[AusNOG] [SHAME] spamrats.com

Scott Howard scott at doc.net.au
Fri Jan 11 09:47:05 EST 2013


On Thu, Jan 10, 2013 at 2:55 AM, Anand Kumria <akumria at acm.org> wrote:

> And, frankly, _depending_ upon PTR records in 2013 is just plain daft.
>

% host -t mx gmail.com
>

You're confusing inbound and outbound.  PTR records aren't relevant for
inbound, just outbound. Google's outbound mail servers have PTR records,
and matching forward records (not to mention, SPF, DKIM and DMARC records)

I realise that this doesn't help the OP but I just wanted to ensure
> that people know that PTR records are a defining anti-spam mechanism
> are very outdated.
>

I was trying to come up with a nice way to say it without using the word
"wrong", but I failed, so..

Sorry, you're wrong.

PTR records are used very heavily in anti-spam, and have a *very* good hit
rate.  PTR records are used by various anti-spam products in at least 4
ways (in order of frequently of use) :
* As a component of RBL/reputation systems. Most (all?) of the major
reputation systems are going to penalize you if you don't have a PTR
record.  Many will penalize you in different ways depending on what's in
the PTR (eg, if you've got ".dynamic." in the name)
* Some systems will reject messages from host with any PTR records.
* Some systems will reject messages here the forward and reverse DNS don't
match.  These are less common, but still exist.
* Some systems will reject messages when the forward/reverse DNS doesn't
match the HELO hostname. This one is fairly common now days (thankfully).

Even when systems don't reject based on the PTR records, they will often
include it in scoring.

In a perfect world, PTR records wouldn't be used in email - but whilstever
we've got spam, they will be...

  Scott
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130110/a4373593/attachment.html>


More information about the AusNOG mailing list