Autor: David Brodbeck Data: Dla: 'Exim User's Mailing List' Temat: RE: [Exim] AOL - SPF - and EXIM
The thing is, I don't really see the point of the reverse DNS check. It
doesn't accomplish anything. Someone claimed earlier that it's a form of
server authentication, but it isn't really, because whoever controls
reverse DNS for that IP can stick whatever they want in there. Looking up
the A record tells you a lot more.
For example, if I get a connection from a server that says 'HELO
mail.whitehouse.gov', and I do a reverse lookup on its IP and find
'mail.whitehouse.gov', all that tells me is that the person who does rDNS
for that netblock set that value. It's almost as easy to fake as an
identd lookup, and those are widely regarded as useless these days. But
if I look up the A record for mail.whitehouse.gov and find the IP matches
the server connecting to me, I have a pretty good idea that someone at
whitehouse.gov was involved.