This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] lameness and unreachability
- Previous message (by thread): [dns-wg] lameness and unreachability
- Next message (by thread): [dns-wg] lameness and unreachability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Patrik Fältström
paf at cisco.com
Sat May 24 17:52:36 CEST 2003
On lördag, maj 24, 2003, at 12:25 Europe/Stockholm, Jim Reid wrote:
>>> W domain of the hostmaster email is not an openrelay
>
> Ed> That's beyond DNS. A real concern, but if I just want to test
> Ed> DNS, then I don't want to do those tests.
>
> I agree. Checking and suppressing open relays is a Noble Thing. But
> it's orthogonal to whether some domain has been set up correctly on
> decent DNS infrastructure.
What I do is to check that the email address "works":
- Look up all MX for the domain in SOA email (or all A for SOA email)
- Look up all A records for each MX
- Look up all IP addresses for each A
- Try to connect to port 25 for every A (every A must respond, but only
one IP address per A)
- Try EHLO and email address -> Warning if this doesn't work, fall
back to HELO
- Send empty envelope from address -> Warning if this doesn't wor,
fall back to use some email address (the one in the settings)
- Send rcpt to: email address in SOA -> ERROR if this is not resulting
in a 2xx response
I personally find this being part of "correct DNS configuration", i.e.
I only see "ERRORS" being needed to be fixed.
paf
- Previous message (by thread): [dns-wg] lameness and unreachability
- Next message (by thread): [dns-wg] lameness and unreachability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]