the theory is that if there is no reverse lookup, it is a poorly maintained ISP's netblock and most spam originates from poorly maintained ISPs.
So, in order to slow spam, one of the simple things is to do a reverse lookup to see if the machine is configured properly -- and give a temporary error (4xx) so that it can retry later if the DNS failure was temporary. The amount of spam that this deters on our network is ~10% -- to AOL, 10% is a considerable amount of traffic compared to us. The only problem here is that most of the cable modems out there have valid reverse addresses, and providers don't block outbound port 25 connections allowing spam to flow freely from cable modems that have valid reverse lookups. Several years back when AT&T's dialup division was a spammer haven, AT&T did the right thing and blocked port 25 outbound from dialup ports -- requiring the spammers to use AT&T's mailhost -- and they could quickly identify and terminate the account. If 2 cable companies did that, it would easily quell 40% of the spam that I see. About the only thing I can suggest is to get your provider to put a valid reverse (that also has a correct forward) on your IP. The next test down the line will probably be DNS spoof checking -- so, you might as well be prepared now. On Tue, 2003-08-26 at 14:40, Jerry Asher wrote: > Last week, I sent a terribly informative and highly salient message to the > list. And it never showed up. (Which is too bad, because the honorable > David Savimbi, nephew of Jonas tells me his offer has since expired.) > > This week qmail returned it to me, something at aol did not like an IP > Name address lookup. I am thinking this is a reverse DNS lookup, but I am > not sure. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
