On 10/10/13 1:09 AM, "Barry Shein" <bzs@world.std.com> wrote:
On October 9, 2013 at 20:18 cma@cmadams.net (Chris Adams) wrote:
Once upon a time, Barry Shein <bzs@world.std.com> said:
It's very useful for blocking spammers and other miscreants -- no reason at all to accept SMTP connections from troublesome *.rev.domain.net at all, no matter what the preceding NNN-NNN-NNN-NNN is.
If you are going to block like that, just block anybody without valid reverse DNS. If you don't trust provider foo.net to police their users, why trust them to put valid and consistent xx-xx-xx-xx.dyn.foo.net reverse?
Because they do, they just do. This isn't a math proof, it's mostly social engineering. The providers aren't trying to fool anyone, in general, it's just that clients and websites get botted.
Except the point of this thread is that they don't. Is it easier to block inbound mail from hosts with certain high-level domain names in their PTRs than to block ranges of IP(v6) addresses? Easier for whom? Lee