On May 27, 2009, at 10:59 AM, der Mouse wrote:
Certainly, if they care about rDNS and whois. (I would hope anyone
interested in following best practices would care about each. I've
seen things like "nobody cares about rDNS these days" said; in my
admittedly limited experience, clue level correlates remarkably well
with not sharing such points of view.)
There are different geographic regions and organizations that refuse
to publish reverse DNS. Reverse DNS is normally controlled by the
holder of the IP address, where the forward DNS is normally controlled
by the entity offering a service. When a PTR record in the reverse DNS
appears to match with the service offered, the domain using the IP
address is known by the IP address holder. However, it does not mean
the entity offering the service is controlled by that domain. SSL
certs attempt to convey that information in a much safer fashion. In
addition, it is often the case where the number of PTR records that
can be published represent only a small faction of the domains
legitimately using the IP address. In the case of email, reverse DNS
entries are often used to divine some deeper, often undefined, meaning
based upon the content of a PTR records found at the in-addr.arpa
zone. As an anti-abuse effort, some providers in North America do
not accept connections without a reverse DNS entry being found. As a
result, these providers may be unable to communicate with some
organizations or geographic regions. Who is wrong, because in the
case of email, reverse DNS is clearly being misused.
-Doug
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg