov 1997 16:47:58 +1030 From: Greg Lehey <grog@lemis.com> To: joelh@gnu.org Cc: jkh@time.cdrom.com, jmb@FreeBSD.ORG, chat@hub.freebsd.org Subject: Re: major push by spammers? Message-ID: <19971128164758.02274@lemis.com> In-Reply-To: <199711280604.AAA00737@detlev.UUCP>; from Joel Ray Holveck on Fri, Nov 28, 1997 at 12:04:04AM -0600 References: <18154.880528164@time.cdrom.com> <199711280604.AAA00737@detlev.UUCP>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 28, 1997 at 12:04:04AM -0600, Joel Ray Holveck wrote: > >> 2 ways: The first, if reverse DNS lookup fails, accounts for about 90% >> of the rejects. When I first started doing this, I worried that >> perhaps I was rejecting some legit emails so for the first couple of >> weeks I'd do one day on, one day off. In 14 days worth of testing, I >> got one "legitimate" message (though it was unanswerable due to said >> misconfiguration, so I could have done without it :) and many many >> hundreds of spams on the days that I had reverse DNS checking >> disabled. Needless to say, I can't even imagine not having it on now. > > Now tell me, how does the reverse DNS lookup work? Does it perform a > reverse DNS against the IP source vs. the line sent in EHLO, or what? A reverse lookup takes the IP address and looks through the BIND hierarchy for a corresponding PTR record (more specifically, for address 192.109.197.137, it will look for a PTR record which matches 137.197.109.192.in-addr.arpa). A lot of systems don't have their reverse delegation set up correctly, so I suspect a number of innocent people are also being rejected. Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971128164758.02274>