On Fri, Aug 29, 2003 at 10:38:15AM -0700, Bob Atkinson wrote:
There's a much simpler reason why rDNS is unreliable.
In order for rDNS to work, the domain owner must have a DNS relationship
with their ISP (as opposed to hosting DNS themselves). There are many,
particularly the small folk, who do not, esp. as it costs ongoing $ to
maintain such a relationship.
Having such a relationship is not today pragmatically necessary to
participate in the Internet, and we ought to think carefully before
giving ISPs such a win-fall and shift in power.
The DRIP structure is rDNS-ish, but not dependent on you getting your
provider to cooperate.
that said... my understanding of getting rDNS working in a mail
context, the rDNS is a PTR to an A record (not necessarily one you
control). As long as that A record also points to the same IP...
you're golden.
so, I might use foo.bar.com as my EHLO line. And in fact,
the A for foo.bar.com points to xx.yy.zz.tt.
but when they look up tt.zz.yy.xx.in-addr.arpa, they'll get whatever
my ISP sez it is. say
rdsl-xx-yy-zz-tt.joesisp.com
as long as *that* resolves to xx.yy.zz.tt (as one of its A records)
the MTA should not complain. In fact, that's what sendmail does.
If the result of the rDNS lookup (and forward lookup) do NOT match,
it tacks on "may be forged" to the Received: header.
--
/ \__ | Richard Rognlie / Oracle Prophet / Gamerz.NET Lackey
\__/ \ | http://www.gamerz.net/rrognlie/ <rrognlie(_at_)gamerz(_dot_)net>
/ \__/ | I can only please 1 person per day. Today is not your day.
\__/ | Tomorrow doesn't look good either.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg