spamassassin-users October 2010 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: Full circle DNS test?

Re: Full circle DNS test?

From: Joseph Brennan <brennan_at_nospam>
Date: Sun Oct 31 2010 - 14:21:28 GMT
To: users@spamassassin.apache.org

Darxus@ChaosReigns.com wrote:

> I see there's a RDNS_NONE rule for when the sending IP address has no DNS
> PTR (reverse DNS) record. But no rule for when that PTR record doesn't
> have a matching A (forward DNS) record that matches the sending IP?

> Is this something that would be accepted into spamassassin if I created a
> module? Or a feature that would be added if I didn't do it?

There are legit mail servers with bad DNS. Not the big ISPs or hosting
companies, but small businesses and nonprofits sometimes get this wrong,
and in a few countries nonmatching records seem to be routine. We've
considered blocking for it, but we'd end up doing a lot of whitelisting
and interfering with mail that our users want.

It's worth scoring for, and RDNS_NONE already matches this case.

Joseph Brennan
Lead Email Systems Engineer
Columbia University Information Technology