A. Clausen wrote:
Having been subjected to weeks of non-stop dictionary attacks, I've now been working on something of a solution by scanning the IMail log file for rejections and attempting to determine which IPs are nailing us. Part of this is doing some DNS lookups, if the overhead isn't too terrible. I know right off the bat that I won't accept inbound connections from any server without a reverse entry, but was wondering whether it is safe to block hosts that do not have MX records?
I have mixed feelings about not accepting e-mail from machines with no reverse DNS. Personally, I think that any host that has a legitimate reason to connect to other mail servers should have reverse DNS properly configured; it's simply good management. The reality is that many mail servers don't have reverse DNS. Some admins do this on purpose, thinking (incorrectly, IMHO) that this shields them from view from the Internet at large, In any event, you will likely block much legitimate mail if you block based on not having reverse DNS.
It is very unsafe to block hosts that do not have MX records -- many sites have different inbound and outbound SMTP servers.
-- ------------------------------------------------------------------- "Pinky, are you pondering what I'm pondering?" "I think so, Brain, but really, me and Pippi Longstockings? I mean, what would the children look like?" ------------------------------------------------------------------- Bud Durland, CNE Mold-Rite Plastics Network Administrator http://www.mrpcap.com -------------------------------------------------------------------
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
