Reverse DNS Naming Conventions, Check Dynamic Address List

Information Details

Normally, the reason you have reached this page is because a mail server has sent you a message when it rejected an email from you, or one of your users.

  • If you are an email or network operator, you can continue reading this section
  • If you are a user sending email and it got blocked, you should read this section instead

Information for Email and Network Operators

You might also like to read this page as well.

Although email servers can by RFC accept connections from any IP Address most Best Practises documents insist that all identifiers are correctly used, and in the case of reverse DNS on the connecting IP Address this also applies.. The principal is that ALL email servers have a correct entry in DNS that resolves, and it should resolve to the responsible party for the email server.

This rule performs simple checks on the IP Address that is attempting to connect. Normally ALL IP addresses should have a correct reverse DNS, and especially email servers. Most Anti-Spam tools will reject email from places whose reverse DNS looks not to belong to an email server, but more likely to be a home or office dynamic address. However, SOME reverse DNS patterns have been associated with a large amount of Spam. These patterns might not represent poor reverse DNS, however they match a list we keep that show a high likelihood of sending spam.

Of course, these patterns COULD match a legitimate server we could get a false positive that we aren’t yet aware of. However there are some spammer networks that use generic addressing or this might represent a certain pool of addresses that are exploited by spammers more often, and we sometimes see spammers trying to fool people with a certain naming pattern. eg.. important_notices.us-security-alerts.com (only an example) when they really aren’t. These are spammers who have automated systems etc, that always stick to the same format, or a block of hosts with the same pattern that have a history of streaming spam.

IF you DON’T have PROPER reverse DNS you probably will have trouble sending to most places already, and a MUCH higher likelihood of your emails being marked as Spam IF they go through. Again, it is not good enough to have reverse DNS, it has to be a PROPER reverse dns with a domain name that is yours.

If you have a legitimate email server that is caught by this rule, please let us know, or review your naming policies.

If you are the one sending the message, and you were blocked with this message, it is most likely that your ISP or email provider is at fault not the person to whom you are sending. Call your email provider and get them to fix the situation, and point them to this web page.

Information for users. Why was my email blocked?

If your email was blocked, and the link sent you here it is probably because the operator of your outbound mail server has either had a technical malfunction with his DNS, or misconfigured something. Best to call them and ask what the problem is. If they say they don’t need reverse DNS, think about changing to a more responsible provider. Usually they can rectify this quickly, or it was a temporary problem.

Normally, this rule will only block spammers and hackers.

Please check with the administrator of your outbound email server, or ISP for more information.