Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Reverse DNS

I am experiencing email failures due to reverse dns lookups. I have the reverse lookup zones setup and they look correct. I have ports 53 ip and udp open on my PIX firewall. Everything works except reverse lookups. Am I missing something on the firewall? I also have a 3640 router inline also.

1 REPLY
Bronze

Re: Reverse DNS

I have a mail server on my network but I'm not too familiar with reverse dns lookups. I guess you get the desired level of security by simply doing the following:

1) Placing your mail server on the DMZ.

2) Configuring conduit to the server's ip only for port 25.

3) Using the default fixup protocol smtp 25, thus letting 'mailguard' restrict the commands alllowed to the seven listed in rfc 821.

From my viewpoint, opening port 53 is not a good idea due to the known vulnerabilities of DNS.

104
Views
0
Helpful
1
Replies