postfix issue...

Craig White craigwhite at azapple.com
Fri Mar 5 05:08:45 UTC 2010


On Fri, 2010-03-05 at 14:40 +1030, Tim wrote:
> On Thu, 2010-03-04 at 13:42 -0700, Craig White wrote:
> > At this stage, I simply will not accept mail from any smtp server
> > whose forward & reverse DNS don't match. So if you are sending me
> > e-mails from server mail.example.com you better have a reverse DNS
> > address that tells me that your ip address points to mail.example.com.
> 
> That's a rather bad idea, and simply not workable for an *awful* lot of
> people.  You *will* be rejecting legit mail with that methodology.
> 
> Although many of us have our own domains, many of them will be hosted by
> a service which hosts hundreds or thousands of other sites using virtual
> named based hosting.  We don't each get an IP, and it's completely
> impractical to expect that in an IPv4 world.  The reverse IP will point
> to the host's domain name, not ours.
> 
> You need to do *better* testing than simply forward and reverse checking
> of one domain name.
----
first... at the point where AOL and other big user systems started
enforcing that rule, it made total sense for me to do likewise. If you
don't have forward/reverse dns resolution for your smtp server, you
aren't getting e-mail through to the mail servers with a large user
base, you aren't getting through to my servers either. You can stand on
a soap box and shout about what you think is practical but if you can't
get mail through to the big boys...

I actually have a long set of postfix rules which determine which mail
gets through - far more than 'simply forward and reverse checking' and
I'm surprised that you would think I would do less. I start with
greylisting, I also require a full helo/ehlo, valid user, resolvable
domain and more. I also use MailScanner which fully scores for spam and
also implements phishing, virus checking and much more. I do this for
many companies that are my clients and I get absolutely no complaints
(and very little spam).

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the users mailing list