Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Date: Fri Aug 20 2010 - 06:14:43 CDT
Zitat von Stan Hoeppner <stanhardwarefreak.com>:
> Robert Fournerat put forth on 8/19/2010 4:46 PM:
>> Quoting Noel Jones <njonesmegan.vbhcs.org>:
>>> Same here. reject_unknown_client_hostname is too strict, but
>>> reject_unknown_reverse_client_hostname rejects lots of obvious spambots
>>> without resorting to an RBL lookup. The false-positive rate is close
>>> enough to zero that I would not consider removing this restriction.
>> Call me a BOFH, but I have no sympathy for mail servers
>> that do not pass the FCRDNS test.
> Agreed. Given that the majority of consumer broadband providers in the US
> assign rDNS to even all their consumer IP addresses, there's no reason for a
> legit mail sending host to not have rDNS.
> However, because of the above situation, the existence of rDNS for a mail
> sending host is worth less as a spam check because so many devices have rDNS
> today. Using fully qualified regular expressions to check for such consumer
> space rDNS is usually much more effective and less error prone.
Since we are using greylisting all need for checking rDNS or DNSBL
because of spam-bots from dynamic IPs is gone anyway. Or main problem
are the "half-legal" spam networks spanning whole AS and operating
with proper DNS, real mailservers and even SPF and DKIM.
So no, rDNS checking is useless or even harmful in our case.
Baseline for the OP: Your server, your rules. Check your traffic and
see what spam fighting method is most useful and least error prone in
your special case instead of blindly trust third party experience.