PHWinfo - Afficher un message

11/10/2007, 14h20

On Wed, 10 Oct 2007 01:48:41 -0400, in comp.protocols.tcp-ip.domains
(message <barmar-88BED3.01484110102007@comcast.dca.giganews.com>), Barry
Margolin <barmar@alum.mit.edu> wrote:

> Can you give examples of how they use them? As explained in the I-D,
> most reverse checks start by performing a reverse lookup, then check
> whether the name resolves to the original address. This just requires
> one PTR record and a corresponding A record -- additional A records are
> irrelevant and don't require corresponding PTR records.

Some try to match names, as well -- that is, they check to make sure
that the name at the PTR is also the name of the A record.

> address. But this only requires one PTR record, as long as the SMTP
> client is configured to send that hostname in its HELO command.

Right; so there is more than one way to do things. Obviously, if the
hostname isn't really used anywhere, there's no need for a PTR to it
either. It's only in the case where you're actually using the hostname
that it makes any difference.

> The I-D is also pretty clear that this should not be taken to extreme.
> Virtual web servers do *not* need reverse records for every hostname
> that points to them.

Sure, and I'd never suggest otherwise. But the I-D says quite clearly
that, in the absense of strong counter-considerations, you should
usually have a reverse mapping for every forward mapping. Virtual web
servers are an obvious case where applying that rule would do more harm
than good, so you should follow another principle.

Best,

Andrew Sullivan
pull bell to reply by email

11/10/2007, 14h20	#7
Andrew Sullivan Messages: n/a Hébergeur:	Re: 2 domains 1 IP On Wed, 10 Oct 2007 01:48:41 -0400, in comp.protocols.tcp-ip.domains (message <barmar-88BED3.01484110102007@comcast.dca.giganews.com>), Barry Margolin <barmar@alum.mit.edu> wrote: > Can you give examples of how they use them? As explained in the I-D, > most reverse checks start by performing a reverse lookup, then check > whether the name resolves to the original address. This just requires > one PTR record and a corresponding A record -- additional A records are > irrelevant and don't require corresponding PTR records. Some try to match names, as well -- that is, they check to make sure that the name at the PTR is also the name of the A record. > address. But this only requires one PTR record, as long as the SMTP > client is configured to send that hostname in its HELO command. Right; so there is more than one way to do things. Obviously, if the hostname isn't really used anywhere, there's no need for a PTR to it either. It's only in the case where you're actually using the hostname that it makes any difference. > The I-D is also pretty clear that this should not be taken to extreme. > Virtual web servers do not need reverse records for every hostname > that points to them. Sure, and I'd never suggest otherwise. But the I-D says quite clearly that, in the absense of strong counter-considerations, you should usually have a reverse mapping for every forward mapping. Virtual web servers are an obvious case where applying that rule would do more harm than good, so you should follow another principle. Best, Andrew Sullivan pull bell to reply by email