[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: The anti-abuse rDNS check that FTP gave up
> On Fri, 23 Sep 2011 20:50:27 +0200, Alessandro Vesely said:
> > Most SMTP servers duly lookup the client's IP and annotate the
> > resulting name as comment in Received fields. However, I don't recall
> > denying SMTP access based on the "iprev" test (as RFC 5451 named it.)
> > Was it ever à la mode to do so?
> At one time, the net was still small enough that it was a safe assumption that
> if you got mail from an IP address that didn't have a valid rDNS, it was (a) a
> rare event because (b) a missing rDNS meant the provider was asleep at the
> Now-a-days, most providers have automatic provisioning systems that assign
> rDNS for customer addresses, so most of Vint Cerf's famous 140 million
> compromised machines have an rDNS entry, which means it's not that
> effective anymore.
> (What *is* used a lot today is 'rDNS looks like a customer cablemodem/adsl
True statement on both accounts. I'd add to it, that invalid rDNS is still a viable anti-abuse mechanism. There are plenty of compromised machine operators that are "asleep at the wheel." Checking rDNS scrapes off that chaff.