Douglas Campbell wrote:
In any case, spam detectors who rely on "localhost" as the reverse lookup
for an IP address as a condition of passing the e-mail are at risk of
producing false negatives.
Reverse lookups fortunately works a bit different:
(unless wrongly implemented)
1) IP address (a) -> Hostname
2) Hostname -> IP address (b)
3) Compare IP address a + b -> reject hostname if no match
4) accept hostname
As such 'localhost' in step 2 resolves to 127.0.0.1 (or ::1 ;) and the
hostname should get rejected, or at least noted, but not used for any
security stuff.
Greets,
Jeroen
signature.asc
Description: OpenPGP digital signature
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg