Autor: Peter Bowyer Data: Dla: 'Exim User's Mailing List' Temat: RE: [Exim] AOL - SPF - and EXIM
"David Brodbeck" <DavidB@???> wrote: > The thing is, I don't really see the point of the reverse DNS check. It
> doesn't accomplish anything. Someone claimed earlier that it's a form of
> server authentication, but it isn't really, because whoever controls
> reverse DNS for that IP can stick whatever they want in there. Looking up
> the A record tells you a lot more.
>
> For example, if I get a connection from a server that says 'HELO
> mail.whitehouse.gov', and I do a reverse lookup on its IP and find
> 'mail.whitehouse.gov', all that tells me is that the person who does rDNS
> for that netblock set that value. It's almost as easy to fake as an
> identd lookup, and those are widely regarded as useless these days. But
> if I look up the A record for mail.whitehouse.gov and find the IP matches
> the server connecting to me, I have a pretty good idea that someone at
> whitehouse.gov was involved.
Like many things, it's not particularly useful as a single test. But
statistically, connections from servers with fully compliant rDNS send
less spam than those without. (No, I've no reference for this - but
intuitively, it's true).
So, give a failure in this test a score which approximates to the right
ratio, combine it with other tests you do, and the confidence in your
detection algorithm increases.