Re: MTA

To: debian-user@lists.debian.org
Subject: Re: MTA
From: Greg Wooledge <greg@wooledge.org>
Date: Mon, 5 Jul 2021 10:06:24 -0400
Message-id: <[🔎] YOMR4A0cR3YOtlBA@wooledge.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20210705134847.GA1672577@zira.vinc17.org>
References: <[🔎] 1eaaa445-fadb-360c-4d48-1c076729c687@polynamaude.com> <[🔎] YOMKml2tnboHGUi0@wooledge.org> <[🔎] 20210705134847.GA1672577@zira.vinc17.org>

On Mon, Jul 05, 2021 at 03:48:47PM +0200, Vincent Lefevre wrote:
> On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
> [...]
> > Your "reverse" (PTR record for 162.213.253.79) doesn't match.  Which is
> > to say, none of the "A" results from cyrania.com. match the original
> > IP address of 162.213.253.79.
> > 
> > Some SMTP receivers may care about that.
> [...]
> 
> Yes, the reason is that the owner of the IP address can technically
> put anything for the reverse, in particular a domain he doesn't own.
> Thus he can put a domain with a good reputation to send spam. That's
> why antispam software should check that the reverse resolves back to
> the IP address.

It's a philosophical argument.  The value stored in the "reverse" is
only important if you think it's important.  Antispam software may
choose to consider it irrelevant, or somewhat important, or vitally
important.

If I'm sending email from 162.213.253.79 but I use bill@microsoft.com as
my envelope sender address, does it *really* matter whether 162.213.253.79
has a mismatched reverse lookup?  It's more important to check whether
microsoft.com considers 162.213.253.79 to be a valid sender.  (And that
uses SPF or other optional mail-specific information sources.)

Strict reverse-match checking really hurts people who send email
from home computers, where controlling the reverse is not always easy.
Any impact on commercial spammers is negligible, unless the real goal is
to block bot nets by assuming that anyone with a mismatched reverse is a
home computer user and is therefore a compromised spam bot, because how
could anyone on a home computer network ever be a legitimate email sender?

A more sensible antispam filter might consider a mismatched reverse to
be one potential factor in deciding whether a given message is "spam".
In the absence of any other factors, it shouldn't be enough to reject
a message.  But if the same message has other risk factors, then together
they might be enough to justify that judgment.

Reply to:

Follow-Ups:
- Re: MTA
  - From: Polyna-Maude Racicot-Summerside <debian@polynamaude.com>
- Re: MTA
  - From: Vincent Lefevre <vincent@vinc17.net>

References:
- MTA
  - From: Polyna-Maude Racicot-Summerside <debian@polynamaude.com>
- Re: MTA
  - From: Greg Wooledge <greg@wooledge.org>
- Re: MTA
  - From: Vincent Lefevre <vincent@vinc17.net>

Prev by Date: Re: MTA
Next by Date: Re: 2 NIC's
Previous by thread: Re: MTA
Next by thread: Re: MTA
Index(es):
- Date
- Thread