Reverse DNS spam check never failing
Problem reported by Antony - March 24, 2014 at 8:59 AM
Running Smartermail Enterprise 12.0.5178 on Windows 2008 32bit
We have the ReverseDNS spam check set up to return a score of 10 if it fails.  However, it doesn't appear to be ever failing.
As an example see the following (truncated) headers from an email:
Return-Path: <>
Received: from (UnknownHost [nnn.nnn.nnn.nnn]) by smartermail with SMTP;
   Sat, 22 Mar 2014 01:03:04 +0000
Received: by
    (amavisd-new, port 7243) with ESMTP id 00X148BOBC;
    for <>; Fri, 21 Mar 2014 18:02:34 -0700
X-SmarterMail-Spam: SPF_Pass, Bayesian Filtering, DK_None, DKIM_None
X-SmarterMail-TotalSpamWeight: 3
From the logs:
Spam check results: [_SPF: Pass], [BARRACUDA - BRBL: passed], [CBL - ABUSE SEAT - DO NOT CHECK OUTGOING: passed], [HOSTKARMA - BLACKLIST: passed], [HOSTKARMA - BROWNLIST: passed], [HOSTKARMA - YELLOWLIST: passed], [SORBS - ABUSE: passed], [SORBS - DYNAMIC IP: passed], [SORBS - PROXY: passed], [SORBS - SMTP: passed], [SORBS - SOCKS: passed], [SPAMHAUS - CBL: passed], [SPAMHAUS - CSS: passed], [SPAMHAUS - PBL: passed], [SPAMHAUS - PBL2: passed], [SPAMHAUS - SBL: passed], [UCEPROTECT LEVEL 1: passed], [UCEPROTECT LEVEL 2: passed], [UCEPROTECT LEVEL 3: passed], [VIRUS RBL - MSRBL: passed], [_REVERSEDNSLOOKUP: passed], [_BAYESIANFILTERING: failed], [_DK: None], [_DKIM: None], [HOSTKARMA - WHITELIST: passed], [SURBL - ABUSE BUSTER: passed], [SURBL - JWSPAMSPY: passed], [SURBL - MALWARE: passed], [SURBL - PHISHING: passed], [SURBL - SPAMASSASSIN: passed], [SURBL - SPAMCOP: passed], [URIBL - BLACK: passed], [URIBL - GREY: passed], [URIBL - MULTI: passed], [URIBL - RED: passed]
When a I do a manual PTR lookup against the two dns servers in the Smartermail setup it times out, as it does when I try a number of other servers.
So this should have resulted in a [_REVERSEDNSLOOKUP: failed] 
Any ideas why this is not occurring?

3 Replies

Reply to Thread
Are you running your own DNS server for Smartermail?
I am wondering if this actually works properly - so i looked at a piece of spam we received - it got sent from IP address  So when I look at the logs it says REVERSE DNS = PASS, but if I go to MXToolbox it says there is no reverse PTR record and so should be a FAIL?
Mark, we had the same problem earlier this year running 14.x, but haven't seen it occur much lately. See:
It's interesting that you found "Reverse DNS = Pass" in the logs. I wonder if that's been added recently as we didn't see it in our SMTP logs at the time.

Reply to Thread