In <9309220859 .
677 @
storax .
bnr .
co .
uk> Neil Todd <neil @
pio .
gid .
co .
uk> wrote:
>Whilst this may be venturing out of firewalls and into
>sendmail-workers, I believe that you have to be very careful if you are
>going to use tcpd or similar to decide that you are unwilling to accept
>an SMTP connection from a particular class of hosts (for example those
>that don't have a valid reverse lookup) perhaps in an attempt to force
>these hosts to route via one of the hosts listed in the higher numbered
>MX records for you then you should be careful in how you tell the other
>end to go away.
Sometimes, the fact that a reverse-IP lookup fails doesn't indicate
mischeif. I've been frustrated several times because we have a Dial-up
SLIP connection in which we assume the IP address of the modem into which
we dial, so IP lookups usually show us as <some-port>.baltimore.pub-ip.psi.net,
while we identify ourselves as "roadnet.roadnet.com". I've had a couple
of ftp deamons reject attempts to log in because the reverse lookup failed,
although I was trying to do stuff that was normal. Also, I'm convinced
that there's at least one SMTP daemon that's killing the connection after
issuing a "Hello <some-port>.baltimore.pub-ip.psi.net, why do you call
yourself roadnet.roadnet.com". I don't think I'm the only customer PSI
has using this particular setup.
Pete.
|
|
