[ppml] Policy Proposal: Authentication of Legacy Resources

Keith Medcalf kmedcalf at dessus.com
Thu Jul 12 15:54:35 EDT 2007


 
> # 4.3 Application considerations
> #
> #   Applications should not rely on reverse mapping for 
> proper operation,
> #   although functions that depend on reverse mapping will 
> obviously not
> #   work in its absence.  Operators and users are reminded 
> that the use
> #   of the reverse tree, sometimes in conjunction with a lookup of the
> #   name resulting from the PTR record, provides no real security, can
> #   lead to erroneous results and generally just increases load on DNS
> #   servers. Further, in cases where address block holders fail to
> #   properly configure reverse mapping, users of those blocks are
> #   penalized.

Hrm.  They should read the RFC for the operation of an MTA connected to
the Internet.  That RFC requires (MUST) proper DNS (forward and reverse)
for any MTA attached to the Internet and that any "unauthenticated"
incoming SMTP connection from a source where the DNS is incorrectly
configured MAY be dropped.

> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> -=-=-=-=-=-=-
> Edward Lewis                                                
> +1-571-434-5468
> NeuStar
> 
> Think glocally.  Act confused.
> _______________________________________________
> This message sent to you through the ARIN Public Policy Mailing List
> (PPML at arin.net).
> Manage your mailing list subscription at:
> http://lists.arin.net/mailman/listinfo/ppml
> 






More information about the ARIN-PPML mailing list