On 10/10/13 1:09 AM, "Barry Shein" <[email protected]> wrote:
> >On October 9, 2013 at 20:18 [email protected] (Chris Adams) wrote: > > Once upon a time, Barry Shein <[email protected]> said: > > > It's very useful for blocking spammers and other miscreants -- no > > > reason at all to accept SMTP connections from troublesome > > > *.rev.domain.net at all, no matter what the preceding NNN-NNN-NNN-NNN > > > is. > > > > If you are going to block like that, just block anybody without valid > > reverse DNS. If you don't trust provider foo.net to police their >users, > > why trust them to put valid and consistent xx-xx-xx-xx.dyn.foo.net > > reverse? > >Because they do, they just do. This isn't a math proof, it's mostly >social engineering. The providers aren't trying to fool anyone, in >general, it's just that clients and websites get botted. Except the point of this thread is that they don't. Is it easier to block inbound mail from hosts with certain high-level domain names in their PTRs than to block ranges of IP(v6) addresses? Easier for whom? Lee
