[Asterisk-Users] ATTN: Keith - Seriously OT

Terry H. Gilsenan thg at interoil.com
Sun Jun 12 18:48:49 MST 2005 

 

> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com 
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of 
> Mark Musone
> Sent: Monday, 13 June 2005 5:40 AM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [Asterisk-Users] ATTN: Keith - Seriously OT
> 
> it is NOT required that reverse DNS is setup. get your facts straight.

Please!

Any mailserver admin can configure the rules on their mainserver however
they choose. They and they alone can set the acceptable rejection rate. They
can choose to block connectivity for all IP addresses that have an odd
number as the last octet, or all domains that are in the .biz TLD <shrug>

In short, their server == their rules.

I know for a fact that _my_ servers are subject to _my_ rules! And rDNS,
forged HELO, Dynamic IP, DNSbl, RHSbl, Header check, Body checks,
greylisting, and several other rules are employed in a draconian way,
perhaps you don't think this is required, but I have found these rules to
make a positive impact on the amount of spam and worm-spoor rec'd by my
users.

So...

Lets move along, this is now so far of topic that it should almost[1] be
taken to NANAE

T

[1] "Almost", because I am not sure that anyone should be subjected to the
flamefest and unbridled invective that flow freely in that froup.


> 
> 
> On 6/10/05, Neal Walton <asterisk at letourneau-ss.com> wrote:
> > 
> > 
> > On Friday, June 10, 2005 3:16 AM, Andrew Kohlsmith 
> > [SMTP:akohlsmith-asterisk at benshaw.com] wrote:
> > > On Friday 10 June 2005 04:08, Terry H. Gilsenan wrote:
> > > > Received: from source ([81.56.129.44]) by exprod5mx8.postini.com
> > > >  ([64.18.4.10]) with SMTP; Fri, 10 Jun 2005 00:29:16 PDT
> > > >
> > > > Your MTA claimed it was called "SOURCE" but rDNS tells the 
> > > > recipient MX that it is called: "mail.linuxautrement.com"
> > >
> > > I too will block emails with a non-FQDN HELO or EHLO.  I feel, 
> > > however,
> > that
> > > reverse should not have to match forward lookups for mail 
> exchangers.
> >  It's
> > > an assinine requirement (my box does web, mail, dns and a host of 
> > > other services, why should I need it to be called 'mail' for both 
> > > forward and reverse lookups just to get mail flowing?  Assinine.
> > >
> > > -A.
> > 
> > 
> > Your server does not have to be called 'mail' for DNS and 
> rDNS to work 
> > properly for mail delivery.  All that is required is that a reverse 
> > lookup returns whatever the actual name of the server is and the 
> > server needs to use that same name when it issues HELO.  My 
> server at home is called 'fs-1'
> > and the one at work is 'troutdale'.  Both systems work 
> properly just 
> > because I set up the DNS and rDNS records to match the names of the 
> > servers.  There are a lot of broken rDNS records on the 
> internet, and 
> > that's not likely to change anytime soon.  I only have control of a 
> > very tiny portion of DNS and rDNS space, but I still feel 
> obligated to 
> > make my part work properly.  It's what makes the internet 
> work.  Would 
> > you feel OK driving around in your car, knowing that some large 
> > percentage of the street signs were not correct?
> >

More information about the asterisk-users mailing list