North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: question on ptr rr
>>>>> "Chris" == Chris Adams <[email protected]> writes: > Once upon a time, Andrew - Supernews <[email protected]> said: >> If you're going to get picky about HELO names, then it's better to >> require that the HELO has an A record pointing to the connecting IP, >> rather than look at PTR. Chris> That isn't necessarily a good test; There _is_ no good test, which is one reason why the RFC says unequivocally "don't do that". Chris> for example, we've got a couple of servers in a cluster. One Chris> IP pointed at the cluster is mail.hiwaay.net, and that is what Chris> is used in HELO/EHLO when making outbound connections, but the Chris> connections don't come from that IP. They come from the Chris> cluster member's IP so that when we get a complaint with Chris> sending IP, we don't have to look through the logs for the Chris> whole cluster to find the offender. In that case you'll fail _any_ sort of verification on the HELO, so it doesn't really matter whether the recipient uses the PTR or the A record. -- Andrew, Supernews http://www.supernews.com
|