From owner-freebsd-questions@FreeBSD.ORG Fri Oct 12 16:39:12 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4E4E616A421 for ; Fri, 12 Oct 2007 16:39:12 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id B00E513C47E for ; Fri, 12 Oct 2007 16:39:11 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) by smtp.infracaninophile.co.uk (8.14.1/8.14.1) with ESMTP id l9CGd1JB027340; Fri, 12 Oct 2007 17:39:03 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Message-ID: <470FA325.2030504@infracaninophile.co.uk> Date: Fri, 12 Oct 2007 17:39:01 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.6 (X11/20070803) MIME-Version: 1.0 To: Robin Becker References: <470F62F3.9040309@chamonix.reportlab.co.uk> <64D5573F-7C7F-404D-8928-E015D595A54C@goldmark.org> <470F874A.4080305@chamonix.reportlab.co.uk> In-Reply-To: <470F874A.4080305@chamonix.reportlab.co.uk> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (smtp.infracaninophile.co.uk [IPv6:::1]); Fri, 12 Oct 2007 17:39:03 +0100 (BST) X-Virus-Scanned: ClamAV 0.91.2/4533/Fri Oct 12 11:59:29 2007 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,NO_RELAYS autolearn=ham version=3.2.3 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on happy-idiot-talk.infracaninophile.co.uk Cc: FreeBSD_Questions FreeBSD_Questions , Jeffrey Goldberg Subject: Re: genuine bulk email X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Oct 2007 16:39:12 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Robin Becker wrote: > these all sound very reasonable. However, we use the same IP for several > virtual hosts ie we have more than one domain name so the reverse DNS is > not clear to me. Is the from address inspected for comparison with the > RDNS ie if I claim to be sending from xxx.com should my RDNS point back > to xxx.com? Presumably I can have only one IP-->domain ptr. I suspect it > will be easier to set up the front end machine as that is supposed to be > for the same client. Supporting several e-mail domains on one server is not a problem. There is no general requirement that the mail server for a domain 'foo.com' have an address within foo.com --- you can quite freely have your e-mail handled by a third party. The important things to make sure of are: * Your mail server HELOs with a valid domain name, and that domain name should correspond to the IP that the mail server connects as, both forwards and backwards. Note: 'connects as' -- if your mail server is behind a NAT gateway, you will have to take that into account in your configuration. * Don't use the sort of domain name that is a thinly disguised IP number: eg: host12-34-56-78.provider.net -- this sort of hostname is a pretty good diagnostic for a spam source and some mail admins will go as far as immediately rejecting messages from such addresses. * Don't use addresses from dynamic IP number pools used for residential ADSL services. These overlaps a great deal with the above, and are frequently rejected for much the same sort of reasons. (There are entire RBL lists dedicated to enumerating such residential IP address blocks). * Do use static IP numbers from ranges specifically allocated to you. * Do make sure that you provide appropriate SPF records with include the name / IP your mail server HELOs as. Or if you aren't a believer in SPF, then either use a neutral entry like "v:spf1 ~all" or no entry at all. * Make sure that abuse@you.dom.ain, postmaster@you.dom.ain and possibly a few other common addresses are accepted by your domain, the messages are read and acted upon promptly. You should exempt these addresses as far as possible from all forms of anti-spam filtering. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHD6Ml8Mjk52CukIwRCAPoAJ9vZHSKOJXkQDQu+DXCAZPXeyXG2ACdGrJo 0Rl46a+eYzlYjy6IHR26Us0= =tpFm -----END PGP SIGNATURE-----