[Discuss] PTR records for email
Tom Metro
tmetro+blu at gmail.com
Mon Jun 10 02:58:35 EDT 2013
Bill Horne wrote:
> I have a question about PTR records: can anyone confirm or deny that
> some ISP's are refusing mail from any domain without a PTR?
Yes, no PTR record at all will lead to many receivers classifying your
mail as spam.
See:
https://en.wikipedia.org/wiki/Anti-spam_techniques_%28e-mail%29#PTR.2Freverse_DNS_checks
Most email mail transfer agents (mail servers) use a forward-confirmed
reverse DNS (FCrDNS) verification and if there is a valid domain name,
put it into the "Received:" trace header field.
But it is rare for a legit IP not to have any PTR.
The article also says:
Some email mail transfer agents will perform FCrDNS verification on
the domain name given in the SMTP HELO and EHLO commands.
I have only seen one case of this that I am aware of. It wasn't an ISP.
It was Craigslist. I mentioned it in this posting:
http://www.bblisa.org/pipermail/bblisa/2013-May/003527.html
My understanding is that best practices for spam filtering say you
should *not* filter on an expectation of the PTR record matching the
EHLO host.
See also:
https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
There are various reasons why it may be impossible, impractical or not
desirable to set up forward confirmed reverse DNS in the correct
domain...It is therefore not recommended to take a failed verification
as proof of anything. It is however a mandatory internet requirement,
according to RFCs that each and every host has a valid reverse lookup.
...there are systems that take having no reverse DNS, a failed
verification, reverse DNS in an other domain or something that looks
like the reverse of a dynamic IP address into account because they see
a correlation between that and spam, but correlation does not imply
causation...
Most of the article deals with lookups performed solely on the client's
IP and information retrieved from DNS. In a bullet list at the end they
repeat the comment about EHLO checks from the previous article, and add
a note about how such checks are contrary to an RFC:
Some e-mail mail transfer agents will perform FCrDNS verification on
the domain name given on the SMTP HELO and EHLO commands. This can
violate RFC 2821 and so e-mail is usually not rejected by default.
If you have an ISP that refuses to give you a custom PTR record, you can
work around that for a price. VPN services, like PRQ:
http://www.prq.se/?p=tunnel&intl=1
can get you a static IP and custom PTR starting at $13/month. (Though
you can likely get a mail relay service for less.)
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list