Richard Clayton wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > In message <[EMAIL PROTECTED] > .systemhost.net>, [EMAIL PROTECTED] writes > > >Previously, exim3 took the IP address of sending host, did a reverse > >lookup to get a host name and looked for a match in a file. If the > >customer domain was example.com, there would be 2 lines in the file for > >example.com and *.example.com. This worked well. > > ITYM, no-one attacked this scheme, so you were happy with it. Now you've > published the details you may not be happy for much longer :( > > If I own 128.232.15/24 then I can ensure that the reverse DNS for > 128.232.15.208 is "richard.example.com" without ever discussing this > with the good folks at Example Inc > > You will then authorise 128.232.15.208 to send email through your > systems under the false belief that Example Inc is responsible :( This > will do nothing for your reputation and connectivity :(
IIRC, exim only accepts the name from rDNS if the DNS of that name matches the IP. So if: 128.232.15.208 resolves to richard.example.com, but richard.example.com doesn't exist, then exim won't accept the name richard.example.com The only way I know to get the name from rDNS w/o checking forward DNS is to use the dnsdb lookup. -- Lab tests show that use of micro$oft causes cancer in lab animals Got Gas??? -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
