Jeremy Portzer wrote: > You state above, "Would it not be correct to do a lookup on the > domain name to see if it matches the incoming IP address[...]"? > That would be impossible, because a server has no idea what "domain > name" you are connecting from. It only knows the IP address, which it > gets from the TCP/IP protocol information. It can only do one thing -- > a reverse lookup -- to try to determine "the domain name."
My knowledge of SMTP is pretty limited, but my Postfix book says that the first thing an SMTP server gets is the "HELO trilug.org" command which identifies the incoming server. It goes on to state that most servers then do a reverse-DNS lookup (since you can't trust a spammer/hacker to give a valid identity) to find the true origin and determine if the mail should be allowed.
Wouldn't it make more sense to perform a regular DNS lookup (instead of the reverse) to determine if the claimed domain could really be coming from the incoming IP address?
Chris
-- ********************************* Chris Merrill [EMAIL PROTECTED] *********************************
_______________________________________________ TriLUG mailing list http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ: http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
