On 09/11/2015 02:36 PM, Reindl Harald wrote: > STAY ON LIST - the last time i had enough of repeating that a > answer on a public ML is not a invitation for private support i got > moderated...
Oups! Sorry! :-( Sorry! Sorry! I'm sending this with the whole "history" of our conversation. > it is my opinion backed by dealing with DNS and email for many > years facing all problems left and right we never had because the > strict policy here that one IP has only one PTR > > what "official bad practice" do you need when you can see the > problems otherwise would not be possible at your own? In the sense: "`best current practice' says something opposite". BTW: Are we talking on multiple PTRs for mail servers only or multiple PTRs in general? Best regards, /m > and no "gmail.com" (from your second mail) don't prove anything > else because there is no server on that world using "gmail.com" as > outgoing mail HELO what is the reason you can safely reject any > client which pretends to be "gmail.com" in the HELO > > [harry@srv-rhsoft:~]$ nslookup mail-ob0-f177.google.com Server: > 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: > Name: mail-ob0-f177.google.com Address: 209.85.214.177 > > [harry@srv-rhsoft:~]$ nslookup 209.85.214.177 Server: > 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: > 177.214.85.209.in-addr.arpa name = mail-ob0-f177.google.com. > > /^amazon\.com$/ REJECT Unacceptable > HELO (Forged) /^amazon\.de$/ REJECT > Unacceptable HELO (Forged) /^ebay\.at$/ > REJECT Unacceptable HELO (Forged) /^ebay\.com$/ > REJECT Unacceptable HELO (Forged) /^ebay\.de$/ > REJECT Unacceptable HELO (Forged) /^email\.com$/ > REJECT Unacceptable HELO (Forged) /^facebook\.com$/ > REJECT Unacceptable HELO (Forged) /^facebookmail\.com$/ > REJECT Unacceptable HELO (Forged) /^gmail\.com$/ > REJECT Unacceptable HELO (Forged) /^gmx\.at$/ > REJECT Unacceptable HELO (Forged) /^gmx\.de$/ > REJECT Unacceptable HELO (Forged) /^gmx\.li$/ > REJECT Unacceptable HELO (Forged) /^gmx\.net$/ > REJECT Unacceptable HELO (Forged) /^google\.com$/ > REJECT Unacceptable HELO (Forged) /^hotmail\.com$/ > REJECT Unacceptable HELO (Forged) /^hotmail\.fr$/ > REJECT Unacceptable HELO (Forged) /^hotmail\.kg$/ > REJECT Unacceptable HELO (Forged) /^hotmail\.kz$/ > REJECT Unacceptable HELO (Forged) /^hotmail\.ru$/ > REJECT Unacceptable HELO (Forged) /^mail\.com$/ > REJECT Unacceptable HELO (Forged) /^microsoft\.com$/ > REJECT Unacceptable HELO (Forged) /^twitter\.com$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.ca$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.com$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.de$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.dk$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.es$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.fr$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.ie$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.it$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.jp$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.ru$/ > REJECT Unacceptable HELO (Forged) /^yahoo\.se$/ > REJECT Unacceptable HELO (Forged) /^ns[0-9]\.gmail\.com$/ > REJECT Unacceptable HELO (Forged) > > Am 11.09.2015 um 14:28 schrieb Marek Kozlowski: >> On 09/11/2015 02:22 PM, Reindl Harald wrote: >>> >>> Am 11.09.2015 um 14:14 schrieb Marek Kozlowski: >>>> On 09/11/2015 02:10 PM, Reindl Harald wrote: >>>> >>>>> Am 11.09.2015 um 14:02 schrieb Marek Kozlowski: >>>>>> :-) >>>>>> >>>>>> I have defined several A and PTR records for my main >>>>>> server. Unfortunately, recently I've noticed that some >>>>>> peer servers have problems with rev-resolving my IP >>>>>> (verifying the name and address) if there are too many As >>>>>> and PTRs. I'm wondering if it's possible to specify one A >>>>>> and one PTR as a "main" name (same as hostname) for this >>>>>> server? Yes' I can use a single A and PTR and multiple >>>>>> CNAME's, however I'd prefer the solution with As and PTSs >>>>>> only. Any kind of priority? >>>>> >>>>> no >>>>> >>>>> just don't specifiy more than one PTR for a IP >>>> >>>> Specifying multiple CNAMEs for the same alias is not >>>> possible >>> >>> no idea what that means, a CNAME can point to anotehr CNAME in >>> circles >> >> I can't define sth. like this: >> >> somename IN CNAME something1 somename IN CNAME >> something2 >> >> But I can define a few As for `somename' pointing do different >> IPs. >> >>>> defining more than one PTR for the same IP is possible I >>>> believe there is some reason for it. >>> >>> until now nobody was able to show me one >> >> "I don't know" != "there is no" >> >> ;-) >> >>>> I think sometimes I might be useful. Is it a bad practice? >>> >>> it is a bad practice and leads exactly to the problems you >>> describe when the other side tries to verify A/PTR matching >>> because there is just no ordering like there is also no >>> rodering having multiple A records for the same name with >>> different IP's >> >> Is it you opinion or some ofiicial "bad practice"? >> >> Best regards, Marek > > > > _______________________________________________ Please visit > https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > -- Dr Eng. Marek Kozłowski Senior Lecturer Unix and Network Administrator Warsaw University of Technology Faculty of Mathematics and Information Sciences ul. Koszykowa 75, 00-662 Warszawa POLAND tel.: +48 601 827 225 e-mail: m.kozlow...@mini.pw.edu.pl _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
