> >For the first time in ages, we just got a call from someone > who cannot > >send us email. His emails keep getting rejected by our > IMGate. Did a > >grep for [EMAIL PROTECTED] and found three entries in my log: > >...554 Client host rejected: cannot find your hostname, > >[65.54.247.110]; All 3 ips have no reverse DNS. > > yep, that Class C seems pretty undone: > > # dig -x 65.54.247.110 @dns.cp.msft.net. > > ; <<>> DiG 8.3 <<>> -x @dns.cp.msft.net. > ; (1 server found) > ;; res options: init recurs defnam dnsrch ;; got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4 ;; > flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, > ADDITIONAL: 0 ;; QUERY SECTION: > ;; 110.247.54.65.in-addr.arpa, type = ANY, class = IN > > ;; AUTHORITY SECTION: > 247.54.65.in-addr.arpa. 1D IN SOA dns.cp.msft.net. > msnhst.microsoft.com. ( > 2004041401 ; serial > 30M ; refresh > 15M ; retry > 4W ; expiry > 1H ) ; minimum > > >(I also checked the logs for the past 3 days, and this is the first > >valid hotmail.com user! All the rest were zombies and spam!) > > yep, typical > > >Other than adding the ips to mta_clients_bw.map, what can I > do to let > >valid hotmail servers through? > > that PTR + A check is done in mta_clients_bogus.map. you > could remove hotmail from that file. > > but whitelisting the MS-screwed up Class will probably let a > lot of spam from those IPs in. > > Len
Well, the zombies frequently use our machine name, and a lot of the spam is caught by the reject_rbl_client. The hotmail servers do answer: helo hotmail.com Where is the rdns check done?
