A recent addition to UNH’s spam filtering tool chest is Reverse DNS Lookup, implemented on the UNH E-mail gateways in November 2006. This tool has significantly reduced the amount of spam E-mail coming into campus. During a recent one week period, over 500,000 E-mail connections per day were rejected.

Although the process has been effective in filtering spam, some legitimate E-mails sent from outside of UNH have been blocked due to incorrect information on the senders’ servers. If you or someone you correspond with is not able to send E-mail to a UNH E-mail address, Reverse DNS Lookup could be the reason. While this tool is relatively new at UNH, it is an emerging standard in the industry and is now being used by many institutions. A sender who has trouble passing E-mail through the UNH Reverse DNS Lookup tool will probably have trouble E-mailing to people at other higher education institutions as well.

How does it work?
The primary tool for sender verification is called “Reverse DNS Lookup,” where DNS stands for “Domain Name Service.” Any time E-mail is sent across the Internet a number called an IP address is used to identify the server sending the message. The Reverse DNS Lookup technique attempts to resolve the IP address back to the server’s DNS hostname. If the IP address and the DNS name do not match, the E-mail is rejected. In some cases, the IP address and the DNS name cannot be resolved because the IP address has been forged. In other cases they cannot be resolved because the sender’s E-mail server information has not properly included their DNS table.

What does this have to do with spam?
Spammers often shield their identity by using computers that cannot be reliably tied back to an actual owner or Internet Service Provider via DNS. UNH E-mail gateways ensure that the connecting computer appears in DNS records with a verifiable hostname.

What should I do if an E-mail sent to me fails the Reverse DNS Lookup Test?
If legitimate E-mail sent to you fails the lookup test, the sender will receive an alert message sent by UNH’s server that looks something like this:
Fix reverse DNS for 209.205.201.58, or use your ISP server.

This situation is expected to be rare, as Reverse DNS Lookup has become a standard within higher education and industry. The majority of the organizations or entities that provide E-mail service have adapted their practices accordingly.

If, however, the sender’s E-mail is not passing the Reverse DNS Lookup test, the solution is to properly list information about the sender’s E-mail server in the sending institution’s DNS table. This is an easy, corrective action that the sender’s Information Technology staff or ISP should be able to make. It means simply adding a server name to a list of servers used by that company, but it has to be completed by the sending institution’s DNS server administrator.

Information for server administrators is posted on the following UNH Websites:

www.email.unh.edu (general information)

pubpages.unh.edu/notes/require_rdns.html (technical information)

If the sender has any further questions, please call the UNH Help Desk at 603-862-4242.