Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Bloack mail if no PTR
  •  
BudDurland

Messages: 348

Karma: 10
Send a private message to this user
Can Kerio be configured to block incoming mail if the sending IP has not PTR (reverse DNS) record? I can't seem to find the setting if so.

If not, I will submit a ticket -- this is a basic spam fighting tool, and I'm somewhat surprised that kerio is missing it.

Thanks!

Good is better than evil because it's nicer
--Mammy Yokum
  •  
sonofcolin

Messages: 483
Karma: 0
Send a private message to this user
Try SMTP --> Additional options --> block if senders mail domain was not found in DNS
  •  
BudDurland

Messages: 348

Karma: 10
Send a private message to this user
Quote:

block if senders mail domain was not found in DNS


Tried that, and I don't think it's the same thing. Domain names, either as part of the declared 'sender' in the SMTP envelope, or in the host name used during the SMTP greeting, are very easily spoofed. Someone from the other side of the planet could send mail using my domain name in either place, and the message would not fail this test.

The IP address of the sending host is the one part of the SMTP conversation that is quite hard to forge. Many other mail servers & anti-spam packages have a test that checks for a PTR (reverse DNS) record for the sending host's IP address. This technique is a very effective defense against spam sent by zombie PC's on consume networks. IIRC, AOL will not accept mail from hosts with no PTR record.

Good is better than evil because it's nicer
--Mammy Yokum
  •  
freakinvibe

Messages: 1553
Karma: 62
Send a private message to this user
This doesn't exist in KMS as far I can see.

But in my personal opinion it does not help against bot nets / zombie PCs. Most of them have PTR records like:

47-133-64-34.dynamic.yourisp.com

Spam assassin handles them by adding a score to dynamic addresses. You can also use SORBS, if you want to block such addresses (but I would recommend to add a score instead of blocking).

Regards, Pascal

Dexion AG - The Blackberry Specialists in Switzerland
https://dexionag.ch
Previous Topic: Missing Form When Trying to Create Appointment w KOC
Next Topic: Spam repellent >30 seconds
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Nov 21 16:52:15 CET 2017

Total time taken to generate the page: 0.00371 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.