I have a quick question regarding the use of DNS when calling for a reverse lookup in a MWG 7 rule. It appears that any reverse DNS lookup (ie. DNS.Lookup.Reverse (Client.IP)) must be from an authoritative server. Any non-authoritative response will not work. Given the way our DNS is structured, this is not ideal. Is this the case and is there no way of over-riding it ? Has anyone run into this issue and have a workaround/recommendation (other than making the required DNS servers authoritative) ?
Thanks for any info you can provide !
It is not recommended to use reverse lookup of the client ip address except in rare circumstances. It will reduce the performance of MWG substantially.
The only time i would even consider doing this is in the access_denied.log for entries that are blocked. And only if the DNS servers are well maintained and have proper PTR records int hem for the client population.