> How many block connections with no reverse DNS?
I do for all sites I run.
> How much collateral damage is there with doing that?
It got me the usual offences, but apart from that, no damage really.
That may be due to running a large site; a smaller site might have to use
exception lists. By now, the number of weekly complaints decreases some.
I guess people slowly accept the fact that they need a consistent reverse
record to transfer mail to us.
You will learn a lot about how to screw up DNS. Wrong glue records,
lame delegations, inconsistent A records for nameservers, you name it.
Usually the remote admin complaining is not capable of debugging it.
> How do you set it up in Exim?
defer message = DNS reverse entry lookup failed for $sender_host_address
condition = ${if eq{$host_lookup_deferred}{1} {1}{0}}
deny message = inconsistent or no DNS reverse entry for
$sender_host_address
condition = ${if eq{$host_lookup_failed}{1} {1}{0}}
I can not recommend to defer on the second condition. Many admins have no
clue what a mail queue is, and will accuse you of blackholing their mail.
"I sent it and it did not bounce, but did not arrive either!" Usually
followed by some threat of a law suit. I could care less, but the amount
of automatic retries slowly builds up and ruins the gain.
All in all, it is absolutely worth the hassle. For me, it catches
1/3 up to 1/2 of all spam at minimal cost.
Michael
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
