mail filtering based on reverse DNS
Bjørn Mork
bjorn at mork.no
Wed Aug 10 10:43:46 CEST 2011
"Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net> writes:
> On Aug 9, 2011, at 4:17 PM, Bjørn Mork wrote:
>
>> Anyway, if you reject mail from IPv6 addresses without reverse DNS
>> today, then you are guaranteed to reject legitimate mail. One might
>> even question the usefulness of reverse IPv6 DNS as a low score spam
>> rule. There are just too many matching legitimate sources.
>
> If one operates a legitimate mail server and is unable to provide any reverse
> mapping for the v6 address I seriously do not care to not accept his email as
> it's clearly not operated in a professional manner.
I agree on the professional operation. Any SMTP client should have
matching reverse and forward DNS. Failing to setup DNS properly is
clearly unprofessional.
You may of course choose to reject mail based on that fact. But be
aware that you *will* reject legitimate mail. I did a simple grep
through my personal mail log for the last few weeks, and there are many
examples of legitimate mails from people I consider serious
professionals, received over IPv6 from SMTP clients with no reverse
DNS. People don't always control their environment, and clueful people
are often forced to use infrastructure run by the clueless.
Anyone receiving mail on behalf of others cannot afford to be as strict
as you.
Bjørn
More information about the ipv6-ops
mailing list