April 26, 2004

Reverse DNS, or lack thereof

In setting up my mail server, I made the decision to use some fairly strict settings in order to reduce spam. I was aware that there might be some legitimate mails that may not make it through from improperly configured mail servers, and I figured the chances of this would be fairly slim. Last night it looks like I bounced my first legitimate mail.

It doesn't seem to be a problem with this party's mail server, but rather something with their DNS, it isn't providing a reverse lookup for their IP address, so when my mail server sees a message coming from their IP address, it tries to determine the name of their mail server (ex. mail.yourcompany.com), and when no results are returned, the message is rejected.

I know of some companies that have set up restrictions on their mail systems to only accept mail from known hosts (those with reverse lookups) to help block junk mail, who quickly backed away from this, the article linked above specifically mentions that AT&T Worldnet ran this setup for only 24 hours in January 2003 before they had to turn it off because of legitimate mail being bounced.

So, I'm now left with a dilema, so do I disable this setting so this company's mail can finally reach me (I'm getting a bounce each hour right now as they attempt to resend the mail), giving in to the terrorists, er, technological nonconformists, or do I stand my ground against them like Spain, er, AT&T Worldnet didn't? For now, I'm standing my ground.

If someone can give me some legitimate reason why a full time mail server NEEDS to be misconfigured or have improper network settings, I'll be happy to listen, and possibly revise my opinion. At this time, I haven't seen any legitimate cases for this, all I've found so far is various companies and mail admins who have tried to enforce standards and given in because of others who continue to run out of date or sloppily written software. Granted, those that gave in seem to have done so because of complaints from paying customers (I suppose I'd be mad at my mail provider if they were blocking legitimate mail) or from employees who were unable to conduct business, but it seems that a line in the sand must be drawn, so for now, consider the line drawn.

Posted by Jim at April 26, 2004 9:00 AM | TrackBack