[ On Wednesday, February 6, 2002 at 14:14:20 (+0100), bhoc@??? wrote: ]
> Subject: [Exim] Re: Reverse Mappings
>
> There's another gotcha with reverse DNS lookups:
>
> Say I have my firewall which also has exim on board and port-forwards
> http[s]
> requests to one of the W2K dummies in the DMZ. Now I have setup DNS like
> "www.me.org IN A 123.1.2.3" and "mail.me.org CNAME www.me.org."
That's probably wrong. You must not use CNAMEs in an MX, and your
config is going very much in that direction (though you don't yet show
how you would do MX RRs).
> Now we do a reverse lookup and come back with "3.2.1.123 IN PTR
> www.me.org." which is definitely *not* "mail.me.org" -> sayonara, spammer.
Bogus. Your configuration is broken, even without the DMZ/NAT/PAT.
Your mailer MUST use "
www.me.org" as its canonical hostname. It MUST
NOT ever use a CNAME in the HELO/EHLO greeting.
--
Greg A. Woods
+1 416 218-0098; <gwoods@???>; <g.a.woods@???>; <woods@???>
Planix, Inc. <woods@???>; VE3TCP; Secrets of the Weird <woods@???>
