Re: [exim] Detect missing reverse dns

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Ian P. Christian
Ημερομηνία:  
Προς: MarkdV
Υ/ο: Exim Mailing List
Αντικείμενο: Re: [exim] Detect missing reverse dns
2009/7/26 MarkdV <markdv.exim@???>:
> You seem to advocate this every chance you get. :)


Hm, sorry :)
My reasoning is below... I'll try not the shout so much about it on
list outside of this thread though!

> I'm thinking of trying something like this in acl_smtp_mail:
>
>  defer
>  ! sender        = :
>  ! dnslists      = list.dnswl.org
>  ! verify        = reverse_host_lookup
>  ! verify        = helo
>    ratelimit     = X_DNS_HELO_LIMIT / per_mail / leaky /
> $sender_host_address
>    message       = Ratelimited. Fix your (r)DNS and/or HELO for faster
> deliveries.


I do similar elsewhere deeper down in my checks.

> Guess what we _really_ need is for hotmail and gmail and some such to
> start requiring proper dns - and helo's IMHO. But as long as it means
> rejecting significant amounts of ham that's not gonna happen. None of
> them will want to be known for rejecting more ham than the other... If
> they would team-up though... Then the whole 'missing ham' problem would
> also fix itself because everyone would run to fix their dns (and helos)
> to be able to deliver to hotmail and gmail.


Well, your argument is pretty much in line with mine. As mentioned
previously in this topic, AOL already block lack of rDNS. We too have
a lot of DSL customers (not as many as you ;) ), and I am putting a
little load on our support department with 'wheres my mail' kind of
questions - but we're dealing with them just fine. I think what we
need is people to have the balls to make this call, and stick to it.
Don't allow people though if they haven't setup their mail servers
correctly. If the medium/large mail providers start forcing sensible
policies, people running badly configured servers will be forced to
change.

I see some people on list clearly don't agree with me, the majority of
which is people saying it will block legitimate mail though... so, if
you do disagree, how about using Mark's suggestion of his ACL above?

--
Blog: http://pookey.co.uk/blog
Follow me on twitter: http://twitter.com/ipchristian