On 16 Jan 2007 18:40:00 GMT, Mark <_markdv_@tiscali.nl> wrote:

>2. Considering the above, is there a (functional) difference between using
>"verify = reverse_host_lookup" and
>"condition = ${if def:sender_host_name}}" in an ACL? Unless I'm
>overlooking something I don't thinks so. Guess my question is; am I
>overlooking something?

A host can have several names and the reverse DNS isn't always going
to return that particular one. For example, suppose a cpanel host has
a domain example.com and the user has set the machine to also resolve
as ns1.example.com and mx.example.com and www.example.com. I believe
that reverse DNS will always resolve to just example.com, even if the
machine name has been set to ns1.example.com in linux.

Also, suppose he adds a business website called example2.com and that
user wants it to appear as if he has his own mail server and probably
name servers as well if the registrar will let him point a new
nameserver to an address that is already a nameserver. BTW, I've seen
the nameserver thing be refused by a registrar and I've also seen it
work on the same registrar. Anyway, he sets the mx record for
example2.com to point to mx.example2.com. A forward lookup on
mx.example2.com will return the correct IP address, but a reverse DNS
lookup will still return example.com.

Hope this helps,

-- David