On Nov 30, 2017, at 09:03 , Steve Atkins <steve@blighty.com> wrote:
On Nov 30, 2017, at 1:22 AM, Bjørn Mork <bjorn@mork.no> wrote:
"John Levine" <johnl@iecc.com> writes:
Broken rDNS is just broken, since there's approximately no reason ever to send from a host that doesn't know its own name.
rDNS is not a host attribute, and will therefore tell you exactly nothing about the host.
It tells you something about the competence of the operator and whether the host is intended by the owners to send email.
Or, for a more empirical way to look at it, there's reasonable correlation between having missing, generic or incorrect reverse DNS and the host being a source of unwanted or malicious email.
I’m not so sure about that. Lots of hosts that send unwanted/malicious email have missing, generic, or obviously incorrect rDNS. Lots of hosts that send unwanted/malicious email have valid non-generic possibly correct rDNS. I don’t accept email from the former, but I still get plenty of SPAM from the latter. Unfortunately, until we get widespread deployment of something better than IP reputation based systems, SPAM continues to be a low-cost to the sender side with a high burden on the delivery side and therefore remains a very profitable industry. DKIM certainly could help (though I’m not convinced it’s a 100% effective solution, nor am I particularly convinced we’ve found any particularly effective solutions as yet. Perhaps this is simply the inherent cost of maintaining an open communications infrastructure with a low barrier to entry and the potential for anonymous communications which I believe has value to society and should be preserved. Perhaps someone smarter than I will some day develop a better solution. Owen