On Fri, Aug 25, 2000 at 02:44:49PM -0400,
Dave Sill <[EMAIL PROTECTED]> wrote:
> =?windows-1255?B?5+np7SDk7PT47w==?= <[EMAIL PROTECTED]> wrote:
>
> >why does it say in all the qmail manuals and LWQ to start smtpd with
> >tcpserver with the -p switch
> >to check dns addresses?
>
> Just being cautious. A bad guy could set up reverse DNS entries to
> make his IP addresses look like anyone he wants. By setting -p, you're
> requiring that the name and IP address are listed both forwards and
> backwards.
I agree that if you are going to use the returned hostname for anything
you should do a forward lookup to make sure the forward and reverse
addresses match.
>
> >why not start it with -R -H ? it runs much much faster that way...
> >Can someone explain this please?
>
> -R disables IDENT lookups, and -H disables host name lookups. Both are
> potentially useful sources of information, and in most qmail
> installations won't have severe performance penalty.
Generally hostnames aren't that useful. IP addresses are more useful when
trying to blame someone for something. Occasionally they might be used for
host authenication where you don't get (or want to deal with) IP address
changes. You don't want to do this where the costs of a break in are high.
ident lookups can help another site determine which of their users is
causing you problems. In general I don't find this very helpful. If I
am having problems with a host I would be inclined to block all access
by the host and not worry about whether the other site would be able to
track things back easier with the ident information. Other people might
have different requirements for which cooperating with other sites to
help them find troublemakers is valuable enough to make doing the ident
lookups worthwhile.
