is reverse dns required? (policy question)

Douglas Otis dotis at mail-abuse.org
Fri Dec 3 02:51:01 UTC 2004


On Thu, 2004-12-02 at 16:03, Mark Andrews wrote:
> In article <41AF5C33.4050202 at nrg4u.com> you write:
> >
> >You would put in a global wildcard that says no smtp sender here.  Only
> >for those boxes being legitimate SMTP to outside senders you'd put in a
> >more specific record as shown above.  You probably have to enter some dozen
> >to one hundred servers this way.  Sure your reverse zone scripts need some
> >changes but it's only two or three lines.
> >
> >Ideally you could tell your DNS server in the zone file this:
> >
> >  _send._smtp._srv.*.*.173.128.in-addr.arpa.   IN TXT   "0"
> >  _send._smtp._srv.*.*.82.198.in-addr.arpa.   IN TXT   "0"
> >
> >being overidden by more specific information on single IP addresses.
> 
> 	You obviouly do not know how wildcard work in the DNS or you
> 	would not have made this suggestion.  Please read RFC 1034
> 	and work though Section 4.3.2. Algorithm with a QNAME of
> 	_send._smtp._srv.1.1.173.128.in-addr.arpa.

The proposal did say that it does not involve changing DNS?  It would be
nice to have a method to publish mail policy in a global fashion without
confronting the problems of wildcards or walking the directories.

*.tld TXT != mail policy thanks to exists +-~... & kitchen sink. : (

-Doug




More information about the NANOG mailing list