Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 9628 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strict RDNS Check seems not to work correctly

KME_Support

I am using Sophos UTM 9.352-6 and i recently had activated strict RDNS checks in email protection feature.


So far this seems to work great and i pulls out lots of spam, but it seems not to work in each case.

As for my unterstanding strict rdns check means that if a remote Mailhost connects to my utm with helo mail.example.com ip adress 1.2.3.4, a reverse dns lookup of 1.2.3.4 should resolve back to mail.example.com, otherwise the smtp connection should be aborted. Is this correct or am i getting this wrong?

What i did to verify this, was the following:

i used telnet port 25 on my notebook over an iphone hotspot to connect to my utm from external mobilenetwork. when i do this, i can use any helo bla.example.com and use whatever mail from i want and the email goes straight to my mailbox.


why is this possible?



This thread was automatically locked due to age.
Parents
  • 0

    Actually, Simon, Forward Confirmed reverse DNS works the other way around.

    First a reverse lookup is done on the IP of the sending device - standard rDNS. If there is no record for the IP, the SMTP connection is closed by the receiver.

    Next, the receiver asks for name resolution of the FQDN returned by the rDNS lookup. If that is not the same as the IP of the sender, the SMTP connection is closed by the receiver.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Altough it's some time ago, thanks for your explanation :-)!

Reply Children
No Data
Unfiltered HTML