RE: [Exim] Inbound Hosts without valid rDNS

Pàgina inicial
Delete this message
Reply to this message
Autor: Eli
Data:  
A: 'Exim User's Mailing List'
Assumpte: RE: [Exim] Inbound Hosts without valid rDNS
Well regardless what anyone thinks about DNS or how it should or ever will
reverse (and as much as I think Greg should stop cutting people down and be
a bit more constructive with his critism - like maybe back it up with some
real world facts?), 2 issues come up:

1) this topic has gone way off base from what this mailing list is for.

2) nobody has control over someone elses DNS or reverse DNS either, so kick
and scream all you want but it won't get you anywhere in making anything
work the way you want it to.

Also, the 2 main differing opinions/arguments are coming from people with
different perspectives on it. I come from the large company perspective
(and I think Wakko may come from there as well), and Greg and Tony seem to
come from the end user perspective where they expect to get full control
over everything.

And even if everyone makes peace and DNS is always set up "properly", what
happens in the exact scenario that Wakko mentioned in the first place which
nobody seems to have acknolwedged:

I have a system, it will be called "server.domain.com". It hosts my
website, and it also hosts my email. It has IP 10.0.0.1. You'd all say
that reverse DNS for 10.0.0.1 should return "server.domain.com" - which so
far would be correct. Now say I make a pointer for that system called
"mail.domain.com" since it also hosts mail, and I want it to have a
different name when dealing with email. Now what happens with reverse DNS?
The server reports itself (when doing mail transactions) as
"mail.domain.com", which has an IP of 10.0.0.1, but if you reverse that, you
get "server.domain.com" - all of a sudden it all appears broken!

A few direct quotes from RFC1035
(ftp://ftp.rfc-editor.org/in-notes/rfc1035.txt):

"Thus inverse queries are primarily useful for database management and
debugging activities.
Inverse queries are NOT an acceptable method of mapping host addresses to
host names; use the IN-
ADDR.ARPA domain instead." (section 6.4.1)

That covers inverse queries, now for the actual in-addr.arpa domain:

"Several cautions apply to the use of these services:
   - Since the IN-ADDR.ARPA special domain and the normal domain
     for a particular host or gateway will be in different zones,
     the possibility exists that that the data may be inconsistent."
(section 3.5)


So there's the warning in the first place - right in an RFC. Telling you
explicitly to be forewarned that the data may not be correct both ways, and
I saw no mention anywhere stating that it had to be.

Eli.

-----Original Message-----
From: exim-users-admin@??? [mailto:exim-users-admin@exim.org] On Behalf
Of Tony Earnshaw
Sent: Tuesday, December 30, 2003 10:42 AM
To: Exim User's Mailing List
Subject: Re: [Exim] Inbound Hosts without valid rDNS


tir, 30.12.2003 kl. 02.41 skrev Wakko Warner:

> > That's pretty damn useless.
> >
> > Broken reverse DNS is worse than no reverse DNS at all.
>
> Why don't you crawl back under the rock in which you came and quit

trolling
> the list every time someone says something you feel you should step in on?
> It's been quite apparent you live in your own world and you rarely ever
> agree with anyone else.


I agree utterly and completely with Greg. This reply is also minted for
eli@??? (sic).

There are those who take the trouble to play by the book, and those who:

j u s t c a n n o t b e b o t h e r e d

and will invent any old excuse for their ignorance or laziness (take
your pick - there are no other choices).

I deliberately chose for a kosher ISP, Demon Internet, one of the
reasons being, that Demon Internet *plays by the book*. No single
demon.net or demon.nl domain has a foully configured reverse DNS. Demon
will not brook foully configured DNS. By which I mean, that if an ISP
has been granted the privilege of configuring his delegated zones,

i n c l u d i n g in-addr.arpa

then that ISP should honor, respect and be proud of that privilege.

Here in the Netherlands, there are enough cr*pp* ISPs to choose from
(including daughter-ISPs of the largest ISP in the Netherlands, KPN),
each one trying to underbid the other, who have to cut costs to justify
their economic policy. One of the first ways they choose, is by not
playing by the book. "No-one will know anyway, no-one will care, lets
all play Windows-think".

--Tonni

--
mail: billy - at - billy.demon.nl
http://billy.demon.nl


--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##

---
[This E-mail scanned for viruses]


---
[This E-mail scanned for viruses]