I was just reading a book,HeadFirst Networking,and came across the following line "The mail will also be rejected if the sender's reverse DNS lookup IP address does not match its real IP address".I don't get the exact meaning of the line.The mail server will do a reverse DNS lookup by querying the DNS server for the domain name by giving it the IP address.How does this,in general help to block a person from sending fake mails.
Dns – Rejection of a mail by a Reverse DNS lookup
dns
Related Solutions
I don't think what you think is hijacking is hijacking (I am not saying it is not happening, just the evidence does not point to it.)
From what it looks like you are just seeing 3rd party location based CDNs Google uses for it's servers.
Google would never be able to serve up pages at the speed it offers if every query had to go through a master database back in Mountain View, CA. So they have 1000's of mirrored servers at ISP's all over the world to help serve up content quicker. They do not necessarily manage the servers that are hosting the page, only the software running on the server. Heck it could be done all with VPS's.
So you are likely seeing the IP's belonging to the hosting company/CDN that Google is using for serving pages in your area.
(P.S. The way they are poiting you to the correct CDN (the reason you get a different set of numbers vs ping.eu
) is the DNS servers sitting on 8.8.8.8
look at the requesting IP and reply with the IPs for the CDN serving that area by doing a IP Geolocation Lookup)
One possible reason is that the sender might simply be unable to reach the recipient's mail server directly.
In the early days of email & SMTP, you had more than just Internet – you had Bitnet; UUCPnet/Usenet; Berknet; MILNET; DECnet; etc. all using incompatible protocols. A domain like sri-unix.uucp
might not have had an IP address in DNS – only a MX record pointing to a gateway (a SMTP server that also had UUCP links).
These days, a similar situation is with communications between IPv4-only and IPv6-only hosts (even though the latter are somewhat rare).
Besides, the networks weren't exactly reliable (and still aren't) – you wouldn't want to stare at a "Recipient's mail server is unreachable, please wait" for half an hour, when you could just give the message to a sendmail running 24/7 on the same computer that you were composing the message on, and continue with work.
Bonus: some really weird "From:" addresses I've seen on OldUse.Net:
UCBVAX.@MIT-MC.@rand-relay.ARPA.goldfarb.UCF-CS@RAND-RELAY
farber%udel-eecis1.udeecis@udel-ee@sri-unix.UUCP
notes@CSvax:Pucc-H:pur-phy.UUCP
utzoo!linus!security!genrad!decvax!harpo!floyd!whuxlb!pyuxll!abnjh!u1100a!pyuxn!pyuxi!mhuxm!mhuxd!mhuxa!houxm!hocda!spanky!burl!akgua!emory!sb6!sb1!ll1!otuxa!we13!ihnp4!ixn5c!inuxc!pur-ee!uiucdcs!mcewan
Best Answer
Basic principle: Reverse DNS lookups increase confidence that the person can be held accountable for their actions. Confidence is increased if the forward DNS entry matches the reverse entry; the reason for additional confidence is that the person sending from that IP address has enough control over this infrastructure to make the forward and reverse DNS name match. Forward records are easy to generate using services like DynDNS, but reverse DNS records are harder to fabricate.
HELO
orEHLO
command to send mail through the server, some mail servers validate that the address provided in those commands likewise matches the revere DNS name.See the wikipedia Anti-Spam DNS Techniques article for a detailed description of these principles.