On Thu, Sep 07, 2000 at 05:00:39PM -0500, Joseph Carter wrote: > On Thu, Sep 07, 2000 at 08:44:06PM +0000, Miquel van Smoorenburg wrote: > > A server on the 'net without matching forward/reverse DNS is broken. > > Period. > > Complete bullshit. Show me the RFC that says you may only have one > DNS name attached to an IP at a time.
nobody claimed that it did. i'd accuse you of inventing straw-men arguments just to "prove" your "point" but i don't believe you're anywhere near smart enough to even attempt that....i'll put it down to stupidity rather than malice. > You can't do it because it doesn't exist. Several Debian developers > have debian.net subdomains which do not reverse because they have no > control over their DNS even though their IP addresses are static. My > static IP address with @home (yes, I did convince them to give me one) > is cc659474-a.indnpls1.in.home.com as far as they are concerned. I > have no desire to use that hostname on my email, so I have this: > > tank.debian.net A 24.22.127.210 > > This is perfectly legal practice according to every RFC I have ever > read. It is also quite legitimate for my system to declare that it is > tank.debian.net which does indeed resolve to a valid IP address. The > fact people such as yourself would add the additional requirement that > 24.22.127.210 resolve back to tank.debian.net has nothing to do with > what the RFC's state is correct. as usual, you don't have the faintest clue of what you are talking about. as usual, you are getting all flustered and distressed over your own idiotic misunderstanding of what is going on. the fact that there is an A record for tank.debian.net pointing to the IP address is completely and utterly irrelevant. those sites which do reverse lookup checks for incoming connections do one (or both) of two things: 1. check that there is a .in-addr.arpa PTR record the IP address in question. 2. check that the .in-addr.arpa PTR record is actually correct. e.g. if the server does a lookup on 24.22.127.210 and finds the PTR record which says that it is "cc659474-a.indnpls1.in.home.com", then it will immediately do a lookup on "cc659474-a.indnpls1.in.home.com" to make sure that it has an A record pointing to 24.22.127.210. this is what TCP Wrappers calls a "PARANOID" check. note that tank.debian.net does not enter the picture at all. it is irrelevant to the check under discussion. since the .in-addr.arpa PTR record does not mention tank.debian.net at all, the server does not and CAN NOT know or care anything about that name. whether failure of either or both of the above checks is a valid reason for bouncing mail is another matter entirely (and, IMO, it is not valid). some other sites check whether the SMTP envelope HELO/EHLO hostname exists. some even check whether it resolves to the IP address of the incoming connection. these have nothing to do with reverse DNS lookups, and the question of whether they are good policy or not is debatable (IMO the former is OK, the latter is not). craig -- craig sanders -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]