Hi Simon,
On Sun, 2022-09-04 at 21:22 +0100, Simon Hobson wrote:
> declassed art via Dng <dng@lists.dyne.org> wrote:
>
> > I do have an unconfigured PTR for a couple of reasons, one
> > of those is lack of static IP for now.
>
> I figured out quite quickly that checking reverse DNS is a waste of
> time - too many systems, even those run by professional
> network/server engineers, are just badly configured.
>
My experience (running a small family mail server on the premises, but
of course with a fixed IP - I'm with Zen in the UK) is the opposite of
this.
I configure strict postfix rules that incoming mail should have a
reverse DNS.
Here's my recent traffic:
3490 received
3444 delivered
43 forwarded
1 deferred (1 deferrals)
0 bounced
1799 rejected (34%)
Of those rejected:
974 Cannot find your reverse hostname
283 Helo command rejected: Host not found
251 Cannot find your hostname
23 Helo command rejected: need fully-qualified hostname
16 Recipient address rejected: User unknown
Message that pass my postfix filters are then scored by my spamfilter
rspamd:
222 Rejected by rspamd (mix of 4.7.1 try again later or 5.7.1 spam
message rejected). In practice most greylisted 'try again laters' that
do try again then end up in the users spam folders for them to evaluate
and if necessary recategorise.
So checking for a valid reverse DNS is my most effective filter.
Only very rarely is it rejecting mail from anyone I'm expecting mail
from: by inspection they are all obvious spam addresses and of course
if they have a genuine reason to email me they are getting the message
that their mail isn't getting through because they have no reverse DNS.
--
Marjorie
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
