Re: Excessive reverse lookups.

From: Yor Suiris (yor_at_hallgroupNOT.net)
Date: 09/13/04 

Date: Mon, 13 Sep 2004 11:56:37 -0400

OK Alan, How does Reverse DNS lookup stop spam on Exchange? I really want to
know. All I see reverse DNS do on MS Exchange is add the IP info to the
tracking logs. It does not deny anything.

"Alan Sun [MSFT]" <v-asun@online.microsoft.com> wrote in message
news:5yRunNWmEHA.3608@cpmsftngxa10.phx.gbl...
> Hello Jim,
>
> Thanks for your posting here.
>
> According to your situation, I suggest you first check the Reverse DNS
> Lookup option on Exchange server. The "Perform Reverse DNS Lookup for
> Incoming Messages" option is located on the "Default Virtual SMTP Server
> Properties" dialog box: On the Delivery tab, click Advanced.
>
> More info here:
> 297412 The "Perform Reverse DNS Lookup for Incoming Messages" Option Is
for
> http://support.microsoft.com/?id=297412
>
> To prevent spam, you can use the following methods
>
> -- Prevent Relaying
> -- Configure IP Address Restrictions
> -- Implement Authentication
> -- Set Message Limits
> -- Use Reverse DNS Lookup
> -- Configure the SMTP Connector
>
> For more information, look into the instructions in the following
document:
> 319356.KB.EN-US HOW TO: Prevent Unsolicited Commercial E-Mail in Exchange
> 2000 Server
> http://support.microsoft.com/default.aspx?scid=KB;EN-US;319356
>
> In addition, there are some third-party tools which provide this kind of
> function. You can look into the following link:
>
> http://www.slipstick.com/addins/content_control.htm
>
> ============
> Warning: This response contains a reference to a third party World Wide
Web
> site. Microsoft is providing this information as a convenience to you.
> Microsoft does not control these sites and has not tested any software or
> information found on these sites; therefore, Microsoft cannot make any
> representations regarding the quality, safety, or suitability of any
> software or information found there. There are inherent dangers in the use
> of any software found on the Internet, and Microsoft cautions you to make
> sure that you completely understand the risk before retrieving any
software
> from the Internet.
> ============
>
> Hope this helps! If you need further help or have other concerns, just
post
> back to let me know. Thanks and have a nice day!
>
> Thanks & Regards
> Alan Sun
> Microsoft Online Partner Support
>
> Get Secure! - www.microsoft.com/security
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
>
> --------------------
> |From: "jim" <jim@NOSPAM.com>
> |Subject: Excessive reverse lookups.
> |Date: Fri, 10 Sep 2004 09:30:36 -0400
> |Lines: 19
> |X-Priority: 3
> |X-MSMail-Priority: Normal
> |X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
> |X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
> |Message-ID: <eB4OcpzlEHA.1644@tk2msftngp13.phx.gbl>
> |Newsgroups: microsoft.public.exchange2000.admin
> |NNTP-Posting-Host: pat.axcelis.com 12.146.8.100
> |Path:
>
cpmsftngxa10.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13
> phx.gbl
> |Xref: cpmsftngxa10.phx.gbl
microsoft.public.exchange2000.admin:111202
> |X-Tomcat-NG: microsoft.public.exchange2000.admin
> |
> |We've been warned by our ISP that our two SMTP gateways are
> performing an
> |excessive amount of reverse lookups and hammering their dns servers.
> We
> |DON'T have that feature turned on in the virtual smtp server
> properties
> |(deliver > advanced > configure..). The only thing i see on our
side
> are
> |all the bounced spam messages sitting in our queues undeliverable.
> It seems
> |like we get a huge volume of spam (far more spam than legitimate),
> but i'm
> |not sure that it's any higher than most other companies. In any
> event,
> |we're in Ex2K native mode, SP3 on all servers.
> |
> |Can this lookup problem be addressed without adding a third party
spam
> |filter? Are there any registry tweaks that can reduce the volume of
> |lookups? We have relaying turned off. We try to filter a fair
> number of
> |subnets using spamhaus as a reference...
> |
> |Any advice/help is appreciated.
> |
> |
> |
> |
> |
>

Relevant Pages

  • Re: Excessive reverse lookups.
    ... You didn't even read my posting, ... I suggest you first check the Reverse DNS ... > Lookup option on Exchange server. ... Microsoft is providing this information as a convenience to you. ...
    (microsoft.public.exchange2000.admin)
  • RE: Excessive reverse lookups.
    ... I suggest you first check the Reverse DNS ... Lookup option on Exchange server. ... Incoming Messages" option is located on the "Default Virtual SMTP Server ... Microsoft is providing this information as a convenience to you. ...
    (microsoft.public.exchange2000.admin)
  • Re: Unable to receive e-mail messages from certain sites with reve
    ... I have verified that Symantec is NOT blocking ANY ... because of a failed reverse DNS lookup. ... I get all of these spam messages?" ... Is there a way to have Exchange log the messages that are being trashed due ...
    (microsoft.public.exchange2000.admin)
  • Re: Reverse DNS Lookup
    ... >>How does reverse DNS lookup help SMTP in performing authentication? ... >It's not useful directly in authentication, but it makes troubleshooting ... The server can put the hostname of the client in the "Received" ...
    (comp.security.misc)
  • Re: Unable to receive e-mail messages from certain sites with reve
    ... Is there a way to have exchange log the messages that are trashed ... > because of a failed reverse DNS lookup. ... > I get all of these spam messages?" ... >>> that routes all SMTP traffic to the Exchange server from our public IP ...
    (microsoft.public.exchange2000.admin)
Quantcast