Security Basics mailing list archives
[RE: educating rDNS violators]
From: Pat Moffitt <pmoffitt () wrv com>
Date: Thu, 23 Sep 2004 14:19:01 -0700
I am not attempting to verify the HELO Command. I am attempting to verify the IP Address of the system that is trying to make the SMTP connection. As such, this section of the RFC does not apply. I see nothing in this RFC that applies to using RDNS to reject mail connections, only on using RDNS to verify HELO commands.
Pat Moffitt MIS Administrator Western Recreational Vehicles, Inc. -------- Original Message -------- Subject: RE: educating rDNS violators Date: Tue, 31 Aug 2004 13:35:34 -0400 From: LordInfidel () directionweb com To: 'Derek Schaible' <dschaible () cssiinc com>, Niek <niek () packetstorm nu> CC: security-basics () securityfocus com [snip - to supply the relevent part of the message] 6. Section 5.2.5 of rfc1123 covers this quite explicitly. Rejecting mail based on RDNS ~~~***VIOLATES***~~~ the RFC: http://www.faqs.org/rfcs/rfc1123.html 5.2.5 HELO Command: RFC-821 Section 3.5 [snip]
--------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- [RE: educating rDNS violators] Pat Moffitt (Sep 26)
- RE: educating rDNS violators] David Gillett (Sep 28)