North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: question on ptr rr
the package in question (and maybe others do as well) has the option to perform the reverse you describe. we tried the milder version first which only verifies the ip sending the packets has a ptr - no domain xref. our upstream provider is our alternate mx (with a higher pref, of course). any mail they accept and forward to us would fail under the more restrictive version of reverse (for example, say we were down for maint.). at least that is my understanding after speaking with the software vendors development team. thanks. ----- Original Message ----- From: "Andrew - Supernews" <[email protected]> To: <[email protected]> Sent: Sunday, February 08, 2004 4:01 PM Subject: Re: question on ptr rr > > >>>>> "Paul" == Paul Vixie <[email protected]> writes: > > Paul> that's one check of many. the PTR has to match the HELO, which > Paul> means all of the worms and spammers who forge @yahoo.com > Paul> addresses and use YAHOO.COM as their HELO will continue to get > Paul> hammered. > > If you're going to get picky about HELO names, then it's better to > require that the HELO has an A record pointing to the connecting IP, > rather than look at PTR. > > -- > Andrew, Supernews > http://www.supernews.com > >
|