Wizard IT Products

I notice, in the new version, that the single check_dynamic_reverse_dns rule has been replaced by two rules:
check_dynamic_reverse_dns (FULL)
check_dynamic_reverse_dns_default (COMMON)

What are the differences in these new rules? I had to disable the previous check_dynamic_reverse_dns rule due to too many poorly set up email servers affecting our customers mail delivery. I'm curious if the the rule spit would make it possible to re-apply some of the dynamic reverse dns protections.

Thanks

Hello dadeitch,

Thank you for your post.

In the new version, the check_dynamic_reverse_dns rule was split into two precisely because of the issue you encountered in the past.

The FULL list (check_dynamic_reverse_dns) is for catching confirmed dynamic style PTRs and could be considered "less sensitive", for example 192-168-2-1.dyna.isp.com or d-1-2-3-4.adsl.isp

The COMMON REGEX (check_dynamic_reverse_dns_default) uses a broader rule to identify dynamic PTR formats,
for example business-ip-23.co2.d1.someisp.nl or adsl-d1-344.someisp.bv

Just like you suggest, you can try the FULL list which should protect from spam sources on the most common dynamic addresses which are usually compromised home computers etc.

Please let us know if you have any questions.

awesome, thanks. I'll give it a try and see if there are issues.

You are welcome dadeitch.

Please let us know if you have any other questions.