Date: Fri, 17 Oct 1997 09:31:21 -0400 (EDT) From: Matt Behrens <matt@zigg.com> To: "Matthew D. Fuller" <fullermd@futuresouth.com> Cc: chad@dcfinc.com, Don Lewis <Don.Lewis@tsc.tdk.com>, root@eyelab.psy.msu.edu, dkelly@hiwaay.net, freebsd-stable@FreeBSD.ORG Subject: Re: Anti-spam sendmail in 2.2.5? Message-ID: <Pine.BSF.3.96.971017092826.6677B-100000@megaweapon.zigg.com> In-Reply-To: <Pine.BSF.3.96.971017010844.7972B-100000@shell.futuresouth.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Oct 1997, Matthew D. Fuller wrote: > I agree wholeheartedly with this. My system at home thinks it's one thing > (through ml.org), but it's really another thing, since I don't have a > static IP (hence, ml.org). so my host represents itself as one thing, but > a reverse DNS query says something totally different. Of course, this all > depends on whether we're resolving through DNS or reverse DNS; reverse DNS > would, I think, be the only good way to do this, since straight-forward > can be forged so easily it's not even funny. > But what can we do? (throwing up of hands) Reverse DNS is *much* easier to forge than forward. Anyone who owns the IN-ADDR.ARPA domain for their IP address can ``legitimately'' pretend to be anyone, in any domain. By contrast, to forge yourself on a forward lookup, you must control the domain you are pretending to be in. (Of course, there are other techniques that get around these, but they are difficult to implement and not widely used.) Matt Behrens | Help bring a free inter-user communication http://www.zigg.com/ | system to the Internet. Join the NetPager matt@zigg.com | Project! http://www.zigg.com/netpager/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971017092826.6677B-100000>