|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: mouss (mouss
netoyen.net)
Date: Thu Apr 24 2008 - 12:43:31 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jorey Bump wrote:
> mouss wrote, at 04/24/2008 11:19 AM:
>
>> you could use check_client_access with a pcre:
>> /\d+([-\.]\d+){3}/ 554 5.7.1 Generic hostname. Please use your
>> ISP relay or fix you rDNS
>
> This seems overzealous to me. I wouldn't personally choose to embed
> the IP address in the rDNS hostname, but there's nothing inherently
> wrong with it. Support varies among ISPs for setting rDNS, and local
> administrators often lack the skill or understanding to get it right.
> Nonetheless, they might be running a perfectly legitimate mail server.
> Has this rule created any problems for you?
>
>
It used to catch legitimate mail (I used it with a warn_if_reject) but
apparently, this doesn't happen much anymore, probably because big SPs
will reject, discard or "junk" mail from sites with such names, which is
probably enough incentive to get sites fix their name.
That said, it still catches the uribl mailing list server 33% of the time:
$ host 76.79.2.40
40.2.79.76.in-addr.arpa domain name pointer lists.maddoc.com.
40.2.79.76.in-addr.arpa domain name pointer lists.maddoc.net.
40.2.79.76.in-addr.arpa domain name pointer rrcs-76-79-2-40.west.biz.rr.com.
I have not seen it catch legitimate mail when used with
check_helo_access. I guess nobody would embed an ip in his helo name.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]