automatic reverse and forwarding zones
Grant Taylor
gtaylor at tnetconsulting.net
Thu Oct 27 20:45:18 UTC 2022
On 10/27/22 1:24 PM, Marco wrote:
> At least for IPv4, there are servers that reject connections from
> IPs that don't have a reverse zone with PTR record.
Please elaborate.
I've not heard of (unspecified type of) servers rejecting connections
because of the lack of a PTR record.
I have heard of mail servers /accepting/ a /TCP/ /transport/ connection
layer but /rejecting/ email at the /SMTP/ /application/ layer for the
lack of a PTR record.
IMHO mail servers are not in scope for a $GENERATE style flood filling
of a zone. Rather they are in scope for very specifically generated
AAAA records.
> That is the only reason that I see for that.
> Most ISPs do it.
I'd say that /many/ ISPs populate in-addr.arpa zone(s) for IPv4. -- I
still run across IPv4 addresses that don't have PTR records way more
often than I think is reasonable.
I've seen no evidence that ISPs also populate ip6.arpa zone(s) for IPv6
in a similar way. Not the least of which are some of the reasons called
out in this thread.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20221027/56d1ed6a/attachment.bin>
More information about the bind-users
mailing list