A way to do a reverse DNS test a to SPAM scoring?

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
accordnh
New user
New user
Posts: 3
Joined: 2013-02-21 21:35
Location: NH, USA

A way to do a reverse DNS test a to SPAM scoring?

Post by accordnh » 2013-02-24 22:50

Does anyone know if there is a way to test for reverse DNS (rDNS) in hMailServer?

Perhaps someone has a script or a hint on how to go about it? All it would really have to do is some kind of nslookup [ip address] and return a result if none found.

I have found the a reverse DNS check is a great way to reduce SPAM. Most times when reverse DNS lookup has no entry it is a Spammer. It would be great to add a failed rDNS result to my SPAM scoring.

Thanks in advance for any tips.

Dan

User avatar
dzekas
Senior user
Senior user
Posts: 2486
Joined: 2005-10-13 21:28
Location: Lithuania

Re: A way to do a reverse DNS test a to SPAM scoring?

Post by dzekas » 2013-02-25 00:27


Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: A way to do a reverse DNS test a to SPAM scoring?

Post by Bill48105 » 2013-02-25 02:50

Not exactly but closest is:
Check host in the HELO command
Turn on this option if you want hMailServer to check the host name that clients has specified in the HELO command. According to the SMTP specification, the host given in the HELO command should match the IP of the client. Enabling this may stop spam, but is also a violation of the SMTP RFC - if you have configured your server to delete spam messages. If you have configured your server to deliver spam messages but modifying the Subject header, it is not a violation of the SMTP RFC. Technically, hMailServer checks the A record for the given host to see if it matches the IP address of the connecting client.
http://www.hmailserver.com/documentatio ... e_antispam

You could use ASSP in front of hmailserver & have TONS of options. Doing it in scripting is technically possible except dns lookups are not exactly easy in vbscript. Calling nslookup is ugly kludge so you'd want to find a dns class/library to get started really.
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

accordnh
New user
New user
Posts: 3
Joined: 2013-02-21 21:35
Location: NH, USA

Re: A way to do a reverse DNS test a to SPAM scoring?

Post by accordnh » 2013-02-25 23:09

Thanks for the replies guys. I’m aware of the SpamAssassin Rule: RDNS_NONE. Unfortunately the 3.2.3 version of SpamAssassin I’m using does not report RDNS_NONE very accurately with hMailServer 5.4 – 1946. Too many false positives when there really is a rDNS record. I’m not sure if SpamAssassin not pulling the correct IP out of the hMailServer email header or if it is me.

Maybe I will take an attempt at writing a script for this and if successful I will share it on this forum.

Dan

Bill48105
Developer
Developer
Posts: 6192
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: A way to do a reverse DNS test a to SPAM scoring?

Post by Bill48105 » 2013-02-26 01:51

There is a fix in place for 5.4 regarding SA headers. Not sure if 1946 has it but it's in my experimental builds since Feb 16, 2012.. The change HAS been committed to the official source as of Feb 12, 2013 so I'd imagine next beta (or fingers crossed FINAL finally) will have it.
2012-02-16
* FIX: rolaids0 updates to how hmail formats headers to fix SA "RDNS_NONE Delivered to internal network by a host with no rDNS" issues & perhaps others. Before: HELO ([ip]) After: HELO (PTR [ip]) Example Received: from bay0-omc2-s11.bay0.hotmail.com ([65.54.190.86]) becomes Received: from bay0-omc2-s11.bay0.hotmail.com (bay0-omc2-s11.bay0.hotmail.com [65.54.190.86]) (I realize it looks redundant but normally they SHOULD match but having both values allows SA to do tests properly.
http://www.hmailserver.com/forum/viewto ... 10&t=21420
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

Post Reply