Remember that Reverse lookups are optional. Many people who start of
saying "if reverse dns is configured correctly..." don't seem to
understand that reverse DNS is also properly configured when it is turned
off.
The abuse, and the numerous security vulnerabilities which have been
introduced by the improper use, as well as the difficulties in IPv6 (both
technical and administrative) has prompted discussion on both DNS working
groups to consider removing Reverse DNS altogether. As it stands, Reverse
DNS is probably not going to be working or widely used in IPV6, which has
an alternate ICMP host information query so that reverse DNS is not
necessary for the most useful purpose of reverse DNS: traceroute.
The good news is that all this nonsense ends with IPv6.
--Dean
On Wed, 15 Oct 2003, Leif Johansson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We should keep nice and descriptive subject-lines...
Michel Py wrote:
<snip>
| etc. Basically everything that triggers a reverse lookup adds to the
| pain, but if reverse lookup is configured correctly on the local DNS
A lot of the arguments seem to contain the phrase "If <foo> is
configured correctly then ...". Now what does that teach us?
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/jRtv8Jx8FtbMZncRAg8eAJsEhg6/LOQgaZW3FtSkdiffbp2TvwCgx+x1
dpuw7nwHC2Z8BlAx+qoKyBc=
=7TZn
-----END PGP SIGNATURE-----