DNS error 9002 during PTR lookup allows SPAM to be delivered

darestep
Posts: 2
Joined: Tue Apr 25, 2017 11:13 am

DNS error 9002 during PTR lookup allows SPAM to be delivered

Postby darestep » Tue Apr 25, 2017 11:38 am

MailEnable Standard: 9.73
SMTP options:
PTR record check -> Reject senders without PTR
Two DNS Blacklist checks configured -> Don't accept the email when detected
DNS Server: Google public DNS [8.8.8.8 / 8.8.4.4]

I face a lot of inbound SPAM, which seems to be caused to a failting DNS lookup. See two example lines from the log

Code: Select all

04/25/17 12:55:48   ME-E0114: [820] DNS error (9002) when resolving PTR for 116.104.173.166. Sender allowed.
04/25/17 12:55:48   ME-I0149: [820] 5892858EF87F4BF48D280E3512DFFEB4.MAI was received successfully and delivery thread was initiated


It seems that because the reverse DNS lookup (PTR) fails, both anti-spam measurements (PTR check + DNS Blacklist check) are being skipped.

I you lookup the PTR for 116.104.173.166 on various online tools, you'll get or timeouts or 'no results found'. I expect the timeout is the issue I'm facing. But effectively this means that spam which is sent from an IP that has a faulty (or slowish) PTR DNS configuration ensures the spam being delivered on my MailEnable SMTP agent right (as further check are being skipped)?

How to counter this spam giving the above? And what is your read, a bug or edge case within MailEnable, or misconfiguration from my side?

Thanks,
Markuz

Who is online

Users browsing this forum: No registered users and 3 guests