Justin Erenkrantz wrote: > This patch fixes the problem I mentioned in my reply to Jeff - namely > that any deny host directive should deny access when a double reverse > lookup fails.
If I understand you correctly, that would be a major change to current behavior. I believe that people expect a configuration like deny from .badguy.com to allow access from unknown IP addresses (IP addresses that have no reverse lookup). Obviously, this is not at all secure, but that is how it has always been, and it is the way I would expect it to work. Joshua.
