[Pymilter] My own version of the bms.py milter

[Stuart D. Gathman]

(NOTE, I really appreciate the use of and work on the milter code.  The
spirited debate on the best anti-spam heuristics should be taken in the
proper spirit!  )

On Thu, 22 Dec 2016, Tony Nelson wrote:

>> Also, an IP is not "dynamic" for email purposes if it has a valid
>> HELO (i.e. looking up the alleged hostname matches the connect IP).
>> Many ISPs will not (or the process is inordinately expensive timewise)
>> assign rDNS for small static IP allocations, even for business accounts.
>
> The ISPs I know have automated the process.  It doesn't seem to be
> business class if the ISP doesn't provide for proper site configuration.
> I understand that it won't be provided for home users.
>
> I never accept mail from connections with no rDNS.  That can happen
> for transient failures, so I TEMPFAIL it for a while and then REJECT
> a message (if they can actually send one) so a legitimate user can
> find out.

The irony of that heuristic is that my real business 2 yr contract 
for $100/mo has no rDNS, while spammers can rent a VPS for < $10 a month
(they'll abandon it within a few days) with rDNS.

Yes, I've considered forwarding outgoing mail through a VPS just to get
the rDNS.  But having done that for clients, I find that spammers
have just got done renting that IP, and it is on multiple blacklists. 
IP blacklists are *so* obsolete.  Now that spammers have been forced
to use authentic (if ephemeral) domains, domain blacklists are what
you want.  IPs are only used briefly by spammers as well, and
blacklisting an IP just injures the innocent party that inherits it.

Plus I'm philosophically opposed to the common policy of requiring
rDNS for email and ignoring HELO.  If people don't want my personal
email, so be it.

-- 
 	      Stuart D. Gathman <stuart at gathman.org>
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.