RE: Split DNS Questions...
- From: "Ball, Dan" <DBall@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 25 Apr 2005 14:01:55 -0400
Sounds like we can put it almost into the category of the black-list
method of spam control. However, we have to account for idiots using
these techniques to get our mail through...
I finally managed to sit down and go through the steps this morning on
creating a Split DNS, and discovered that we already had one... I
hadn't thought of ours as being one before, for some reason I was
thinking there was more to it. If we can resolve the same hostname to
two different IP addresses depending on where you're querying from, I
guess we have one.
So, at this point, I'm stuck with fighting with the ISP to get our
records updated correctly, or setting up our own "public" DNS server
(and then fight to get the ISP to make it the authoritative one)...
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Monday, April 25, 2005 11:05
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Split DNS Questions...
http://www.ISAserver.org
Hi Dan,
The issue could come up depending on what DNS servers the SMTP servers
on the Internet use for reverse lookups. I don't was time on reverse
lookups because the method is inhernetly flawed, but that's besides the
point. If the DNS servers don't preserve the TTL sent by your DNS agent,
then there could be problems. I'm taking a look this week at the
RainConnect service that comes with the RoadBLOCK ISA hardware firewall,
so I hope to have more insight on how to best approach this problem by
the end of the week.
HTH,
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
Other related posts:
