spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henrik K <h...@hege.li>
Subject Re: google netblocks records etc
Date Tue, 03 Jun 2008 13:15:25 GMT
On Tue, Jun 03, 2008 at 01:08:07PM +0000, D Hill wrote:
> On Tue, 3 Jun 2008 at 15:42 +0300, hege@hege.li confabulated:
>
>> On Tue, Jun 03, 2008 at 02:02:29PM +0200, Benny Pedersen wrote:
>>>
>>>> http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS
>>>
>>> i know this fact, but OP question only based on reverse :/
>>
>> One should always assume "reverse" means _confirmed_ reverse. I don't know
>> why anyone would assume otherwise by default. :) Especially if we are
>> talking about serious software like postfix etc.
>
> In Postfix:
>
>   reject_unknown_reverse_client_hostname
>     Reject the request when the client IP address has no address->name
>     mapping.
>
>   reject_unknown_client_hostname
>     Reject the request when 1) the client IP address->name mapping fails,
>     2) the name->address mapping fails, or 3) the name->address mapping
>     does not match the client IP address.
>
> reject_unknown_client_hostname would be what you are calling confirmed  
> reverse. If I were to use that, support would start getting phone calls  
> and customers would start getting upset.

You are talking about rejecting clients with bad DNS. Not only it's
guaranteed to reject legimate mail in both cases, but it's not even in scope
of this thread. We are talking about identifying mail coming from google.


Mime
View raw message