On 10-03-04 23:10:45, Tim wrote: > On Thu, 2010-03-04 at 13:42 -0700, Craig White wrote: > > At this stage, I simply will not accept mail from any smtp server > > whose forward & reverse DNS don't match. So if you are sending me > > e-mails from server mail.example.com you better have a reverse DNS > > address that tells me that your ip address points to > mail.example.com. > > That's a rather bad idea, and simply not workable for an *awful* lot > of > people. You *will* be rejecting legit mail with that methodology. > > Although many of us have our own domains, many of them will be hosted > by > a service which hosts hundreds or thousands of other sites using > virtual > named based hosting. We don't each get an IP, and it's completely > impractical to expect that in an IPv4 world. The reverse IP will > point > to the host's domain name, not ours. > > You need to do *better* testing than simply forward and reverse > checking > of one domain name. Yes, Craig's method won't work with any form of virtual hosting or even when the server runs more than one service, as only one of them can be the official name. Servers I run specify which host they are, e.g., my own rapidxen.georgeanelson.com, which won't work with Craig's method. RFC 1912 FCrDNS simply checks that one of the results of a reverselookup maps back to that IP.[1] [1] <http://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS> -- ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/> -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
