Do Not Use MAPS DUL (Dial-up User List) - Anatomy of an SMTP connection

Trend Micro recently bought MAPS, an email black hole service.  Their DUL list is wrong, out of date, and poorly maintained.


Am I yelling?  Sorry about that.  I just want to make it clear.  There is NO good reason to use a third party Dial-up User List.  You can still block dynamic dial-up users from sending mail, but you should do it through reverse DNS, the common mechanism that every sane ISP and mail administrator uses. 

What am I talking about?  Okay, first, here's a little primer on how a modern email handoff works.

A mail server receives a request to deliver mail to port 25 SMTP (actually it is a little more complicated than that, but let us just say for now that's how it works).  The mail server then checks the IP of the sender.  As a first step, my server might reject the email solely on a hard-coded rule at the IP level.  Oops, I do not accept email from your server.  Perhaps I have had problems with abuse from that particular IP before, so I might choose to reject it before even looking at it.  "Go away," and I slam the door.

If the IP passes that first check, I might process others.  Perhaps we might run a reverse DNS request on that IP.  The response might come back as or something similar.  I can at this point choose to reject the email based on the keyword PPP (dial-up user) or USER.  I can be reasonably certain that no corporate or professional mail administrator would allow his important email server to have such a reverse DNS name.

But we are not done wringing all the secrets from the IP address.  Next I will check the reverse IP, get the host name, and then check the forward IP. might not exist as a forward record and again, I might reject the email based on the fact that the network of origination is completely messed up.  Messed up DNS is a good indication this might not be a network from whom I wish to accept mail.

Now that I have established that your email server has a correct reverse/forward IP and you are who you say you are, I might also check to make sure that your server is the correct MX (Mail exchanger) for the domain in question.

So far so good.  We are almost there, but now we must pass the content filters, a gauntlet of truth so to speak.  My server will now tell you to proceed with your SMTP stream.  We will carefully parse it for bad info, viruses, obvious references to scams, Viagra, and general spamminess (all SMTP is text, by the way).  At the end of the SMTP stream, I will announce I have accepted the email for delivery and issue a code 250 (it's an older code, but it checks out.  I was about to clear them).  If, on the other hand, I choose to reject, my server will issue a code 553, a catch all for general errors, and I bounce your mail or drop it.

The reason you should never use a third party DUL list is quite simply this: reverse DNS already neatly identifies the type of host from which a mail connection originates.  It (reverse DNS) is maintained by the ISP and is distributed throughout the world via the wonderful system called DNS.  At no point do you need to set up a separate private company to maintain this list (and introduce one more layer of record keeping and error).

Don't fall for it.  Specifically ask your email provider what they use for their DUL list.  If they answer reverse DNS, then you have found a provider who knows his stuff.  If not, I suggest you keep looking.  Why don't you start here: