In message <[EMAIL PROTECTED]>, Scott Haneda writ es: > I am looking at PTR checking on a email server. In test, I see there > are a few DNS setups where they CNAME their PTR records. From a RFC > standpoint, is this valid, I am not finding any data to claim one way > or the other.
Yes. It's common for any address assignment block smaller than a /24 and has been for over 10 years now. > If it is acceptable, and I realize this is getting as bit off topic, > is the only recourse to simply whitelist those hosts that are doing > this? That one depends on the software you are using. Personally I would fix the software as it is broken. Alternatively you could stop checking PTR records. There's little real benefit in it. > Here is the first one I found, that tripped up my filter test (mysql > mailing list): > $dig -x 213.136.52.31 > > ; <<>> DiG 9.4.2-P2 <<>> -x 213.136.52.31 > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28031 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;31.52.136.213.in-addr.arpa. IN PTR > > ;; ANSWER SECTION: > 31.52.136.213.in-addr.arpa. 86400 IN CNAME 31.0-25.52.136.213.in- > addr.arpa. > 31.0-25.52.136.213.in-addr.arpa. 3600 IN PTR lists2.mysql.com. > > -- > Scott > > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]