Rule for DNS MX Check

Matt Kettler mkettler at evi-inc.com
Mon Nov 6 21:01:15 GMT 2006


Side note for Max:

While you're at it, you might want fix your own DNS records:

Received: from mail.assuredata.com (assuredata.com [69.15.149.129] (may be
	forged))


69.15.149.129 reverse DNS resolves as "assuredata.com", but that name has no
forward resolution. This is strictly invalid, as all records returned by
resolving a PTR MUST resolve back to the same IP.

(note: this is different than making assuptions about HELO strings)


# host 69.15.149.129
129.149.15.69.in-addr.arpa domain name pointer assuredata.com.
129.149.15.69.in-addr.arpa domain name pointer writeontime.us.

# host assuredata.com
#

Furthermore, the other record does resolve, but to a different IP address:

# host writeontime.us
writeontime.us has address 216.21.229.197

Ouch.


See RFC 1912 section 2.1

http://www.ietf.org/rfc/rfc1912.txt




More information about the MailScanner mailing list