[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Reverse dns

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Reverse dns
From: "Security - AlaricoWebDesign.it" <security@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 10 Mar 2005 18:25:15 +0100

Paul Schmehl ha scritto:

Is there an RFC *requirement* for reverse dns?

I've been looking through the RFCs and I can't find it. Some folks think reverse dns should be completely disabled. I know for sure that this will break email, because many mail servers won't talk to a server that doesn't reverse. Tcpdump also doesn't like hosts that won't reverse.

What I'm looking for is a standard (RFC) that states that enabling reverse lookups is *required* or reverse lookups are *optional*. If they're optional, then reverse could be disabled for most hosts.

I'm also looking for a list of things that *break* when you disable reverse (e.g. mail).

RULES FOR RESPONDING: 1) "Reverse is a good thing" is not an answer. Neither is "Reverse is a bad thing". 2) Opinions are not useful - stick to facts only - chapter and verse please. 3) All replies to the list please - others will find this useful as well.
Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

I manage some server DNS and server mail and can say that reverse DNS serves why many many MTA refuse the mail from the IP without the reverse. But it is also true that not is, than I know, nothing of defined in such sense. Many ISP deny the possibility to the customer of having the reverse, others make to pay the "custom" RDNS for a domain name. If you want to send mail to me and you do not have reverse however he does not arrive to me, perhaps... then you make :)

--
Distinti Saluti
--------------------------------
|   Chief Security Officer     |
|  Alarico Web Design s.r.l.   |
|  Via Gerolamo De Rada n°21   |
|    87100 Cosenza - Italy     |
| Tel. & Fax   +39 0984.795523 |
--------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

References:
- [Full-disclosure] Reverse dns
  - From: Paul Schmehl

Prev by Date: Re: [Full-disclosure] Reverse dns
Next by Date: Re: [Full-disclosure] Reverse dns
Previous by thread: Re: [Full-disclosure] Reverse dns
Next by thread: Re: [Full-disclosure] Reverse dns
Index(es):
- Date
- Thread