Reverse address entries
Charles Swiger
cswiger at mac.com
Fri Jun 28 18:06:54 UTC 2013
On Jun 28, 2013, at 10:54 AM, "Ward, Mike S" <mward at SSFCU.org> wrote:
> Hello all, is there any reason to setup reverse address entries for a zone?
Certainly. Various software performs what's called a double-reverse lookup
to confirm that the A and PTR records match.
> I have asked some of the admins here and the consensus from them is that only A records are necessary. Is this true?
I suppose that depends on how wide (or limited) one's view of "necessary" is.
Many mail systems choose not to grant much trust towards IPs without good DNS.
Java's SSL on some platform performs a double-reverse check and declines to proceed if there is a mismatch.
Regards,
--
-Chuck
More information about the bind-users
mailing list