<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.28.3">
</HEAD>
<BODY>
On Tue, 2013-05-21 at 17:44 +1000, Mark Andrews wrote:<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE>
Actually the job into let through legitimate email without letting
through spam. Mis-classification in either direction is bad.
</PRE>
</BLOCKQUOTE>
<BR>
We agree on that, mail administration will forever be fine line balancing act.<BR>
It's also for that very reason I refuse to have anything to do with these "hardware" anti spam devices, the two most common ones (without naming them I'm sure you know who) have both been plagued by misdirected rules on many occasions.<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE>
> quick look at yesterday on just one box
> 5xx Reject unknown client host 45.71%
>
> That's a rather large chunk of trash that amavisd doesn't have to look
> at
Its also potential a large number of potential false positives.
</PRE>
</BLOCKQUOTE>
<BR>
Potential? Yes, but due to number of (or should I say lack there of) complaints, the reality is very different.<BR>
<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE>
> True, so when your configuring postfix, dovecot, apache, whatever,
> configure bind, edit your details in your providers portal if your not
> authoritative, or a home or small business user can ask their ISP to set
> PTR, yes, I know, my bad for suggesting somebody actually do some
> work :)
Which requires ISP's to delegate or support updating PTR records.
Technically that is easy. Getting ISPs to accept that they need
to do it is a different thing. There may not be a ISP in your
area that supports it for residential customers on DSL/Cable or
are you saying that residental customers should be forced back
to dialup modem?
</PRE>
</BLOCKQUOTE>
<BR>
OK, so for residential customers, well, how many mail servers do you want on your home LAN? I dunno bout you, but I only need one (my sec's are off-site of course), so there is only one box with one IP for their MX they need to make sure has complete DNS, so, why does what they have been doing for past twenty years with reverse DNS at home have to change? I have had personal PTR for home IP for over ten years (to be fair, exclude 4 of them, since I was in charge of DNS at an ISP and could add/change it myself) but of the residential DSL SP's I've used I had no trouble getting custom PTR's, I did have to pay one of them a once off small and reasonable fee, and another ISP a recurring small fee, my current ISP cost me nothing more than an Email - So again, why does that need to change, someone has to take the time to change it, or, develop the interface to let the end users change it, be it IPv4, IPv6, and whatever succeeds it.<BR>
<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<PRE>
>
>
> If they have not learnt from IPv4 days, there is little hope now.
With IPv4 you can take all the IPv4 address space delegated to
you, create a PTR for each address and serve it using stock
nameservers. Doing that with IPv6 is impossible.
</PRE>
</BLOCKQUOTE>
That's only because bind's GENERATE option was not changed to work with IPv6, I've to be honest never used anything else, did try DJB abomination at one stage many years back but that didn't last too long I can assure you LOL, but who knows, when IPv6 becomes in serious use, powerdns might make it happen, or your colleagues who I know are not keen on the idea now, may change their mind as well.<BR>
<BR>
At less than 1% global IPv6 utilisation I can understand why no-ones too interested, likely playing the wait and see game.<BR>
<BR>
</BODY>
</HTML>