Re: Now well off-topic - was Re: [Exim] how to configure HEL…

Pàgina inicial
Aquest missatge és part del següent fil:
Ml'arbre de fils complet ordenat per data
MExim Users Mailing List en <-
MJames P. Roberts en ->
Delete this message
Reply to this message
Autor: Exim Users Mailing List
Data:  
A: Suresh Ramasubramanian
CC: Exim Users Mailing List
Assumpte: Re: Now well off-topic - was Re: [Exim] how to configure HELO/EHLO and DNS for multi-homed hosts
[ On Wednesday, July 2, 2003 at 00:04:27 (+0530), Suresh Ramasubramanian wrote: ]
> Subject: Re: Now well off-topic - was Re: [Exim] how to configure HELO/EHLO and DNS for multi-homed hosts
>
> thanks for the oh so detailed explanation - and
>
> 48.223.77.202.in-addr.arpa. 57m46s IN PTR 202-77-223-48.outblaze.com.
>
> doesn't point to a hostname which then maps back to the same IP as that
> of frodo.hserus.net, then?

What good does that information do? Please go back and read the
security lesson I included in my second last reply to Jim.

What we are asking the rDNS is whether it contains a PTR which points
back to the hostname from which we learned the address in the first
place!

From your rDNS all we learn is that your hostname is not valid because
it is not listed in the RR set for your rDNS. I.e. your Reverse DNS has
given a different answer than your forward DNS. Which is right is
anyone's guess, at least if that "anyone" is a computer employing only
the well defined standard algorithm for validating a hostname.

Here's the '-v' output to maybe help you learn the algorithm better:

$ host -v -A frodo.hserus.net
Query about frodo.hserus.net for record types A
Hostname frodo.hserus.net maps to address 202.77.223.48
Found 1 address for frodo.hserus.net
Checking frodo.hserus.net address 202.77.223.48
*** frodo.hserus.net address 202.77.223.48 maps to hostname 202-77-223-48.outblaze.com
*** Hostname frodo.hserus.net does not belong to address 202.77.223.48
*** Not all addresses for hostname frodo.hserus.net have a matching hostname.


I.e. the PTR for 48.223.77.202.in-addr.arpa does not have a hostname
matching the one we're trying to validate here. The fact that the
hostname "202-77-223-48.outblaze.com" resolves to the same address is
totally irrelevant and meaningless in this situation.

rDNS is only really useful if the forward and reverse DNS nodes in the
graph both point at each other -- i.e. the graph must be fully
bi-directional, or to quote RFC 1912 again: "Make sure your PTR and A
records match." 

--
                                Greg A. Woods


+1 416 218-0098;            <g.a.woods@???>;           <woods@???>
Planix, Inc. <woods@???>; VE3TCP; Secrets of the Weird <woods@???>



Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-RE: [Exim] Help with condition statement needed[Exim] Spam scanning one domain and not another->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)