This is a discussion on Re: Validity of CNAME to a PTR - DNS ; In message , Scott Haneda writ es: > I am looking at PTR checking on a email server. In test, I see there > are a few DNS setups where they CNAME their PTR records. From a RFC > standpoint, ...
In message <9FDAC74F-3774-4E0D-91A3-A1392BA914A2@newgeo.com>, Scott Haneda writ
> I am looking at PTR checking on a email server. In test, I see there
> are a few DNS setups where they CNAME their PTR records. From a RFC
> standpoint, is this valid, I am not finding any data to claim one way
> or the other.
Yes. It's common for any address assignment block smaller
than a /24 and has been for over 10 years now.
> If it is acceptable, and I realize this is getting as bit off topic,
> is the only recourse to simply whitelist those hosts that are doing
That one depends on the software you are using. Personally
I would fix the software as it is broken. Alternatively
you could stop checking PTR records. There's little real
benefit in it.
> Here is the first one I found, that tripped up my filter test (mysql
> mailing list):
> $dig -x 126.96.36.199
> ; <<>> DiG 9.4.2-P2 <<>> -x 188.8.131.52
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28031
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;184.108.40.206.in-addr.arpa. IN PTR
> ;; ANSWER SECTION:
> 220.127.116.11.in-addr.arpa. 86400 IN CNAME 31.0-18.104.22.168.in-
> 31.0-22.214.171.124.in-addr.arpa. 3600 IN PTR lists2.mysql.com.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org