6/28/08

Comcast Anti-spam Measure

Apparently, in it's never-ending battle to thwart spam, Comcast (apparently) recently started to require that connecting e-mail servers have a valid PTR record so Comcast's email servers can do a PTR (pointer) record lookup. This allows a look-up on your IP address to see if the IP address and the value returned—it should be the computer's domain namematch.

Now, I am not sure of a different way to do it, but Comcast chose a way that many choose. They returned it in a bounced error message.

Providentially, I knew this was coming. For some reason, I checked the mail queue on the server. This is what I saw.
242C7AFEC0D2 9406 Thu Jun 19 12:25:40
listname@example.org (connect to mx1.comcast.net[76.96.62.116]: server refused to talk to me:
554 IMTA08.westchester.pa.mail.comcast.net comcast 66.242.23.142 Comcast requires that all mail servers must have a PTR record with a valid Reverse DNS entry. Currently your mail server does not fill that requirement. For more information, refer to:
http://www.comcast.net/help/faq/index.jsp?faq=SecurityMail_Policy18784)
alpha@comcast.net
charlie3@comcast.net
delta4@comcast.net
echo5@comcast.net
foxtrot6@comcast.net
gold7@comcast.net
hotel8@comcast.net
Later, one of the errors was returned to the list owner (me).
<delta4@comcast.net>: delivery temporarily suspended: connect to mx2.comcast.net[76.96.30.116]: server refused to talk to me: 554 IMTA01.emeryville.ca.mail.comcast.net comcast 66.242.23.142 Comcast requires that all mail servers must have a PTR record with a valid Reverse DNS entry. Currently your mail server does not fill that requirement. For more information, refer to: http://www.comcast.net/help/faq/index.jsp?faq=SecurityMail_Policy18784
Now, I am fairly Internet, DNS, and SMTP e-mail clueful. What would (what do) the average person do with this error message? They should go to the indicated URL. It suggests going to your email administrator. Many people stop right there, eyes glazed over.

The funny thing in this case? Although the server was not in a Comcast address space, the server domain is a customer of Comcast. I'm thinking the error message could have been clearer.

No comments: