Re: DNS PTR record

["Atilla Remote Support" <info () atilla dhs org>]

Hi.

As far as I know there is no vulnarability with 
this (I could be wrong).:)
The problem however is that de ptr record for your 
mailserver shoud be correct.
Otherwise you could get listed in spamblock lists 
and you don't want your mta to get in there.
So I would correct the issue.

Regards, Richard.


----- Original Message ----- 
From: "Abo Sous" <abussous () gmail com>
To: <security-basics () securityfocus com>
Sent: Saturday, February 28, 2009 4:31 PM
Subject: DNS PTR record


> Hi List,
>
> i am digging a mail server and a router on my 
> domain; i get the
> following results:
>
> 1- the dig domain.com MX gives me:
> ;; QUESTION SECTION:
> ;domain.com                                 IN 
> MX
> ;; ANSWER SECTION:
> domain.com.                  20778      IN 
> MX          10
> mail.domain.com.
> ;; ADDITIONAL SECTION:
> mail.domain.com.                          20778 
> IN            A
>          y.y.y.230
>
> 2- the dig -x y.y.y.231 (the router) gives me:
> ;; QUESTION SECTION:
> ;231.y.y.y.in-addr.arpa. IN PTR
>
> ;; ANSWER SECTION:
> 231.y.y.y.in-addr.arpa. 21495 IN PTR 
> mail.domain.com.
>
> obviously, the output from step number 2 is 
> wrong
>
> my question is: where could this error possibly 
> lead to? what are the
> vulnerabilities / security issues that might 
> arise from this?
>
> thanks in advance,
>
> -A/S