Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 30 Apr 1997 07:56:43 +0200
From:      j@uriah.heep.sax.de (J Wunsch)
To:        freebsd-hackers@freebsd.org (FreeBSD hackers)
Cc:        sysop@mixcom.com (Jeffrey J. Mountin)
Subject:   Re: Syslog bug?
Message-ID:  <19970430075643.VV65060@uriah.heep.sax.de>
In-Reply-To: <3.0.32.19970429200413.00abaeb8@mixcom.com>; from Jeffrey J. Mountin on Apr 29, 1997 20:04:14 -0500
References:  <3.0.32.19970429200413.00abaeb8@mixcom.com>

next in thread | previous in thread | raw e-mail | index | archive | help
As Jeffrey J. Mountin wrote:

> >They should get.  This address appears in public, so it is expected to
> >be reverse lookupable.
> 
> That is one point, the other is that http is an accessed service.  It does
> not initiate any connections.

It is sending packets into the public (perhaps only answer packets,
but you probably can't even guarantee this, think of an FTP data
channel).  As such, it should be in reverse DNS.

>  From a security standpoint I'd say it is
> better to *not* have inverse on web hosts.

Huh?  What security do you gain by this?  None.

> Just a bit annoyed at sendmail trying to tell me something is broken, when
> to me it isn't.  New feature, my....  And there doesn't look like any quick
> fix.

I agree that there should be a way to tell sendmail to not bind to all
addresses.  Go and add this feature.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970430075643.VV65060>