On Wed, Oct 30, 2013 at 04:24:42PM +0000, Nick Hilliard wrote:
the only thing that's important is that forward and reverse DNS matches.
As I think I've said before on this list, when we tried to get consensus on that claim in the DNSOP WG at the IETF, we couldn't. Indeed, we couldn't even get consensus on the much more bland statement, "Some people rely on the reverse, and you might want to take that into consideration when running your services." Now, IETF non-consensus on the way the Internet works is hardly a surprise, but I thought I'd point this out just in case people want to be prepared for flames from people who feel strongly about the matter. Note, also, that there's an important distinction to be made between matching reverse and mere existence of some reverse. An lot of sites don't require matching any more, because of the way it can bloat PTR RRsets if there are a lot of forward names at the same IP address. Best, A -- Andrew Sullivan Dyn, Inc. asullivan@dyn.com v: +1 603 663 0448