[PLUG] Mail Administration Question
John Meissen
john at meissen.org
Mon Apr 6 16:32:57 UTC 2015
rshepard at appl-ecosys.com said:
> Much spam passing current postfix UCE filters and landing in the INBOX are
> from IP addresses that do not resolve to a domain name. The headers include a
> 'Received: from <some_domain_name> (unknown [nnn.ooo.ppp.qqq])'.
> Is the unknown IP address a reliable indicator of spam? A Web search did
> not answer this question. One hit, to an Apple mail forum, suggested that it
> can be the result of some (many?) Mac admins not correctly configuring their
> DNS servers.
In my personal opinion, yes. 90% of the spam I reject is based on no reverse-DNS
being available. My assumption is that any legitimate server will have properly
configured reverse-DNS configured.
In my case I only care about the fact that that it resolves, not what it
resolves to. And you should have a way to whitelist senders/addresses/etc.,
since there will always be the occasional clueless site that you probably care
about.
john-
More information about the PLUG
mailing list