email validation: is there any point doing both SPF *and* reverse DNS tests?

For a receiving MTA, it seems to be unnecessary to check both the SPF record for an incoming SMTP connection, and to do an rDNS/PTR lookup.

Consider:

1. Server gets SMTP connection from aaa.bbb.ccc.ddd, with (possibly spoofed) MAIL FROM claiming to be from mail.example.com
2. Server looks up SPF record for mail.example.com, and finds that aaa.bbb.ccc.ddd either is or isn't authorised to send emails for this domain

If test 2 passed, then a PTR lookup on aaa.bbb.ccc.ddd should, by definition, yield something at example.com, unless the DNS is misconfigured. If test 2 failed, then it doesn't matter where aaa.bbb.ccc.ddd points to.

Is this correct? If so, why do some mail providers (ie. Microsoft) do PTR lookups?

Looking up the reverse DNS PTR and forward confirming it enables you to

• reject badly set up amateur hosts
• reject hacked hosts not set up for email at all
• wildcard blacklist dynamic hosts

Without FCrDNS, hosts can spoof PTR names at will. The lookup IP -> PTR -> A needs to match the original IP address. Note that there may be multiple PTRs for an IP address (uncommon yet possible) and that there may be multiple A records for the reverse DNS name - at least one of them needs to match the IP.

Matching the HELO host name -> A to the IP address may also be reasonable. Matching the PTR to the HELO name is not.

Verifying MTA authorization per SPF enables you to reject spoofed sender domains.

Both are different things and solve different problems.