From owner-freebsd-hackers Tue Apr 29 18:02:20 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id SAA21646 for hackers-outgoing; Tue, 29 Apr 1997 18:02:20 -0700 (PDT) Received: from freefall.freebsd.org (freefall.cdrom.com [204.216.27.21]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA21641 for ; Tue, 29 Apr 1997 18:02:18 -0700 (PDT) Received: from mixcom.mixcom.com (mixcom.mixcom.com [198.137.186.100]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id SAA02350 for ; Tue, 29 Apr 1997 18:02:14 -0700 (PDT) Received: by mixcom.mixcom.com (8.6.12/2.2) id UAA18556; Tue, 29 Apr 1997 20:03:29 -0500 Received: from p75.mixcom.com(198.137.186.25) by mixcom.mixcom.com via smap (V1.3) id sma018537; Tue Apr 29 20:03:11 1997 Message-Id: <3.0.32.19970429200413.00abaeb8@mixcom.com> X-Sender: sysop@mixcom.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Tue, 29 Apr 1997 20:04:14 -0500 To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) From: "Jeffrey J. Mountin" Subject: Re: Syslog bug? Cc: hackers@freebsd.com Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk At 07:19 PM 4/27/97 +0200, J Wunsch wrote: >They should get. This address appears in public, so it is expected to >be reverse lookupable. That is one point, the other is that http is an accessed service. It does not initiate any connections. From a security standpoint I'd say it is better to *not* have inverse on web hosts. The server they are on has inverse, so mail works perfectly for them, as the server is doing the actual work via SMTP. Keep in mind that this server is running smap for proxy and sendmail runs from cron, so sendmail does not need to do hostlookups. >To bother you to fix the broken DNS. :-) Yesterday one server refused SMTP connections from 186 unique servers due to lack of inverse. Now to add to my first part, a user on another system had inverse for their web host, but the server it was hosted on didn't, so it fails. I don't care to guess hown many refused connections for POP3 we get a week from dial-up addresses with no inverse. Just a bit annoyed at sendmail trying to tell me something is broken, when to me it isn't. New feature, my.... And there doesn't look like any quick fix. ------------------------------------------- Jeff Mountin - System/Network Administrator jeff@mixcom.net MIX Communications Serving the Internet since 1990