On Fre, 2011-02-25 at 08:50 -0500, David F. Skoll wrote:
> On Fri, 25 Feb 2011 12:57:39 +0000
> Martin Gregorie <mar...@gregorie.org> wrote:
>
> > However, the thing I hadn't seen before is that its IP, 208.115.216.98
> > resolves to 98-216-115-208.static.reverse.lstn.net
>
> > So, is this a normal, expected reverse DNS result that I just haven't
> > seen before or is it intended to trick MTAs into thinking that the
> > reverse DNS lookup was successful? If the latter is the case, is there
> > some way of writing a rule to detect it?
>
> It's not a trick. The more responsible providers create PTR records
> for all of their addresses and they often use a template so they don't
> need to come up with actual machine names.
>
> There are some rules to try to detect this kind of thing, but I don't
> think they are very effective. There are plenty of business cable and
> DSL providers with legitimate MTAs on IPs that reverse to a
> stereotyped host name.
ACK. But the more serious ones also provide forward ones which doesn't
hold for the above example. 98-216-115-208.static.reverse.lstn.net
doesn't resolve hereover.
BTW some DSL and cable providers actually do not provide reverse entries
just because they are "dial up" lines and everyone out there should be
able to detect this.
Bernd
--
Bernd Petrovitsch Email : be...@petrovitsch.priv.at
LUGA : http://www.luga.at
