D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] [OT] rDNS questions

 

dclug@xxxxxxxxxxxxxxxx wrote:
> 
> Is rDNS just used for email validation or is it used for anything else?

The wrapper library can use it to secure services (at least as secure as
the DNS is). Useful for stopping the perpetual attempts to abuse
services in large companies, where you can say all SSH attempts are only
allowed from inside the company plus the admins home PCs. I wouldn't
rely on this, but it is sometimes a useful first line to keep out
password guessers and such like. Quite a lot of things are compiled with
the relevant libraries in.

For email servers I configure it so if I have a server
"canonicalservername.example.com" with IP address 1.2.3.4

I ensure that the machine greets (HELO/EHLO) with this name, and that
the reverse lookup of 1.2.3.4 maps to the fully qualified name of the
server.

I don't think just the domain is useful in the reverse lookup, as some
folk are specifically requiring that the reverse, then forward lookup
returns that same IP address.

i,e,

1.2.3.4 -> fqdn
fqdn -> 1.2.3.4


-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html