mail filtering based on reverse DNS
Bjørn Mork
bjorn at mork.no
Wed Aug 10 13:19:20 CEST 2011
"Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net> writes:
> On Aug 9, 2011, at 4:17 PM, Bjørn Mork wrote:
>
>> Anyway, if you reject mail from IPv6 addresses without reverse DNS
>> today, then you are guaranteed to reject legitimate mail. One might
>> even question the usefulness of reverse IPv6 DNS as a low score spam
>> rule. There are just too many matching legitimate sources.
>
> If one operates a legitimate mail server and is unable to provide any reverse
> mapping for the v6 address I seriously do not care to not accept his email as
> it's clearly not operated in a professional manner.
OK.
Sorry for those offended by the real example, but this is one of the
addresses I found in my mail log:
2001:1890:1112:1::1e
It does have a reverse pointer, so it's half-way there:
bjorn at canardo:~$ dig +short -x 2001:1890:1112:1::1e
mail.ietf.org.
but the forward entry does not list that address, so my mail server
ignores the reverse pointer:
bjorn at canardo:~$ dig +short aaaa mail.ietf.org
2001:1890:123a::1:1e
So, should I reject mail from 2001:1890:1112:1::1e? Are all those
sending mail from the IETF necessarily unprofessional?
Bjørn
More information about the ipv6-ops
mailing list