EmailDiscussions.com - View Single Post - Looking for opinions on discarding "spam"

jhollington · 25 Oct 2018, 02:43 AM

To be clear, "noreverse" does not necessarily mean that the sender is deliberately hiding who they really are. In fact, it's often not something the actual sender even has control over, unless they're running their own mail server AND own their own block of IP addresses.

What "noreverse" actually indicates is that the server the message originated from does not have a reverse DNS record — that is to say, a record that maps its IP address back to a valid DNS name. This is a configuration that is normally handled by an ISP or DNS provider, and it's not even something that can simply be turned off to hide one's identity (nor would it really help to do so, since you still have the IP address, which is a far better identifier than a hostname).

That said, in today's internet, almost all IP addresses should have a reverse DNS associated with them — even the IP that your ISP assigned to you will have something that maps back to a DNS name, even if it's something bizarre-looking like "toroon0717w-lp138-06-70-57-8-62.dsl.bell.ca."

Hence, it's probably a safe assumption that anybody without a proper reverse DNS entry has a higher likelihood of being a spammer, but it's by no means a guarantee of that — I would not recommend turning this into an outright "discard" rule, as it is certainly possible for legitimate emails to come from servers that do not have a properly configured DNS record. I've seen this problem from more than a few small businesses who run their own mail servers over the years (although it's almost always the ISPs fault in these cases).

25 Oct 2018, 02:43 AM	#3
jhollington Essential Contributor Join Date: Apr 2008 Posts: 371	To be clear, "noreverse" does not necessarily mean that the sender is deliberately hiding who they really are. In fact, it's often not something the actual sender even has control over, unless they're running their own mail server AND own their own block of IP addresses. What "noreverse" actually indicates is that the server the message originated from does not have a reverse DNS record — that is to say, a record that maps its IP address back to a valid DNS name. This is a configuration that is normally handled by an ISP or DNS provider, and it's not even something that can simply be turned off to hide one's identity (nor would it really help to do so, since you still have the IP address, which is a far better identifier than a hostname). That said, in today's internet, almost all IP addresses should have a reverse DNS associated with them — even the IP that your ISP assigned to you will have something that maps back to a DNS name, even if it's something bizarre-looking like "toroon0717w-lp138-06-70-57-8-62.dsl.bell.ca." Hence, it's probably a safe assumption that anybody without a proper reverse DNS entry has a higher likelihood of being a spammer, but it's by no means a guarantee of that — I would not recommend turning this into an outright "discard" rule, as it is certainly possible for legitimate emails to come from servers that do not have a properly configured DNS record. I've seen this problem from more than a few small businesses who run their own mail servers over the years (although it's almost always the ISPs fault in these cases).