Search Again: Re: Windows and QuickDNS From: Men & Mice Support Date: Wednesday, June 6, 2001 Time: 4:03:36 pm At 3:29 PM -0700 6/6/01, Aaron Lynch wrote: >On 6/6/01 2:31 PM, The Defendant "Men & Mice Support" ><cbuxton@menandmice.com> Confessed: > > > At 1:02 PM -0400 6/6/01, Dave Cooper wrote: > >> Hi, > >> > >> After recently tightening security on our mail server, all of my Windows > >> boxes (Win95,98,2000) are unable to send mail to the mail >server. The error > >> message indicates that the reverse DNS look is returning a different name, > >> etc. My Macs are ok. Does QuickDNS 2.21 work with Windows? If >so can you > >> offer any hint as to what isn't set up in my configuration? > > > > Your mail server is misconfigured. It should accept any and all mail > > from local machines. > > > > That oversight appears to be combining with a lack of PTR records for > > your Windows machines. Who controls your PTR records, you or your > > ISP? If you're on a private subnet, with a NAT server, then the > > answer is you, by definition. > > >I would take this a step farther. If you are bouncing mail based on a PTR >record not matching up, your mail server is misconfigured, and is >explicitly violating the RFC. (there was a thread about this on the >Communigate list) > >RFC1123: >----------- > > 5.2.5 HELO Command: RFC-821 Section 3.5 > > The sender-SMTP MUST ensure that the <domain> parameter in a > HELO command is a valid principal host domain name for the > client host. As a result, the receiver-SMTP will not have to > perform MX resolution on this name in order to validate the > HELO parameter. > > The HELO receiver MAY verify that the HELO parameter really > corresponds to the IP address of the sender. However, the > receiver MUST NOT refuse to accept a message, even if the > sender's HELO command fails verification. That's actually from RFC 1123 (std 3). I found this, though, toward the end of section 4.1.1 of RFC 821: The first command in a session must be the HELO command. The HELO command may be used later in a session as well. If the HELO command argument is not acceptable a 501 failure reply must be returned and the receiver-SMTP must stay in the same state. At any rate, these RFC's are approximately 12 and 19 years old, respectively, and date from the time when (a) the Internet was much smaller, (b) everyone trusted each other (moreso than today, anyway), and (c) the term 'spam' was just the name of a meat product. Things have changed since then. Some mail servers do discriminate based on PTR records, HELO hostname verification, etc. There was a major argument over this topic on the Bind Users list a few weeks ago. A couple of people (myself included) were trying to convince the postmaster at SkyNet (formerly the postmaster at AOL) that PTR record filters are a bad idea. He refused to be convinced. :-\ ____________________________________________________________________ Chris Buxton Men & Mice cbuxton@menandmice.com We Make DNS Easy!

Messages In This Thread: Windows and QuickDNS by Dave Cooper on Jun 6, 2001 at 10:02:47 am Re: Windows and QuickDNS by andrew on Jun 6, 2001 at 10:27:52 am Re: Windows and QuickDNS by Men & Mice Support on Jun 6, 2001 at 2:33:14 pm Re: Windows and QuickDNS by Aaron Lynch on Jun 6, 2001 at 3:30:35 pm Re: Windows and QuickDNS by Men & Mice Support on Jun 6, 2001 at 4:03:36 pm Re: Windows and QuickDNS by Dave Cooper on Jun 6, 2001 at 5:30:35 pm Re: Windows and QuickDNS by Dave Cooper on Jun 6, 2001 at 5:37:11 pm Re: Windows and QuickDNS by Men & Mice Support on Jun 6, 2001 at 9:55:57 pm Re: Windows and QuickDNS by Dave Cooper on Jun 8, 2001 at 8:36:47 am Re: Windows and QuickDNS by Men & Mice Support on Jun 8, 2001 at 9:50:57 am Re: Windows and QuickDNS by Sam Narayanan on Jun 10, 2001 at 12:35:08 pm Re: Windows and QuickDNS by micaelac on Jun 11, 2001 at 6:08:00 pm