[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The anti-abuse rDNS check that FTP gave up

On Fri, 23 Sep 2011 20:50:27 +0200, Alessandro Vesely said:

> Most SMTP servers duly lookup the client's IP and annotate the
> resulting name as comment in Received fields.  However, I don't recall
> denying SMTP access based on the "iprev" test (as RFC 5451 named it.)
>  Was it ever  la mode to do so?

At one time, the net was still small enough that it was a safe assumption that
if you got mail from an IP address that didn't have a valid rDNS, it was (a) a rare
event because (b) a missing rDNS meant the provider was asleep at the wheel.

Now-a-days, most providers have automatic provisioning systems that assign rDNS
for customer addresses, so most of Vint Cerf's famous 140 million compromised
machines have an rDNS entry, which means it's not that effective anymore.

(What *is* used a lot today is 'rDNS looks like a customer cablemodem/adsl connection')

Attachment: pgp45U4l89ni1.pgp
Description: PGP signature