Re: Reverse DNS

From: Michael Pelletier (mjpelletier_at_mjpelletier.com)
Date: 05/02/05


Date: Sun, 01 May 2005 19:18:04 -0700

Frankster wrote:

> Why might I benefit from have a reverse lookup record?
>
> I know one school of thought it to not use a reverse entry to protect
> privacy.
>
> Another is to have one, but why?
>
> Thanks,
>
> -Frank

First, realize that security by obscurity never works. Second, you need
reverse DNS for things like email gateways. A lot of people will block you
if you do not have a reverse DNS enabled. Not using reverse DNS can also
can break some protocols...

In short, your security policy should not be based on obscurity. In my
opinion not using reverse DNS is a mistake.

Michael

-- 
"Microsoft isn't evil, they just make really crappy operating systems." -
Linus Torvald


Relevant Pages

  • Re: reverse DNS resolution...
    ... We're trying to get reverse DNS resolution for a block of IPs ... We've had the 10.x network working great at the office ... your DNS needs to be authoritative for both forward and reverse. ... IN PTR user1.vpn. ...
    (freebsd-questions)
  • Re: DNS Records for an Exchange Server serving multiple domains
    ... >> Exchange server to send and receive email for multiple domains. ... Reverse DNS does not matter. ... Reverse DNS lookups, it will come back as valid. ... This posting is provided "AS-IS" with no warranties or guarantees ...
    (microsoft.public.exchange2000.admin)
  • Re: DNS Records for an Exchange Server serving multiple domains
    ... >> Exchange server to send and receive email for multiple domains. ... Reverse DNS does not matter. ... Reverse DNS lookups, it will come back as valid. ... This posting is provided "AS-IS" with no warranties or guarantees ...
    (microsoft.public.win2000.dns)
  • Re: DNS Records for an Exchange Server serving multiple domains
    ... >> Exchange server to send and receive email for multiple domains. ... Reverse DNS does not matter. ... Reverse DNS lookups, it will come back as valid. ... This posting is provided "AS-IS" with no warranties or guarantees ...
    (microsoft.public.exchange2000.general)
  • Re: SSH login takes very long time...sometimes
    ... > you can fake your IP and you can fake your hostname, ... > responsibility and so he will probably not set up false dns reverse data. ... > and when your residential Ip provider do not has a correct reverse DNS get ...
    (freebsd-stable)