North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: the value of reverse address lookups?
- From: Douglas F. Calvert
- Date: Wed Mar 31 20:16:25 2004
On Wed, 2004-03-31 at 19:59, Stephen J. Wilcox wrote:
> On Wed, 31 Mar 2004, Douglas F. Calvert wrote:
> > I am interested in finding out what the motivation is for requiring
> > valid reverse address lookups before connecting to a daemon. I have
> > heard a number of different explanations, the majority of the responses
> > point to history/tradition and tcpwrappers. Is there a commonly accepted
> > justification for this practice? In my opinion it does not appear to
> > increase the validity of the connection. But I may be missing something
> > obvious.
> > Thanks in advance...
> Well, my understanding is that whilst its easy to get a domain name and some dns
> its usually quite difficult to put in a ptr record, these are usually controlled
> by the ISP. If they dont exist or dont match then the address is a dialup or
> hijacked or something not legitimate.. I think this is mainly an smtp antispam
> thing tho altho I see your point is for any connection is general, I guess the
> same appliers to hackers as to spammers.. ?
I am interested in both cases smtp and other services. Syr.edu only
accepts ssh connection to the public unix boxen if you come from an ip
with a valid reverse address. The majority of smtp servers on the net
require the same. What more is known about the mail sender or ssh client
just because the reverse address lookup goes through?
Anyone care to give their thoughts on the legacy aspect?
Douglas F. Calvert