firewall IP as Originating IP for emails

[Steve Buehler]

At 07:26 AM 9/9/2004, you wrote:

>On Thu, Sep 09, 2004 at 04:50:18PM +0630, Mrs. Geeta Thanu wrote:
> > 554 5.7.1 The server sending your mail[210.212.212.2] does not have a
> > reverse DNS entry.connection rejected.Please conatct your network ISP
> > provider.Default reject!
>
>This used to be a common rejection, when each site was assigned its
>own IP address(es).  It then became less common, as assignment of IP
>addresses from ISPs became the norm.  Now, it appears that some sites,
>in a probably misguided attempt to reject spammers, have returned to
>trying to validate IP addresses.  I say misguided since (a) most spam
>is from owned machines, so it won't help, and (b) most admins won't have
>arranged with their ISPs--and many ISPs aren't willing to--provide PTR
>records that reflect the originating domain.

Unless this has changed in the last day or so, since I haven't heard any 
complaints or noticed any rejected mail, the reverse DNS does not have to 
say the domain name that is on that IP.  We have 2 class C's and the 
reverse DNS's all say client.ibapp.com.  I also have a couple of servers at 
my house with just 5 IP's total and I don't have to have SWBell (my DSL 
ISP) setup a reverse DNS that matches the domain names of my machines since 
they already have "adsl-xx-xx-xxx-xxx.dsl.kscymo.swbell.net" (real IP x'd 
out) as the reverse DNS entry and I do not get blocked by anybody.  We 
started this when AOHell started rejecting email because of reverse DNS not 
being setup for the domains on our servers and have not had any problems 
since.  So basically, you just have to have a reverse DNS, it doesn't have 
to be correct for your mail to stop getting rejected.  I know that it 
should be setup correctly with the domain name that is actually doing it, 
but sometimes, for some people, that might not be feasible.

Steve