Mail PTR Records
Peter Farrow
peter at farrows.org
Mon Mar 3 21:30:20 GMT 2008
Matt Kettler wrote:
> mikea wrote:
>> On Mon, Mar 03, 2008 at 01:15:21PM -0600, Nathan Olson wrote:
>>> It's not RFC-compliant.
>>
>> As has been mentioned elsethread, a number of techniques which are
>> increasingly necessary for survival are not RFC-compliant.
>> Many RFCs were written when the Internet was kinder, gentler, and MUCH
>> less dangerous than it is now. They have not changed, though the 'Net
>> certainly has. Blind adherence to them in the face of evidence that
>> that adherence opens windows of vulnerability is not necessarily dood
>> or wise.
>
> Well, that alone isn't a good reason to blindly toss RFC's aside. Some
> requirements of the RFCs are there for damn good reasons.
>
> However, in this case I suspect the activity isn't even a violation of
> an RFC, and not having a PTR record clearly violates their
> recommendations (albeit not their requirements).
>
> In general, it's really easy to claim something isn't complaint with
> the RFCs without any evidence to support it. We should all take such
> suggestions (including those generated by me) as unsubstantiated
> opinions until proven otherwise..
>
>
>
>
>
http://tools.ietf.org/html/rfc1912
Its an RFC to have a matching forward and revserse DNS lookup, so not
having one or a mismatched one is a violation of RFC1912
To quote, verbatim,
"Every Internet-reachable host should have a name. The consequences of
this are becoming more and more obvious. Many services available on the
Internet will not talk to you if you aren't correctly registered in the
DNS. Make sure your PTR and A records match. For every IP address, there
should be a matching PTR record in the in-addr.arpa domain."
So you can legitimately bounce the email if the sending host has bad
forward/reverse DNS...
Regards
Pete
More information about the MailScanner
mailing list