On Thu, Jan 10, 2013 at 12:58:59PM +1000, Julian DeMarchi wrote:
This is the first RBL I have seen list a /24 for lack of PTRs. Not for sending spam, but just PTRs alone. How do you explain this to your customer?
First, this would be better on mailop. Second, they're running a DNSBL, not *the* RBL. Third, anyone may run any DNSBL with any policy they wish: listing IP addresses whose octets are primes, domains with the letter "j" in their names, etc. Provide they comply with RFC 6471, this isn't a problem. What *might* be a problem is how they're used and by whom, but one of the nice features of DNSLs in operational practice is that those with suboptimal listing policies aren't used much. Fourth, one of the hundreds of DNSBLs may be the least of your problems. For roughly a decade now, it's been a very good idea to refuse/defer all mail traffic from anything which doesn't have matching PTR and A records. (The refuse/defer depends on whether the problem appears to be a permanent misconfiguration or the temporary consequence of a DNS oops.) But again: mailop would be better for this. ---rsk