North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: question on ptr rr
- From: Andrew - Supernews
- Date: Sun Feb 08 17:50:28 2004
>>>>> "Chris" == Chris Adams <cmadams@hiwaay.net> writes:
> Once upon a time, Andrew - Supernews <andrew@supernews.net> said:
>> If you're going to get picky about HELO names, then it's better to
>> require that the HELO has an A record pointing to the connecting IP,
>> rather than look at PTR.
Chris> That isn't necessarily a good test;
There _is_ no good test, which is one reason why the RFC says
unequivocally "don't do that".
Chris> for example, we've got a couple of servers in a cluster. One
Chris> IP pointed at the cluster is mail.hiwaay.net, and that is what
Chris> is used in HELO/EHLO when making outbound connections, but the
Chris> connections don't come from that IP. They come from the
Chris> cluster member's IP so that when we get a complaint with
Chris> sending IP, we don't have to look through the logs for the
Chris> whole cluster to find the offender.
In that case you'll fail _any_ sort of verification on the HELO, so
it doesn't really matter whether the recipient uses the PTR or the A
record.
--
Andrew, Supernews
http://www.supernews.com
|
