Best Practice: notify email sender that their reverse lookup is broken

reverse-dns email postfix fortigate

exim can detect the presence of the A record && absence of the PTR record with ACL and then any action can be performed via routers. $sender_host_name, $host_lookup_failed and $host_lookup_deferred do all the trick.

The problem is that spammers are often use such poorly configured but still legal hosts for submission (ISP's dynamically addressed clients f.e.). So most of notifications will be addressed to the spammers.

The easiest way to avoid useless traffic is to accept such messages, check them against AV/SA/bayes and send notification only if they have passed DATA-checkout.

In terms of exim that mean that only if $sender_host_name is non-empty, $host_lookup_failed = 1 and $spam_score_int is less than threshold, you have to issue the notification. May be content-scanning tolerance should be significantly lowered for those messages.

Unfortunately I'm not familiar with postfix enough to propose an equivalent solution.

Related

proc's limit and ulimit -f don't match
Docker: correct way to restrict access to certain IP addresses
ESXi can't add new VM to port group once VMKernel NIC attached to group
Dynamic grouping of machines based on "Managed by" Active Directory Attribute
Enable SSLv3 on ESXi 6.5
SSL certificate working in chrome but not openssl s_client or curl
Proper method to disable polkit.service on CentOS 7
how to install docker-ce 17+ on centos 6.9?
Any cocoa source code for AES encryption decryption?
Java Front Controller [duplicate]
.xlsx and xls(Latest Versions) to pdf using python
Codeigniter REST CSV import to mysql