Subj : SixXs
To   : Scott Little
From : Alexey Vissarionov
Date : Thu May 29 2014 09:04:06

Good ${greeting_time}, Scott!

29 May 2014 12:51:10, you wrote to Markus Reschke:

 MR>> my email address could have failed. My guess is that the forward and
 MR>> reverse mapping differ. But it would be nonsense to check that
 SL> My mail server will reject RDNS mismatches too - it stops a TONNE
 SL> of spam. The solution is simply to not try and be cute with
 SL> "mail.domain.com" if your server isn't actually called "mail".
 SL> www/ftp/mail can still be CNAMEs as long as the MTA knows what its
 SL> real name is.

For mail server, the good pactice is to check whether:
1. HELO argument resolves to the client's IP address
2. PTR record for the client's IP address is equal to HELO argument


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii

.... god@universe:~ # cvs up && make world
--- /bin/vi
 * Origin: http://openwall.com/Owl (2:5020/545)

.