Announcement

Collapse
No announcement yet.

PTR filtering

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • PTR filtering

    Can anyone tell me if MS Exchange 2003 has the ability to discard connections when a PTR record is not present for the sendee. IE if an email is sent from a domain that only has an MX record and not a reverse public record aswell that email would not be delivered and an NDR delivered instead indicating to the sendee that the "said" domain does not accept email from domains with no valid PTR record. I know exchange has the ability to do a reverse look up on the SMTP connector. But this only allows for reverse DNS information to be appended to the message headers which in my opinion is a bit of a useless feature and a possible uneccesary over head on your mail server. Finally assuming exchange doesnt have this feature (which im pretty sure of) is there any open source utility that can be integrated into exchange to allow for this feature.. (why o why is SMTP inherently insecure. Maybe we need a new ratified protocol that can allow for securer SMTP connections.. ok im rambling now..)

  • #2
    Re: PTR filtering

    Exchange cannot drop messages based on the reverse DNS record. You will have to use a third party tool to do that. Something like Vamsoft ORF should do that.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: PTR filtering

      Originally posted by Sembee View Post
      Exchange cannot drop messages based on the reverse DNS record. You will have to use a third party tool to do that. Something like Vamsoft ORF should do that.

      Simon.
      Why have MS incooperated a feature in SMTP that most Exchange admins believe adds resilience to there exchange enviroment in terms of combating SPAM? When in reality the reverse look up feature merely adds more information to a message header that could possibly be entirely inaccurate? Seems like a bit of a waste of time to me. I guess its only a small foible as Exchange 2003 is a brilliant product and certainly my favoruite flavour to date. Do you know wether Exchange 2007 will incoperate this feature in SP1?

      Comment


      • #4
        Re: PTR filtering

        You talk about Exchange 2007 SP1 as if it isn't already out. It is, and has been for a while.
        The antispam features have been beefed up in Exchange 2007, but reverse DNS lookups is not part of the feature set - you still have to use third party tools.

        As to why MS put the option to do a reverse lookup - I have no idea on that. It is a useless option that simply slows down email processing.

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: PTR filtering

          Originally posted by Sembee View Post
          You talk about Exchange 2007 SP1 as if it isn't already out. It is, and has been for a while.
          The antispam features have been beefed up in Exchange 2007, but reverse DNS lookups is not part of the feature set - you still have to use third party tools.

          As to why MS put the option to do a reverse lookup - I have no idea on that. It is a useless option that simply slows down email processing.

          Simon.
          Thats because the last time i supported it it was pre SP1 and over 10 months ago where alot of the functionality had to be done from the command line. Apparently this has been rectified in SP1 and im assuming SP1 has also added other features to what was then released an incomplete product. Incidently last i was aware MS were not supporting exchange 2007 32 bit in a prodcution enviroment. Is this still the case? Or will they have to change there stance because of SBS 2008?

          Comment


          • #6
            Re: PTR filtering

            Exchange 2007 will never be supported in a 32 bit environment. SBS 2008 is 64 bit.

            While there was a lot of missing functionality, the service pack did not change the antispam features. The core functionality was there from the start.

            Simon.
            --
            Simon Butler
            Exchange MVP

            Blog: http://blog.sembee.co.uk/
            More Exchange Content: http://exchange.sembee.info/
            Exchange Resources List: http://exbpa.com/
            In the UK? Hire me: http://www.sembee.co.uk/

            Sembee is a registered trademark, used here with permission.

            Comment


            • #7
              Re: PTR filtering

              Originally posted by Sembee View Post
              Exchange 2007 will never be supported in a 32 bit environment. SBS 2008 is 64 bit.

              While there was a lot of missing functionality, the service pack did not change the antispam features. The core functionality was there from the start.

              Simon.
              Wow thats a strange stance. SBS naturally is geared towards small business`s with minimal IT budgets and small long term investments. 64bit SBS will mean a whole new server if the client is considering an upgrade Thats not very good news as clients will hardly embrace the wonders of 64bit computing compared to 32bit instructions..

              Comment


              • #8
                Re: PTR filtering

                I think you will find that most SBS purchases are with new hardware, not upgrades. Furthermore if the server is less than two years old then they will already have 64 bit hardware. It is the way that Microsoft are going. All of their server products will be 64 bit only within a few years - I think Windows 2008 is the last 32 bit server OS.

                Simon.
                --
                Simon Butler
                Exchange MVP

                Blog: http://blog.sembee.co.uk/
                More Exchange Content: http://exchange.sembee.info/
                Exchange Resources List: http://exbpa.com/
                In the UK? Hire me: http://www.sembee.co.uk/

                Sembee is a registered trademark, used here with permission.

                Comment


                • #9
                  Re: PTR filtering

                  my solution to the issue was a linux front end MTA running postfix.

                  spam levels dropped from 6-7 to single digit numbers, and email traffic has become much lower
                  ________
                  Buy magic flight launch box
                  Last edited by DYasny; 6th March 2011, 18:30.
                  Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                  BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                  Comment


                  • #10
                    Re: PTR filtering

                    as for secure SMTP, it is usually quite enough to drop all non RFC compliant connections
                    ________
                    Mercedes-Benz Sl-Class
                    Last edited by DYasny; 6th March 2011, 18:30.
                    Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                    BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                    Comment


                    • #11
                      Re: PTR filtering

                      Originally posted by DYasny View Post
                      my solution to the issue was a linux front end MTA running postfix.

                      spam levels dropped from 6-7 to single digit numbers, and email traffic has become much lower
                      Im not familiar with postfix. Can you provide more detail or a how to?

                      Comment


                      • #12
                        Re: PTR filtering

                        you will need to know linux for this. usually it's more simple to get a linux solutions provider to set it up for you. last time I had a quote for that, it was about $1500.

                        otherwise, all the solutions are out there:
                        http://www.google.ie/search?q=postfix+exchange
                        ________
                        Buy Grinders
                        Last edited by DYasny; 6th March 2011, 18:30.
                        Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                        BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                        Comment


                        • #13
                          Re: PTR filtering

                          Originally posted by DYasny View Post
                          you will need to know linux for this. usually it's more simple to get a linux solutions provider to set it up for you. last time I had a quote for that, it was about $1500.

                          otherwise, all the solutions are out there:
                          http://www.google.ie/search?q=postfix+exchange
                          Im am very familiar with UNIX and Linux systems and use them on a daily basis but iv never come across that app before. Time to do some googling. Thanks for the headsup though.

                          Comment


                          • #14
                            Re: PTR filtering

                            in that case that shouldn't be a problem for you
                            basically, whatever Linux MTA you are used to can be set up the same way more or less
                            ________
                            NX650 Dominator
                            Last edited by DYasny; 6th March 2011, 18:30.
                            Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

                            BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

                            Comment

                            Working...
                            X