Pieter Combrinck wrote: > Maybe all you need is to check PTR records for the MTA's connecting to > you. >
In actuality this thread has nothing to do with validating IP addresses at all. It's really about detecting spoofed domains. Check the rest of the thread, it's already been answered pretty well. As for validating the IP by checking the PTR record.. well, if it's invalid (i.e. unrouteable) you won't even get a connection on a non-broken mailserver, so you won't even have an IP address to check. Fortunately, you also won't have a message to deal with either. Moral of the story: use a server OS with at least semi-good TCP ISN selection. Really the main reason to check for PTR records is not to check if the IP is valid, but to check if the site is at least somewhat properly administered. Only the completely clueless fail to have PTR records for their mailservers.
