Craiglist recently started rejecting my mail for what I presume to be a
spam control technique.

Client host rejected: Please use SMTP relay of your ISP or setup
non-generic DNS.

What on earth is "generic dns" and why does it matter to mail exchangers?

Thanks,
Jason

On 04/30/07 00:09, Jason C. Wells wrote:
> What on earth is "generic dns" and why does it matter to mail exchangers?

"Generic DSN" in the context is going to be a PTR resource record that
will resolve to something that appears to be an IP address in one form
or another.

For example, the reverse DNS PTR record for your mail server is
"dsl081-163-122.sea1.dsl.speakeasy.net.". See how there are three of
the four octets of your mail server's IP (64.81.163.122) are included in
that record? Also see how that record does nothing to reflect your
system, but rather is extremely non descript? This is what is
considered a "Generic DNS" record.

More and more mail servers are starting to reject messages from servers
that have generic reverse DNS records for many reasons. (No offense
intended!) Any self respecting mail server should have both forward and
reverse DNS records set up that reflect each other (or as I say "round
resolve"). I.e.

example.net has an MX record of mx.example.net
mx.example.net has an A record of 192.0.2.123.
192.0.2.123 has a pointer record of mx.example.net



Grant. . . .

Grant Taylor wrote:

> More and more mail servers are starting to reject messages from servers
> that have generic reverse DNS records for many reasons. (No offense
> intended!) Any self respecting mail server should have both forward and
> reverse DNS records set up that reflect each other (or as I say "round
> resolve").

But my server doesn't respect itself. I'm just some joe running my own
mail server. I guess I'll have to ask speakeasy to delegate the PTR stuff.

Thanks for the explanation.

Later,
Jason

On 04/30/07 01:09, Jason C. Wells wrote:
> But my server doesn't respect itself.

Hugh???

> I'm just some joe running my own mail server.

That does not mean that your own server is not capable of respecting its
self.

> I guess I'll have to ask speakeasy to delegate the PTR stuff.

Don't ask for delegation, as in "RFC-2317: Classless IN-ADDR.ARPA
delegation". You can thank SORBS for that one. SORBS is one of many
black lists and / or servers that look for a PTR record in reverse DNS,
not a CNAME. So, even if you are using RFC 2317 Classless in-addr.arpa
delegation to set manage your own reverse DNS, there are people out
there that will not see it b/c they are too closed minded. Believe me,
I got bit hard by this one. (That was 72 hours of my life I will never
get back.)

> Thanks for the explanation.

You are welcome.



Grant. . . .

P.S. Good luck with Speakeasy. Some providers, notably Sprint, will not
/ can not set up non-generic reverse DNS.

In article <x9ednXJJZKid56jbnZ2dnUVZ_hynnZ2d@speakeasy.net> ,
"Jason C. Wells" <jcw@highperformance.net> wrote:

> Craiglist recently started rejecting my mail for what I presume to be a
> spam control technique.
>
> Client host rejected: Please use SMTP relay of your ISP or setup
> non-generic DNS.
>
> What on earth is "generic dns" and why does it matter to mail exchangers?

"Generic DNS" refers to the way many ISP's generate reverse DNS names
(i.e. PTR record) for customer IP's based on the IP address. Any
provider that offers static IP addresses or ranges of them should also
be offering the ability to set the reverse DNS for those addresses or
(better) delegation of the reverse DNS so that the customer has full
control.

The reason generic DNS is suspect is that essentially all SMTP sessions
coming from machines with such names (99%+ on every mail system I work
with) is spam coming from some trojan running on a zombie PC. The
rationale for rejecting the fractional percent along with asll the
garbage is that if someone doesn't care or know enough to set up
meaningful DNS for their mail system, rejecting that mail is not likely
to be much of a loss.

--
Now where did I hide that website...

In article
<mailman.616.1177914072.28999.comp.mail.sendmail@m aillists.riverviewtech
..net>,
Grant Taylor <gtaylor@riverviewtech.net> wrote:

> On 04/30/07 01:09, Jason C. Wells wrote:
> > But my server doesn't respect itself.
>
> Hugh???
>
> > I'm just some joe running my own mail server.
>
> That does not mean that your own server is not capable of respecting its
> self.

You seem to have a far cooler computer than anything I'm aware of...


> > I guess I'll have to ask speakeasy to delegate the PTR stuff.
>
> Don't ask for delegation, as in "RFC-2317: Classless IN-ADDR.ARPA
> delegation". You can thank SORBS for that one. SORBS is one of many
> black lists and / or servers that look for a PTR record in reverse DNS,
> not a CNAME. So, even if you are using RFC 2317 Classless in-addr.arpa
> delegation to set manage your own reverse DNS, there are people out
> there that will not see it b/c they are too closed minded. Believe me,
> I got bit hard by this one. (That was 72 hours of my life I will never
> get back.)

Those folks really aren't the sort you want to talk to anyway.

--
Now where did I hide that website...

Grant Taylor wrote:
> On 04/30/07 00:09, Jason C. Wells wrote:
....
> For example, the reverse DNS PTR record for your mail server is
> "dsl081-163-122.sea1.dsl.speakeasy.net.". See how there are three of
> the four octets of your mail server's IP (64.81.163.122) are included in
> that record? Also see how that record does nothing to reflect your
> system, but rather is extremely non descript? This is what is
> considered a "Generic DNS" record.

I'm not using a "Generic DNS" name, but still got rejected. I asked
them (a pretty big ISP) and received an email saying that my emails were
rejected because my host name include the string "adsl" (probably a
simple 'grep "adsl"'). I think both spam and spam control are going out
out of control these days.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 2 May 2007, Chu Bun wrote:

> Grant Taylor wrote:
>> On 04/30/07 00:09, Jason C. Wells wrote:
> ...
>> For example, the reverse DNS PTR record for your mail server is
>> "dsl081-163-122.sea1.dsl.speakeasy.net.". See how there are three of
>> the four octets of your mail server's IP (64.81.163.122) are included in
>> that record? Also see how that record does nothing to reflect your
>> system, but rather is extremely non descript? This is what is
>> considered a "Generic DNS" record.
>
> I'm not using a "Generic DNS" name, but still got rejected. I asked
> them (a pretty big ISP) and received an email saying that my emails were
> rejected because my host name include the string "adsl" (probably a
> simple 'grep "adsl"'). I think both spam and spam control are going out
> out of control these days.
>

Thats correct AOL like many ISP's around the world have been doing
dynamic/home user blocking for sometime, once we enabled it, our
connections per day reduced by 2 million, thats 2 million message per day
our anti spam/anti virus system had to contend with.

The only way you can get around this, if your ISP is unwilling to give you
a PTR to match your legal domain, is to configure your ISP as smart host
in sendmail.mc :
define(`SMART_HOST',`yourisp.smtp.servers.name')dn l
rehash, restart sendmail and yor problem should be removed.


- --

Cheers
Res

Vote for your favourite MTA at http://polls.ausics.net/v3.php
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGOW7SsWhAmSIQh7MRAhFYAJ9RMHERpJIlaSy3OEPDzu QK/TGacwCgoaOV
VuGNtzHukZBqTZhqW8XCcPQ=
=fqJu
-----END PGP SIGNATURE-----