http://www.msexchange.org ------------------------------------------------------- Agreed - the wording isn't as clear as it might be - I also thought of this as a blocking mechanism until I tried to use it. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Periyasamy, Raj Sent: Friday, June 02, 2006 10:35 To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config http://www.msexchange.org -------------------------------------------------------Jim, You are right. I corrected myself after looking up the link, http://support.microsoft.com/kb/297412/en-us Since the wording is ambiguous in the SMTP properties page, many think it is similar to the feature available in spam filters and gateway virus scanners. HTH. Regards, Raj Periyasamy MCSE(Messaging), CCNA -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Friday, June 02, 2006 11:58 AM To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config http://www.msexchange.org ------------------------------------------------------- That's incorrect. The Exch RDNS feature uses the actual source IP address of the current TCP connection to initiate a RDNS lookup and merely notes "RNDS Failed" in the message headers if this lookup fails to match the sending host's domain. The incoming message header is not examined at all in the context of RDNS. The critical point is that unless: 1. you're the IP netblock owner or 2. your ISP provides PTR services ..your correct PTR record won't exist for anyone but hosts that use your DNS server for all lookups and RDNS will fail. You can use http://www.dnsreport.com/tools/dnsreport.ch?domain=<insertyourdomainhere > to validate this process. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Periyasamy, Raj Sent: Friday, June 02, 2006 08:44 To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config http://www.msexchange.org -------------------------------------------------------Reverse lookup compares the stamped IP address in the message header versus the resolved IP address using the PTR record. If the sender forged the domain name it fails. HTH. Regards, Raj Periyasamy MCSE(Messaging), CCNA -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Friday, June 02, 2006 11:39 AM To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config http://www.msexchange.org -------------------------------------------------------Unfortunately, that analogy is flawed. RDNS isn't "validating the origin"; it's "validating the PTR records in the netblock owner's DNS server" and nothing else. There are quite a few folks that can't get a valid PTR record built because their ISP doesn't provide such a simple service. The closest thing to your analogy is an SPF TXT record. This uses the DNS associated with the sending mail domain to determine the validity of the sending host. Also keep in mind that unless you're the netblock owner (<giggle> as if any SBS deployment could be), you can build PTR records in your public DNS all day long and not affect remote PTR lookups in any way whatsoever. The only functional way to work around this is via smarthost that actually does have a valid PTR record. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Taylor, George Sent: Friday, June 02, 2006 08:05 To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config Hmmm, should I dance around like a god? or do they even dance? :-) I have to disagree with you John. It is standard practice to require a valid RDNS lookup in order to except a piece of mail. Basically all you are doing is verifying that the sender is in fact who they say they are, or should I say the server connecting to your server is who it is advertising itself as. As you say, take a look at the real world: A guy walks into your mailroom wearing a purple shirt with a unibomber emblem and says "Take this package, it's from UPS..." What's your mail clerk going to say? "I'll take it because I don't care who you are, I just take all packages addressed to me..."? I hope not, that's how things get blown up, that's how your email system will get blown up with viruses, spam, threats, etc... If you cannot verify the origin of a piece of mail and you except it anyways, you put yourself at risk, a conscience email administrator is not going to allow that. Just my .02 George Taylor Systems Programmer Regional Health Inc. ________________________________ From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, June 01, 2006 5:07 PM To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config Andrew, please tell me you are not actually considering doing this. Yes, the big want-to-be Internet God's such as America Off Line block/refuse on no PTR, but that is not practical in the real world as the rest of us know it. Besides, I think America Off Line is just trying to get on Dan Quails' good side, if he has one. John T eServices For You "Seek, and ye shall find!" -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: Thursday, June 01, 2006 4:05 AM To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: IMF config Is there anyway to get IMF to drop emails that fail reverse lookup? Thanks Andrew All mail to and from this domain is GFI-scanned. ------------------------------------------------------- List Archives: //www.freelists.org/archives/exchangelist/ MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp MSExchange Articles and Tutorials: http://www.msexchange.org/articles_tutorials/ MSExchange Blogs: http://blogs.msexchange.org/ ------------------------------------------------------- Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------- To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp Report abuse to listadmin@xxxxxxxxxxxxxx ------------------------------------------------------- List Archives: //www.freelists.org/archives/exchangelist/ MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp MSExchange Articles and Tutorials: http://www.msexchange.org/articles_tutorials/ MSExchange Blogs: http://blogs.msexchange.org/ ------------------------------------------------------- Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------- To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp Report abuse to listadmin@xxxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------- List Archives: //www.freelists.org/archives/exchangelist/ MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp MSExchange Articles and Tutorials: http://www.msexchange.org/articles_tutorials/ MSExchange Blogs: http://blogs.msexchange.org/ ------------------------------------------------------- Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------- To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp Report abuse to listadmin@xxxxxxxxxxxxxx