At Sat, 28 Nov 2009 00:16:58 +0100, mouss <mo...@ml.netoyen.net> wrote: Subject: Re: Multiple Mail domains for reverse ptr records? I'm confused > > Greg A. Woods a écrit : > > At Wed, 25 Nov 2009 21:51:15 +0100, mouss <mo...@ml.netoyen.net> wrote: > > Subject: Re: Multiple Mail domains for reverse ptr records? I'm confused > > I didn't wrote this. if you can't use a mailer correctly, try an easier > sport.
I quoted the "Subject:" header field content of a message you wrote. Please learn to read common-format attributions correctly. :-) > PS. Next time, avoid CC-ing me. Please set the "reply-to:" header field to a value which reflects your expressed wishes. That way most software, including the software I use, will do your bidding. > > [snip] > > A hostname cannot be verified, either manually or by machine, as "valid" > > in the DNS unless a corresponding PTR points back at it. > > when you'll find the PTR that points back to www.ietf.org, Yes, the ietf.org zone is very lame: $ host -A www.ietf.org *** Hostname www.ietf.org does not belong to address 64.170.98.32 *** Not all addresses for hostname www.ietf.org have a matching hostname. Seems they think their WWW service hostname is most important. Just because the ietf.org domain name is managed on behalf of the organisation which helps coordinate development and publications of Internet standards doesn't mean those who operate it will always do everything possible to meet all best practises. I'm sure you know the story about the cobbler's children who went barefoot. In fact it appears the ietf.org zone is managed by a group that looks decidedly less technical than you might have guessed. They could easily fix the reverse DNS by adding just these few PTRs: 32.98.170.64.in-addr.arpa IN PTR ietf.org. IN PTR ietf72.ietf.org. IN PTR jabber.ietf.org. IN PTR mail.ietf.org. IN PTR rt.ietf.org. IN PTR search.ietf.org. IN PTR trustee.ietf.org. > www.google.com I'm not sure what you're talking about there -- that one is a CNAME. > there is no PTR that resolves to www.netoyen.net and there will never > be. The corresponding IP resolves to imlil.netoyen.net, which in turn > resolves to the IP. That is what IP -> name -> IP double resolution > (sometimes called FcrDNS) means. there is no need for the IP to resolve > to all the names. You are confused. If a _client_ uses a hostname which does not have a PTR corresponding to it, then the client's hostname CANNOT be assumed to be valid. I.e. it all depends on what names are used, and from what perspective. For HTTP the client never does not give its name -- but for SMTP it does. (i.e., indeed there are perspectives of use where the validity of a hostname base on the reverse DNS is less important.) There's also the human "perspective" of the DNS, for what it's worth. If I create a hostname such as: it-is-all-mine.weird.com. IN A 91.121.103.130 are _you_ going to then believe that my use of that IP address is valid? Why not? Do you expect anyone else to believe my use of that IP address is valid? Why not? What if I use that hostname as my mailer's client name when sending mail? Are you going to try to argue that there should be some algorithm which tries to identify the invalid nature of my proposed hostname above just because it somehow doesn't "match" the domain name which the PTR for that address does point to? I defy you to even try to create such an algorithm which will work in _every_ case, and which will be simpler than if we all simply agree that the only valid hostnames pointing to an address are those for which the address resolves in the reverse DNS to corresponding PTRs. -- Greg A. Woods +1 416 218-0098 VE3TCP RoboHack <wo...@robohack.ca> Planix, Inc. <wo...@planix.com> Secrets of the Weird <wo...@weird.com>
pgp3ZFhhEeW0Q.pgp
Description: PGP signature