>1. I do not think there is consensus that having PTRs is or is not a best >practice, so emphasizing the lack of consensus lets us move on to what an >ISP can do, if they care to do anything. >The first paragraph has been overhauled to say "While the need for a PTR >record and for it to match > is debatable as a best practice, some network services [see Section 3] >still do rely on PTR lookups, and some check the source address of >incoming connections and verify that the PTR and A records match before >providing service.=B2
Is it possible to have a separate section about e-mail? In my experience, without reverse DNS it is essentially impossible to have mail delivered to the internet at large. So where most uses of PTR records are a nice to have to can be decided locally, for e-mail it is other parties on the internet that force the use of PTR records. At the same time, if someone is capable of operating a mail server then operating an auth. DNS server is not really out of line. So I'd like some text that describes the importance of reverse DNS for e-mail and then basically says that if an ISP allows customers to handle their own outgoing e-mail then that ISP SHOULD provide customers with a way of setting up PTR records for those mail servers, even if it is just delegating part of the name space by setting up NS records. Do you have a reference for the following statement Serving ads: "This host is probably in town.province." An ISP that does not provide PTR records might affect somebody else's geolocation. Extracting geo information from reverse DNS is very hard. As far as I know, geo location services for IPv4 mostly rely on other sources. The following is not clear to me: Some ISP DNS administrators may choose to provide only a NXDomain response to PTR queries for subscriber addresses. [...] Providing a negative response in response to PTR queries does not satisfy the expectation in [RFC1912] for entries to match. Users of services which are dependent on a successful lookup will have a poor experience. For instance, some web services and SSH connections wait for a DNS response, even NXDOMAIN, before responding. Why would a NXDOMAIN response to a PTR query have a negative impact on performance? If any, it would be faster because it saves a forward lookup. Maybe you want to say that a PTR lookup has to result in a quick reply, even it is an NXDOMAIN. A delegation to a name server that does not respond will cause a delay in applications that wait for the reverse DNS lookup to complete. I don't see a discussion about DNAME. Maybe that's worth adding? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop