firewall IP as Originating IP for emails
Steve Buehler
steve at ibapp.com
Thu Sep 9 13:09:14 UTC 2004
At 07:26 AM 9/9/2004, you wrote:
>On Thu, Sep 09, 2004 at 04:50:18PM +0630, Mrs. Geeta Thanu wrote:
> > 554 5.7.1 The server sending your mail[210.212.212.2] does not have a
> > reverse DNS entry.connection rejected.Please conatct your network ISP
> > provider.Default reject!
>
>This used to be a common rejection, when each site was assigned its
>own IP address(es). It then became less common, as assignment of IP
>addresses from ISPs became the norm. Now, it appears that some sites,
>in a probably misguided attempt to reject spammers, have returned to
>trying to validate IP addresses. I say misguided since (a) most spam
>is from owned machines, so it won't help, and (b) most admins won't have
>arranged with their ISPs--and many ISPs aren't willing to--provide PTR
>records that reflect the originating domain.
Unless this has changed in the last day or so, since I haven't heard any
complaints or noticed any rejected mail, the reverse DNS does not have to
say the domain name that is on that IP. We have 2 class C's and the
reverse DNS's all say client.ibapp.com. I also have a couple of servers at
my house with just 5 IP's total and I don't have to have SWBell (my DSL
ISP) setup a reverse DNS that matches the domain names of my machines since
they already have "adsl-xx-xx-xxx-xxx.dsl.kscymo.swbell.net" (real IP x'd
out) as the reverse DNS entry and I do not get blocked by anybody. We
started this when AOHell started rejecting email because of reverse DNS not
being setup for the domains on our servers and have not had any problems
since. So basically, you just have to have a reverse DNS, it doesn't have
to be correct for your mail to stop getting rejected. I know that it
should be setup correctly with the domain name that is actually doing it,
but sometimes, for some people, that might not be feasible.
Steve
More information about the redhat-list
mailing list