Yes, but since I run my own name servers, I could easily setup the IP address of my mail server to respond to a reverse query with one of the domains listed in his whitelist. Granted, RDNS is more difficult to forge then say HELO or MAILFROM, but is still fairly trivial if you run your own name servers.
Not only do you need your own nameservers, but you also need your upstream to delegate authority for the reverse DNS entries to you. So any open relays or open proxies will not have forged reverse DNS. Then, there are the potential legal consequences of a spammer using a reverse DNS entry like "mail.paypal.com" -- they could very likely get sued for trademark infringement, false advertising, etc. And a spammer with the ability to change their own reverse DNS entries would be much easier to track down than a typical spammer.
So it definitely is possible, but unlikely. I'm sure that if a spammer *does* change their reverse DNS entry to something that may commonly be whitelisted, it would be detected quite quickly ("Gee, why did this spam get through -- ah, it was whitelisted, I wonder why? -- oh, the reverse DNS entry is mail.paypal.com").
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask about our free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
