Re: RDNS failed
From: Rich Matheisen [MVP] (richnews_at_rmcons.com.NOSPAM.COM)
Date: 02/22/05
- Next message: asdf: "Re: Cleaning queues"
- Previous message: Rich Matheisen [MVP]: "Re: DC's and GC's not listed in directory access. DL permissions problem."
- In reply to: tester: "Re: RDNS failed"
- Next in thread: tester: "Re: RDNS failed"
- Reply: tester: "Re: RDNS failed"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 21 Feb 2005 22:59:03 -0500
"tester" <tester@testthis.net> wrote:
>While I appreciate the cynicysm and sarcasm in your response. I was, in
>fact, truthful. We are a very small organization that deals with a very
>specific niche market.
Then you can solve your problem easily by only accepting connections
from the IP addresses your customers use. There's no need for RDNS at
all.
>If we told a customer we would not accept mail
>without valid ptr records or something else, or told that to a vendor, they
>would do it, particularly if it were backed by an RFC.
But there's no RFC to back you up. You'll find the word "SHOULD" where
you expect to find "MUST". The two meanings are very different.
>It may be hard for
>you to grasp but some of us are lucky in that way.
Not hard at all. But if you work in such a restricted environment
there are other ways to ensure you only get mail from the people you
want.
>I do not intend to fix the Internet, the kind folks at Dshiled do a good job
>of reporting issues and getting them fixed. If you are not a member, give
>it a look.
>I am curious what you meant by "relying on forward looks is much better"
>waht does that mean? How does one do that. How effective is that? I'm all
>ears if you have an effective way. So far I have the following
If the domain has a publically accessible A or MX (or event CNAME)
record then the MAIL FROM address can be verified and accepted (or
rejected). Couple that with SPF (http://spf.pobox.com) and you've got
a pretty reliable way of identifying your correspondant.
>firewall looks mail server up on spamhaus if there drop connection.
While spamhaus is a good source of information, the IP addresses may
include your customers. depending solely on DNS RBLs is somewhat
reckless.
>Then
>e2003 gets it and checks another openrelay (sorbs),
I hope you're not using their spam RBL! That one's way over the top!
>the exchange IMF,
You get what you pay for. :)
>and a
>list of known bad addresses. Then Symantec mail security scans it and looks
>for key words, subjects, etc for further tagging.
The fact that you depend quite a bit on DNS RBLs to make yes-or-no
decisions is a problem. Does Symantec allow you to integrate the RBLs
into its checking? Or does Symantec use a "tools" approach to looking
for spam (keywords, subjects, etc. each has a yes-or-no decision, with
no "weighting" of the individual scores to arrive at a decision)?
>All in all the users get
>may an average of 5-20 spams a day delivered, of that many are tagged by
>Outlook 03 into the junk folder. So we catch a lot, but I am always looking
>to do better.
Better costs more.
>Like, for instance, if a users each have blocklists in outlook, can I
>compile them into a global block list and add them to the exchange block
>list?
Manually? yes. Automated? I don't know. I'm not a big fan of
individual lists.
>If users make or unmark junk mail in the outlook 03 junk mail folder, can
>that be compiled into a global list as well?
With some products, yes With the IMF I don't think so.
>I know there would need to be
>conflict resolution etc. But if everyone agrees the viagra spam that is
>going around is in fact junk (hey someone might need it right? ;-))
Sure they might. And they can receive all the junk they need at their
personal ISP account on their own time.
>then I
>can put it in the global deny and it might help.
>
>I know that fighting spam is a never ending and ever changing battle of
>shovelling against the tide but, we have to try.
>
>Thanks for the link on the service, I will give it a look. What sort of
>success have you had with it?
It's very effective at what it does. We outgrew it, but it sounds like
it'd fit right in with your expectations.
>
>
>
>
>"Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message
>news:gl2l11pburl1bpf5nsbli056l6h3j7qdkg@4ax.com...
>> "tester" <tester@testthis.net> wrote:
>>
>>>I received some junkmail where the RDNS failed yet it was still delivered
>>>to
>>>some users. I don't want mail delivered to users at all if the RDNS
>>>fails.
>>
>> Well, you really do want it to be delivered. Reverse lookups are
>> notiously unreliable. There are tones of organizations without PTR
>> records. Relying on forward looks is much better.
>>
>>>I want that to go to the administrator and then he/she will distribute or
>>>contact the customer/vendor and inform them of the problem.
>>
>> Inform all you like. The chance of fixing the Internet is pretty slim.
>>
>>>We are small
>>>enough and our vendor/customer relations good enough to make that policy
>>>enforcable.
>>
>> Right! Let us know when you complete this mission.
>>
>>>What I cannot seem to get a handle on is how to make Exchange
>>>2003 do this.
>>>Any ideas?
>>
>> Use a 3rd-party product. Open Relay Filter
>> (http://www.vamsoft.com/orf) is inexpensive.
>>
>> --
>> Rich Matheisen
>> MCSE+I, Exchange MVP
>> MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
>
-- Rich Matheisen MCSE+I, Exchange MVP MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
- Next message: asdf: "Re: Cleaning queues"
- Previous message: Rich Matheisen [MVP]: "Re: DC's and GC's not listed in directory access. DL permissions problem."
- In reply to: tester: "Re: RDNS failed"
- Next in thread: tester: "Re: RDNS failed"
- Reply: tester: "Re: RDNS failed"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
