Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: educating rDNS violators

from [token] Network Security [Permanent Link]
Subject: Re: educating rDNS violators
Date: Thu, 26 Aug 2004 03:29:57 -0400 
On Wed, 25 Aug 2004 14:20:25 -0400, Derek Schaible
<dschaible@cssiinc.com> wrote:

On Wed, 2004-08-25 at 13:55, someone wrote:


This becomes even further complicated if a company is hosting with
somebody who provides "virtual domain" mail hosting. The server could
be mail.somefamily.net, but have a reverse DNS entry that points to
mail.myprovider.net. How is that invalid? Just because the records
don't match doesn't make me a spammer!



Mail servers should have correct DNS info. Forward and reverse. It is
the sysadmin's responsibility to ensure that their systems are
configured properly. Period.


I wanted to respond to this point to the list before I get flooded with
similar replies.

True, such a situation does not make you a spammer but using a virtual
domain will in no way impact the reverse DNS of the smtp server from
which the email is delivered. Reverse DNS is not matching the address of
the smtp server to the domain name in the email address. This would
break many things like reply-to, etc.

All it is doing is verifying that the server is who it claims to be.
Virtual mail domains are not impacted. I run many virtual email domains
as well for every website we host. These accounts can happily send mail
through our company's SMTP server, arrive in tact and survive an rDNS
lookup.

--
Derek Schaible <dschaible@cssiinc.com>
CSSI, Inc.



Quick little note on what is actually happening in the above scenario.
 The e-mail server makes and SMTP connection to send the mail.   The
receiving server does a lookup for reverse dns on the ip address.  It
gets mail.mydomain.com, next the receiving SMTP looks for IP address
for mail.mydomain.com and then makes sure the IP's match.  If so, it
delivers, if not, it rejects.   This works with cluster type mail
servers as well.

--chip

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: unable to join domain from DMZ, Charles Otstot
Next by Date:  Re: User Activity Monitoring, Edwin Rene
Previous by Thread:  RE: educating rDNS violators, David Gillett
Next by Thread:  RE: educating rDNS violators, David Gillett
Indexes:  [Date] [Thread] [Top] [All Lists]