On Fri, Sep 7, 2012 at 5:08 PM, Ewen McNeill <nznog(a)ewen.mcneill.gen.nz> wrote:
To echo this, it appears to be basically impossible to persuade a lot of organisations
these days to put proper (eg, matching!) reverse/forward DNS in for their mail servers.
Back before I threw up my hands and shifted my mail to Google, I ran
qpsmtpd (perl MTA) with a bunch of custom modules, in front of
postfix. My "secret sauce" which reduced my whitelist size a bit was
what I called the "geeks on DSL" rule, although it also allowed mail
from ccdhb.org.nz and other similar organisations.
If you failed the "no reverse DNS" or "dynamic IP range" rules,
still allow your mail if the source IP was in the same /24 as any of
the domain's MX records, A records, or www. A/CNAME/etc record. This
worked surprisingly well, but I still had to maintain a growing
Are you using
greylisting? That still nets some good results still [...]
I'd echo this too.
I found users were too used to email being instantaneous for
greylisting to be useful -- I'd get too many "email is broken"
complaints. Also the people I was contracting for ran a bizzare MacOS
based email server that refused to retry sending emails, and I did
quite like getting paid...