Reverse DNS RFCs and Recommendations

• Previous message (by thread): Reverse DNS RFCs and Recommendations
• Next message (by thread): Reverse DNS RFCs and Recommendations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 30 Oct 2013, Andrew Sullivan wrote:

> On Wed, Oct 30, 2013 at 04:24:42PM +0000, Nick Hilliard wrote:
>> the only thing that's important is that forward and reverse DNS matches.
>
> As I think I've said before on this list, when we tried to get
> consensus on that claim in the DNSOP WG at the IETF, we couldn't.
> Indeed, we couldn't even get consensus on the much more bland
> statement, "Some people rely on the reverse, and you might want to
> take that into consideration when running your services."

The classic TCP wrapper had this as one of the security features, if 
reverse said something and this couldn't be verified by doing a forward 
lookup, the reverse was treated as invalid and not used for name based 
policies.

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se

• Previous message (by thread): Reverse DNS RFCs and Recommendations
• Next message (by thread): Reverse DNS RFCs and Recommendations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]