Re: More sorbs blacklisting [signed]
Andreas John wrote:
> John Kelly wrote:
>> On Mon, 19 Jun 2006 20:06:04 +1000, "Charles Chambers [c]"
>> <firstname.lastname@example.org> wrote:
>>> my settings on SpamPal protecting my personal mail account are set to
>>> block according to *all* available blacklist sources ... my spam folder
>>> is fewer than a dozen pieces a week.
>> More than five is a bad week for me. I use:
>> 1) strict DNS checks (matching forward/reverse)
> I understand that checking for the existence of a reverse mapping may be
> a clever thing, but the reason for forward/reverse matching is not
> obvious to me: Imagine a user who only has one public IP at his
> "all-in-one" mail-web-server. His reverse is www.mydomain.tld to make
> people with traceroute happy, but his mx is mx1.mydomain.tld. To get
> through your spamfilter, the reverse has to be changed to
> mx1.mydomain.tld - that looks not nice in the traceroute ...
Not if the check is that the reverse DNS for the MX has a matching A record.
A mx1.example.com -> 192.168.12.13
PTR 220.127.116.11 -> www.example.com
A www.example.com -> 192.168.12.13 ---> VALID
If the reverse for the MX's IP did not have a matching A record, that
would be an error and be blocked.