[milters] Archive

Lists Index Date Thread Search

Article: 1731
From: Derek J. Balling
Date: 2007-09-23 09:37:16 -0400
Subject: Re: milter-link problems

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

On Sep 23, 2007, at 9:01 AM, Anthony Howe wrote:
>> No he couldn't, because (if everything is working properly) sendmail
>> won't "trust" that PTR record because there's no corresponding A
>> record for "localhost.localdomain" pointing at the IP address.
>
> Most resolvers will consult /etc/hosts either before or after an A
> record lookup attempt and find
>
> 127.0.0.1	localhost.localdomain localhost
>
> thus completing the mapping reverse-forward mapping. I remember being
> told this was an issue several years ago. Maybe sendmail and the other
> MTAs detects this now, but I prefer not to take the chance.
>

No it doesn't complete the mapping

Spammer is at IP address aaa.bbb.ccc.ddd

ddd.ccc.bbb.aaa.in-addr.arpa localhost.localdomain.

localhost.localdomain IN A 127.0.0.1
(or equivalent via hosts file)

127.0.0.1 != aaa.bbb.ccc.ddd

It's only an issue if you're using the wrong macro values... IIRC  
there's two macro values, one which is simply the value of the PTR  
record, and one which is the "connecting host" which is a more  
"paranoid" (e.g., it does the double-resolution check and if it fails  
simply contains the IP address) check

Cheers,
D




-- Binary/unsupported file stripped by Ecartis --
-- Type: application/pkcs7-signature
-- File: smime.p7s



Lists Index Date Thread Search