Security Basics mailing list archives
RE: DNS PTR record
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 3 Mar 2009 12:05:56 -0800
We have an email server here which expects to receive inbound email at one IP address and originate outbound email from an adjacent address. Apparently this configuration, while it surprises people who hope to use rDNS to detect spam, is not at all unusual amongst real-world email deployments. David Gillett
-----Original Message----- From: Ronald van der Westen [mailto:rvdwesten () gmail com] Sent: Monday, March 02, 2009 9:47 PM To: Abo Sous Cc: security-basics () securityfocus com Subject: Re: DNS PTR record Hi, What are you trying to achieve with this? It looks like there is a PTR record for the y.y.y.231 which points to mail.domain.com. And mail.domain.com points to y.y.y.230, are you sure there are not multiple A-records for mail.domain.com? Where does the PTR for .230 point to? What did you expect to happen? This is probably the result of not cleaning old records, or just a wrong configuration, nothing special, quite common ;-) -Ronald On Sat, Feb 28, 2009 at 4:31 PM, Abo Sous <abussous () gmail com> wrote:Hi List, i am digging a mail server and a router on my domain; i get the following results: 1- the dig domain.com MX gives me: ;; QUESTION SECTION: ;domain.com IN MX ;; ANSWER SECTION: domain.com. 20778 IN MX10mail.domain.com. ;; ADDITIONAL SECTION: mail.domain.com. 20778 IN A y.y.y.230 2- the dig -x y.y.y.231 (the router) gives me: ;; QUESTION SECTION: ;231.y.y.y.in-addr.arpa. IN PTR ;; ANSWER SECTION: 231.y.y.y.in-addr.arpa. 21495 IN PTR mail.domain.com. obviously, the output from step number 2 is wrong my question is: where could this error possibly lead to?what are thevulnerabilities / security issues that might arise from this? thanks in advance, -A/S-- Ronald van der Westen
Current thread:
- DNS PTR record Abo Sous (Mar 02)
- Re: DNS PTR record Ronald van der Westen (Mar 03)
- RE: DNS PTR record David Gillett (Mar 03)
- Re: DNS PTR record Atilla Remote Support (Mar 03)
- Re: DNS PTR record Ronald van der Westen (Mar 03)