"Domains" and "FROM Emails" BlackLists (differences?) |
Post Reply 
|
| Author | |
Gabriel Langen 
Guest Group 
|
 Post Options
 Thanks(0)
 Quote Reply
 Topic: "Domains" and "FROM Emails" BlackLists (differences?)Posted: 28 July 2003 at 1:52am |
|
Hi, I don't exactly understand against wich information the two lists (Domains and FROM Emails) are compared!! I put the same information in both. I understand the two are compared against the SMTP From! Is there a way to test the reverse DNS-name? Thank you! Gaby |
|
 |
|
|
Gabriel Langen
Guest Group
|
Post Options
Thanks(0)
Quote Reply
Posted: 28 July 2003 at 2:47am |
|
Hi, I answer to myself! I re-read the "How it works" and I understand but my question remains! Is there a way to test the reverse DNS-name? easier than IP classes (I think so)? Thanks, Gaby |
|
|
|
|
Al
Guest Group
|
Post Options
Thanks(0)
Quote Reply
Posted: 28 July 2003 at 9:35am |
|
> Is there a way to test the reverse DNS-name? Manually: Take the message header, and find the from address. In my case, it would be xxx@mtprint.com. Shell out to Dos and type (without the dashes): - nslookup You should see something like: Now, check the header of the message. If the message from me originated from 209.183.146.39, then you have a proper rDNS. Anyone have a quicker way of doing this? - Al |
|
|
|
|
Al
Guest Group
|
Post Options
Thanks(0)
Quote Reply
Posted: 28 July 2003 at 11:36am |
|
Just realized that this might not always be the case. For example, you could have a client that has an email address of ???@mtprint.com, but the mail comes from their ISP. So, you could receive the message from their ISP's mail server ???@uunet.net (or whomever). You'd have to do the rDNS on the mail server address, not the client email address. Did I confuse things? - Al
|
|
|
|
|
Gabriel Langen
Guest Group
|
Post Options
Thanks(0)
Quote Reply
Posted: 28 July 2003 at 4:32pm |
|
I think you are right! I'm waiting for a Blaclists of hostname (with RegEx) because I think the server name is more "stable" than the "From" that is often forged! Thanks, Gaby
|
|
|
|
|
Desperado
Senior Member 
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 28 July 2003 at 8:52pm |
|
RDNS actually only refers to resolution on the IP address that the email arrived on. This does not have to be in any way related to the actual MX record. I may, in fact, be the WAN IP of the router it came from. The only requirement is the it actually resolves. If it dowe resolve, than someone or some organization is taking responsibility for the identification and use of that IP. The actual test for RDNS is to take the IP of the machint that LAST touched your mail server, or actually made the connection and use that IP to see if there is a valid "PTR" record. In DOS, if you have "nslookup" you do the following: > nslookup <enter> > set type=ptr <enter> > xx.xx.xx.xx <enter> (The ip to check) The result will be a timeout if the dns server doesn't respond or doesn't exist or will give you a fully qualified domain name if it has valid RDNS. Dan S.
|
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.160 seconds.