is reverse dns required? (policy question)
Douglas Otis
dotis at mail-abuse.org
Fri Dec 3 02:51:01 UTC 2004
On Thu, 2004-12-02 at 16:03, Mark Andrews wrote:
> In article <41AF5C33.4050202 at nrg4u.com> you write:
> >
> >You would put in a global wildcard that says no smtp sender here. Only
> >for those boxes being legitimate SMTP to outside senders you'd put in a
> >more specific record as shown above. You probably have to enter some dozen
> >to one hundred servers this way. Sure your reverse zone scripts need some
> >changes but it's only two or three lines.
> >
> >Ideally you could tell your DNS server in the zone file this:
> >
> > _send._smtp._srv.*.*.173.128.in-addr.arpa. IN TXT "0"
> > _send._smtp._srv.*.*.82.198.in-addr.arpa. IN TXT "0"
> >
> >being overidden by more specific information on single IP addresses.
>
> You obviouly do not know how wildcard work in the DNS or you
> would not have made this suggestion. Please read RFC 1034
> and work though Section 4.3.2. Algorithm with a QNAME of
> _send._smtp._srv.1.1.173.128.in-addr.arpa.
The proposal did say that it does not involve changing DNS? It would be
nice to have a method to publish mail policy in a global fashion without
confronting the problems of wildcards or walking the directories.
*.tld TXT != mail policy thanks to exists +-~... & kitchen sink. : (
-Doug
More information about the NANOG
mailing list