-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[EMAIL PROTECTED]>, Wakko Warner <[EMAIL PROTECTED]> writes >Richard Clayton wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> In message <[EMAIL PROTECTED] >> .systemhost.net>, [EMAIL PROTECTED] writes >> >> >Previously, exim3 took the IP address of sending host, did a reverse >> >lookup to get a host name and looked for a match in a file. If the >> >customer domain was example.com, there would be 2 lines in the file for >> >example.com and *.example.com. This worked well. >> >> ITYM, no-one attacked this scheme, so you were happy with it. Now you've >> published the details you may not be happy for much longer :( >> >> If I own 128.232.15/24 then I can ensure that the reverse DNS for >> 128.232.15.208 is "richard.example.com" without ever discussing this >> with the good folks at Example Inc >> >> You will then authorise 128.232.15.208 to send email through your >> systems under the false belief that Example Inc is responsible :( This >> will do nothing for your reputation and connectivity :( > >IIRC, exim only accepts the name from rDNS if the DNS of that name matches >the IP.
that's precisely what the original poster was complaining about :( I was explaining the reasoning behind the change since exim3 ... and why one would not wish to try and "fix it" - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBRAB1ZpoAxkTY1oPiEQJGSQCfekfeiDRJuB5EOPiiL+ybT3f/OowAoI/9 20R2StZle+q5TJpg0SgKboEN =KtAO -----END PGP SIGNATURE----- -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
