[76173] in North American Network Operators' Group
Re: is reverse dns required? (policy question)
daemon@ATHENA.MIT.EDU (Mark Andrews)
Thu Dec 2 19:04:51 2004
Date: Fri, 3 Dec 2004 11:03:57 +1100 (EST)
From: Mark Andrews <Mark_Andrews@isc.org>
To: nanog-list@nrg4u.com, nanog@merit.edu
In-Reply-To: <41AF5C33.4050202@nrg4u.com>
Cc:
Errors-To: owner-nanog-outgoing@merit.edu
In article <41AF5C33.4050202@nrg4u.com> you write:
>
>You would put in a global wildcard that says no smtp sender here. Only
>for those boxes being legitimate SMTP to outside senders you'd put in a
>more specific record as shown above. You probably have to enter some dozen
>to one hundred servers this way. Sure your reverse zone scripts need some
>changes but it's only two or three lines.
>
>Ideally you could tell your DNS server in the zone file this:
>
> _send._smtp._srv.*.*.173.128.in-addr.arpa. IN TXT "0"
> _send._smtp._srv.*.*.82.198.in-addr.arpa. IN TXT "0"
>
>being overidden by more specific information on single IP addresses.
You obviouly do not know how wildcard work in the DNS or you
would not have made this suggestion. Please read RFC 1034
and work though Section 4.3.2. Algorithm with a QNAME of
_send._smtp._srv.1.1.173.128.in-addr.arpa.
