[ExchangeList] Re: IMF config

  • From: "Periyasamy, Raj" <Raj.Periyasamy@xxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 2 Jun 2006 11:43:58 -0400

http://www.msexchange.org
-------------------------------------------------------Reverse lookup compares 
the stamped IP address in the message header
versus the resolved IP address using the PTR record. If the sender
forged the domain name it fails.


HTH.
Regards,
Raj Periyasamy
MCSE(Messaging), CCNA



-----Original Message-----
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
Sent: Friday, June 02, 2006 11:39 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: IMF config

http://www.msexchange.org
-------------------------------------------------------Unfortunately,
that analogy is flawed.
RDNS isn't "validating the origin"; it's "validating the PTR records in
the netblock owner's DNS server" and nothing else.  There are quite a
few folks that can't get a valid PTR record built because their ISP
doesn't provide such a simple service.
The closest thing to your analogy is an SPF TXT record.  This uses the
DNS associated with the sending mail domain to determine the validity of
the sending host.

Also keep in mind that unless you're the netblock owner (<giggle> as if
any SBS deployment could be), you can build PTR records in your public
DNS all day long and not affect remote PTR lookups in any way
whatsoever.

The only functional way to work around this is via smarthost that
actually does have a valid PTR record.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Taylor, George
Sent: Friday, June 02, 2006 08:05
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: IMF config

Hmmm, should I dance around like a god?  or do they even dance?  :-)
 
I have to disagree with you John.  It is standard practice to require a
valid RDNS lookup in order to except a piece of mail.  Basically all you
are doing is verifying that the sender is in fact who they say they are,
or should I say the server connecting to your server is who it is
advertising itself as.  As you say, take a look at the real world:
 
A guy walks into your mailroom wearing a purple shirt with a unibomber
emblem and says "Take this package, it's from UPS..."  What's your mail
clerk going to say?  "I'll take it because I don't care who you are, I
just take all packages addressed to me..."?  I hope not, that's how
things get blown up, that's how your email system will get blown up with
viruses, spam, threats, etc...  If you cannot verify the origin of a
piece of mail and you except it anyways, you put yourself at risk, a
conscience email administrator is not going to allow that.
 
 
Just my .02
 
George Taylor
Systems Programmer
Regional Health Inc.
 

________________________________

From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Thursday, June 01, 2006 5:07 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: IMF config



Andrew, please tell me you are not actually considering doing this.

 

Yes, the big want-to-be Internet God's such as America Off Line
block/refuse on no PTR, but that is not practical in the real world as
the rest of us know it. Besides, I think America Off Line is just trying
to get on Dan Quails' good side, if he has one.

 

John T

eServices For You

 

"Seek, and ye shall find!"

 

-----Original Message-----
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English
Sent: Thursday, June 01, 2006 4:05 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: IMF config

 

Is there anyway to get IMF to drop emails that fail reverse lookup?

 

Thanks

Andrew

 


All mail to and from this domain is GFI-scanned.

-------------------------------------------------------
List Archives: //www.freelists.org/archives/exchangelist/  
MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp 
MSExchange Articles and Tutorials:
http://www.msexchange.org/articles_tutorials/ 
MSExchange Blogs: http://blogs.msexchange.org/ 
-------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
-------------------------------------------------------
To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp
Report abuse to listadmin@xxxxxxxxxxxxxx 

-------------------------------------------------------
List Archives: //www.freelists.org/archives/exchangelist/
MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp
MSExchange Articles and Tutorials: http://www.msexchange.org/articles_tutorials/
MSExchange Blogs: http://blogs.msexchange.org/
-------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
-------------------------------------------------------
To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp
Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts: