Greetings everyone,
Due to a breathtaking number of new compromised PCs hitting our primary and secondary mail hubs, we are now rejecting e-mail from hosts that have no reverse lookup, or a bogus reverse lookup.
This means that if the IP address of your mail server does not have a legitimate reverse “PTR” record, we will reject your mail with a 450 error. This is a soft-bounce, meaning we will not instruct your mail server to discard the mail, rather we ask your mail server to try again later.
This gives everyone lots of time to resolve reverse lookup weirdness.
In the event that your mail server is being rejected by this new method, the best thing to do is to contact your service provider and have them set up a legitimate PTR record for your IP address that has a corresponding forward lookup.
So let’s say my mail server is mail.example.com: my IP address is 172.16.1.1.
If I do a “host” command to look up the PTR of 172.16.1.1, and my PTR record comes back as 172-16-1-1.provider.example.com, but then when I do a host on 172-16-1-1.provider.example.com, that record doesn’t exist, smtp.easydns.com will reject that mail with a 450 soft-bounce error.
The solution is to set a PTR record on 172.16.1.1 to mail.example.com. Either by doing it on your systems (if you have that access, great!) or by contacting your service provider to have that PTR record set up.
This policy stops two things; 1) Mis-configured or compromised hosts that were never supposed to send mail, but are sending mail, have a harder time sending us mail and 2) Malicious hosts that have fake PTR records like “totally-legit.mail.google.com” are not able to forge authenticity.
This is actually an industry norm; previously we haven’t turned this method up because we’ve had the capacity and tolerance to let it slide in the past, but the landscape of e-mail and SMTP based service has changed to the point where we don’t have that luxury anymore.
An example log line is included below;
Mar 6 06:26:08 mymailserver postfix/smtpd[21246]: NOQUEUE: reject: RCPT from unknown[172.16.1.1]: 450 4.7.1 Client host rejected: cannot find your hostname, [172.16.1.1]; from=
Sorry, it’s not clear to me what you are trying to say or whom you mean by “you”. I would normally assume that by “you” you would mean us, your customers and subscribers, yet in this article, it seems you mean the people sending us email.
Are you, in this article, talking about emails that I might be sending to you (for customer service or whatever) or are you (as I surmise) talking about emails being sent to me from others which you are forwarding to me? So when you say “your mail server” whose exactly do you mean?