Re: Reverse dns checking for local machine

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Sean Witham
CC: Greg A. Woods, John Henders, exim-users
Subject: Re: Reverse dns checking for local machine
On Thu, 21 Aug 1997, Sean Witham wrote:

> In todays world such options are required on exposed gateways, one behind
> a firewall you may wish to make more forgiving.


I have made a note to add such options, though I don't personally see
much value in them. All the control over which machine may or may not
send to you is done based on the IP address of the sender. One you are
talking to a machine you are prepared to listen to, checking what it
passes in HELO doesn't (IMHO) give you much additional security.

> Maybe an exim "security check" lookup cash would be useful.


Indeed, but DNS nameservers and resolvers cache things, so I'm not sure
that the effort of doing a private one for Exim would actually be worth
it.

-- 
Philip Hazel                   University Computing Service,
ph10@???             New Museums Site, Cambridge CB2 3QG,
P.Hazel@???          England.  Phone: +44 1223 334714