Great letter Kevin, but I recently tried to explain this to a company and their engineer said that it was by design. His explanation was that they did it for security/obscurity reasons and we were applying to strong restrictions on mail delivery. Sometimes you just can't win with these people.
Jason ---------- Original Message ---------------------------------- From: "Kevin Bilbee" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Fri, 18 Jul 2003 15:52:25 -0700 >Be careful blocking solely on RDNS and HELOBOGUS. There are many legitimate >mail servers out there with ignorant DNS admins. We are lucky to have Scott, >Len (on the Imail list), and DNS Stuff/Report. I have taken the approach to >attempt to enlighten them with the following email. Because my users recover >their own email it make doing this easier. > >------------------------ >Hi, I am Kevin Bilbee the Network Administrator at Standard Abrasives. > >We are having some issues receiving email from your mail server. I would >appreciate it if you could help me out. Your mail server is missing a few >DNS entries that are required to validate that email is coming from your >server and not someone pretending to be you. About 60% of the mail coming >into our server is unsolicited (SPAM) so being able to identify legitimate >email is important to us. These items are outlined below. > >X-RBL-Warning: HELOBOGUS: Domain acsmail1.amas.nl has no MX or A records. >X-RBL-Warning: REVDNS: This E-mail was sent from a MUA/MTA 194.151.97.18 >with no reverse DNS entry. >This is the link to the Internet Engineering Task Force site and the RFC for >Common DNS Operational and Configuration Errors section 2.1. It discusses >DNS and common configuration errors pertaining to mail servers. >http://www.ietf.org/rfc/rfc1912.txt?number=1912 > >If you could forward this to your IT department or send me contact >information for them, I would appreciate it. > >Mail from your server is not lost, it is delayed 1 day while waiting for >review. If it is found to not be spam, the recipient has the option to >recover the message. If they do not recover it in 14 days, it is purged from >the system. > >I understand that mail from your server is not spam and is legitimate >business email. But our spam filter cannot make that determination unless >the above so human intervention is involved to complete delivery to the >final recipient. > >After my signiture is a message with the full headers for you to review. > >Thank you for your assistance in this matter, >Kevin Bilbee >Network Administrator >Standard Abrasives, Inc. > >---------------------------- > > >I have had great results in getting legitimate admins to fix there setups my >biggest problem is with admins in China and admins that think it is a >security risk for their firewall to have these entries. I also had our >international department review the email so as not offend people in other >countries with harsh language. > > >Kevin Bilbee > >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] Behalf Of Joshua Levitsky >> Sent: Friday, July 18, 2003 3:29 PM >> To: [EMAIL PROTECTED] >> Subject: Re: [Declude.JunkMail] DNS Test? >> >> >> Think of the companies that offer spammers a haven. If you could block >> everything hosted by that ISP it would be wicked nice. There's no >> end to the >> mail servers these bastards can setup, but registered DNS servers >> is a whole >> other story. I don't take mail if there's no PTR, and the HELO has no A >> record so these people spamming me have to use DNS servers which >> are harder >> to switch constantly because it takes 24 - 48 hours for that stuff to >> change. >> >> -Josh >> >> ----- Original Message ----- >> From: "Rifat Levis" <[EMAIL PROTECTED]> >> To: <[EMAIL PROTECTED]> >> Sent: Friday, July 18, 2003 6:08 PM >> Subject: Re: [Declude.JunkMail] DNS Test? >> >> >> > It is seems like a intersting test , but it will do more harm to ISP , >> > I am just thinking my case , having more than thousands domains. >> > If 1 of those domains start doing a spam , thousands of others will have >> > problems. >> > The isp mail servers also . >> > >> > Adding a small weight can do the job :) >> >> >> --- >> [This E-mail was scanned for viruses by Declude Virus >(http://www.declude.com)] > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.JunkMail". The archives can be found >at http://www.mail-archive.com. > >--- >[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.JunkMail". The archives can be found >at http://www.mail-archive.com. > --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
