1
Reverse DNS spam check never failing
Problem reported by Antony - March 24, 2014 at 8:59 AM
Submitted
Running Smartermail Enterprise 12.0.5178 on Windows 2008 32bit
 
We have the ReverseDNS spam check set up to return a score of 10 if it fails.  However, it doesn't appear to be ever failing.
 
As an example see the following (truncated) headers from an email:
Return-Path: <xxxx@xxxx.eu>
Received: from 00148bbc.xxxxx.eu (UnknownHost [nnn.nnn.nnn.nnn]) by smartermail with SMTP;
   Sat, 22 Mar 2014 01:03:04 +0000
Received: by 00148bbc.hefty1b.xxxx.eu
    (amavisd-new, port 7243) with ESMTP id 00X148BOBC;
    for <abc@example.com>; Fri, 21 Mar 2014 18:02:34 -0700
...
X-SmarterMail-Spam: SPF_Pass, Bayesian Filtering, DK_None, DKIM_None
X-SmarterMail-TotalSpamWeight: 3
 
From the logs:
Spam check results: [_SPF: Pass], [BARRACUDA - BRBL: passed], [CBL - ABUSE SEAT - DO NOT CHECK OUTGOING: passed], [HOSTKARMA - BLACKLIST: passed], [HOSTKARMA - BROWNLIST: passed], [HOSTKARMA - YELLOWLIST: passed], [SORBS - ABUSE: passed], [SORBS - DYNAMIC IP: passed], [SORBS - PROXY: passed], [SORBS - SMTP: passed], [SORBS - SOCKS: passed], [SPAMHAUS - CBL: passed], [SPAMHAUS - CSS: passed], [SPAMHAUS - PBL: passed], [SPAMHAUS - PBL2: passed], [SPAMHAUS - SBL: passed], [UCEPROTECT LEVEL 1: passed], [UCEPROTECT LEVEL 2: passed], [UCEPROTECT LEVEL 3: passed], [VIRUS RBL - MSRBL: passed], [_REVERSEDNSLOOKUP: passed], [_BAYESIANFILTERING: failed], [_DK: None], [_DKIM: None], [HOSTKARMA - WHITELIST: passed], [SURBL - ABUSE BUSTER: passed], [SURBL - JWSPAMSPY: passed], [SURBL - MALWARE: passed], [SURBL - PHISHING: passed], [SURBL - SPAMASSASSIN: passed], [SURBL - SPAMCOP: passed], [URIBL - BLACK: passed], [URIBL - GREY: passed], [URIBL - MULTI: passed], [URIBL - RED: passed]
 
When a I do a manual PTR lookup against the two dns servers in the Smartermail setup it times out, as it does when I try a number of other servers.
 
So this should have resulted in a [_REVERSEDNSLOOKUP: failed] 
 
Any ideas why this is not occurring?
 
TIA
Antony

3 Replies

Reply to Thread
0
Steve Reid Replied
September 3, 2014 at 6:35 AM
Are you running your own DNS server for Smartermail?
0
Mark Lowe Replied
October 27, 2016 at 1:08 PM
I am wondering if this actually works properly - so i looked at a piece of spam we received - it got sent from IP address 160.20.13.211.  So when I look at the logs it says REVERSE DNS = PASS, but if I go to MXToolbox it says there is no reverse PTR record and so should be a FAIL?
1
kevind Replied
October 27, 2016 at 2:28 PM
Mark, we had the same problem earlier this year running 14.x, but haven't seen it occur much lately. See: https://portal.smartertools.com/community/a87411/message-with-no-ptr-makes-it-through.aspx
 
It's interesting that you found "Reverse DNS = Pass" in the logs. I wonder if that's been added recently as we didn't see it in our SMTP logs at the time.
 
Kevin

Reply to Thread