RDNS Requests

[Mayers]

I'd like to seek advice from some of the more seasoned providers on here. I'm in the low end vps market and with that seems to come a lot of RDNS requests. I do check fraudrecord to see if there are records on there, if they have a record I deny the order.

For the customers that come back clean I approve the order and activate the service. As soon as I get the RDNS request red flags start to go off. There isn't one time that I gotten a RDNS request, processed it and regretted it within 48 - 72 hours. 30+ abuse reports come back and IPs get blacklisted. I already have it in my TOS that bulk emailing / spam isn't allowed but I'm sure 99% of customers never read them and if they are spammers they won't care about it anyway. :wacko:

These spammers almost make me want to rethink the low end market. It's be less customers but I'm sure the headaches would be less in the spam department.

I'm not a reseller, I setup my VPS nodes and have a great relationship with the datacenter I'm using. I just don't want to risk getting on bad terms with the DC and my servers get pulled. The last thing I want to do is be forced to do an emergency move because the DC gave me the boot.

How do you guys handle RDNS requests?

What are some things you look for?

Do you ever just flat out refuse a request?

What software are you running on your nodes to keep track of the amount of outgoing emails?

Any advice would be very helpful .

 

[KuJoe]

If you're manually provisioning rDNS, you're wasting your time. You should find a way to let clients set their own rDNS and be done with it. However you do it, just make sure that the FQDN they want to use has an A record for the IP they want it set for to avoid spoofing.

Don't try to combat spam at the rDNS level, block the spam before it impacts your IPs and before you get abuse reports. Disable port 25 if you have to or throttle connections to it and make clients open a ticket for enabling/throttling it, not for rDNS.

 

[DomainBop]

I'm in the low end vps market and with that seems to come a lot of RDNS requests

I think the deluge of rDNS requests started around 1996 (long before the low end market existed) when RFC1912/2.1 was first published (the section  that starts with "Every Internet-reachable host should have a name....")   If you have an IP connected to the Internet then basic Internet standards say  the IP should have a rDNS entry even if it isn't used as a mail server.

If you're manually provisioning rDNS, you're wasting your time.

...wasting his time and the customer's time (the old time=money rule applies here...).  As a customer it always annoys me if I need to spend time opening a ticket for something which should be automated (especially since the hosts who don't automate processes are invariably the ones whose support desks are staffed by Level 1 support with limited experience who need to escalate even simple requests to their VP/CEO/Level 2/3/4/ techs/10 yr old sister, which means multiple ticket replies and hours/days....).

tl;dr: lack of automation means higher support costs for the host and lower customer satisfaction rates

 

[fizzyjoe908]

I agree with Joe here.

We allow customers to set rDNS themselves. There is validation in place, but none that would really prevent spam. You need to prevent spam by rate limiting SMTP or blocking the port altogether.

 

[nunim]

I hate providers that force me to submit a ticket for RDNS, it's a waste of their time and mine.

Very few of my VPS are used to send out emails, however they all have proper RDNS records.  

Blocking port 25 isn't a bad idea, as long as you're willing to enable it upon request but you should also look into SMTP rate monitoring, if you're running OVZ checkout nodewatch.

 

[Mayers]

Thank you everyone for your feedback, it's been very helpful. I have setup RDNS so it can be managed by the customers directly and also installed nodewatch (very handy I must say).

 

[mitgib]

Blocking port 25 isn't a bad idea, as long as you're willing to enable it upon request but you should also look into SMTP rate monitoring, if you're running OVZ checkout nodewatch.

I had been using VPS-mon and was never very happy with it, so spent the weekend trying out nodewatch and it has helped quite a bit, more for pointing out problems users were having and didn't know about, so they hopefully are happier with the assistance it offered them tracking their issues

 

[winnervps]

• FraudRecord is a must
• Blocking SMTP port 25 (if you feel that this smells fishy).
• Phone call (usually I do this). I asked politely over the email/ticket, if I can give them a solution (SPAMmers didn't attract of any solutons)
• Choose a DC with a DDoS Protection enabled (usually you can protect your outgoing packet, as well)
• The other thing is: RAISE YOUR PRICE (sugar attracts ants, so do price....attracts spammers) imho

 

[VPS4LESS]

We block port 25 by default if they want it open they have to pay for that privilege 

 

[drmike]

We block port 25 by default if they want it open they have to pay for that privilege 

A year ago I would have screamed about this.   But today, I think it's alright so long as customers are told this early on - like in their post order account pack.

 

[nuweb]

We block port 25 by default if they want it open they have to pay for that privilege 

I'm not sure that'll even do any good, so many spammers will use stolen credit cards or stolen paypal accounts so the amount doesn't really matter to them.

 

[TurnkeyInternet]

"

I hate providers that force me to submit a ticket for RDNS, it's a waste of their time and mine.

"

WE are one of those providers.  We require that they client first setup forward dns (A) records to match the IP, host the web/domain there (so its not just a remote mail bot), and enforce a strict domain-age minimum of 60 days.  Anything that deviates from that, we refuse to setup the RDNS until they meet those requirements.

Our experience is spammers don't use stolen credit cards (not the snow show type 'affiliate get me paid for email' type spammers that is).  They are legit people, buying through strawmen, trying to get past order systems to send out their emails for affiliate link payouts for xboxes and life insurance etc.  They are the ones that c are about RDNS.  Spammers using phishing and such, using stolen credit cards etc - they dont care about rdns and just pump and dump their phishing stuff abnd usually stick to hacked accounts anyway.

So when you get a request for RDNS, at least in our experience, its not a hacker or stolen credit card.

WE can fully automate RDNS, but its one of those things that will put you on spamhaus's bad list if you do so btw - anothe reason to personally review each request.  Legit clients will not mind waiting a few hours, and there is NOT legit reason someone needs instant ability to change REVERSE DNS 10 times a day (we had a snow shoe spammer demand that in the past).

 

[kcaj]

There are more reasons for setting rDNS than just mail. I like to do it for good measure and IRC hostnames.

 

[KMyers]

There are more reasons for setting rDNS than just mail. I like to do it for good measure and IRC hostnames.

Well, mail is by far the most common but I agree that it is not the only reason. The problem is that as a few bad apples spoiled the bunch