Reverse Dns Question...is it really necessary or not?
Jim Reid
jim at rfc1035.com
Wed Jul 14 19:49:21 UTC 2004
>>>>> "Jonathan" == Jonathan de Boyne Pollard <J.deBoynePollard at Tesco.NET> writes:
CN> if no reverse dns are setup for my domains, is it possible
CN> that I may miss couple of emails?
Jonathan> People apply reverse lookup checks (even though they
Jonathan> don't actually gain them anything) on the addresses of
Jonathan> SMTP Relay clients. No-one with any sense applies a
Jonathan> reverse lookup check on the address of an SMTP Relay
Jonathan> *server*.
You're quite wrong. No SMTP server has any way of knowing if the thing
that's just connected to it is an SMTP Relay server or not. [Perhaps
the IETF's marid WG will come up with something to address that.] All
the server sees is a client speaking SMTP. Lack of a reverse DNS entry
for that client is usually a pretty good indication that the client is
a spammer. Over 90% of the spam I used to get came from hosts with no
reverse DNS entry. But not any more. :-) Note I'm talking about NOHOST,
NXDOMAIN or SERVFAIL responses, not replies that have PTR records
pointing at bogus hostnames. Though if someone wanted, these could be
checked and rejected too I suppose.
It's not at all unreasonable for any service -- www, ftp. smtp, ssh,
etc -- to refuse to talk to clients that don't have their reverse DNS
in order. So to go back to the OP's question, yes, he/she should have
working reverse DNS entries for any hosts they have on the net. Without
this, the OP will find it difficult to get mail into many organisations.
Fixing the reverse DNS entries should only take a few minutes and may
well save a lot of pain later. Like posting a question here about why
nslookup doesn't work....
More information about the bind-users
mailing list