On 1/28/07 8:35 PM, <stuart(_at_)bmsi(_dot_)com> wrote:
On Sun, 28 Jan 2007, Don Lee wrote:
There is a large and growing number of mailservers "out there" that
try to resolve the HELO name, and some do rDNS on the IP and
ensure that it matches the HELO.
All PTR records provide is a name - that you have to verify by checking
that it resolves to the IP. Well, guess what, a HELO name is a ... name ...
that you can verify by checking that it resolves to the IP - clearly
establishing that the domain owner designated that IP. So why
did you bother fetching the PTR records again?
Because by checking that A and PTR agree, I am confirming that the domain
that the machine claims to be is in fact authorized to be using that IP
address (barring institutional stupidity from ISPs who don't allow customers
to update rDNS information on a timely basis).
Devin L. Ganger, Exchange MVP Email: deving(_at_)3sharp(_dot_)com
3Sharp LLC Phone: 425.882.1032 x1011
14700 NE 95th Suite 210 Cell: 425.239.2575
Redmond, WA 98052 Fax: 425.702.8455
(e)Mail Insecurity: http://blogs.3sharp.com/blog/deving/
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
please go to http://v2.listbox.com/member/?list_id=735