[Standards] LAST CALL: XEP-0220 (Server Dialback)

Philipp Hancke fippo at goodadvice.pages.de
Mon Nov 17 03:24:17 CST 2008


Joe Hildebrand schrieb:
> 
> On Nov 13, 2008, at 4:27 AM, Philipp Hancke wrote:
>> If you want to remove dialback, maybe we should check if it can be
>> replaced by a dns lookup. Historically I that dialback is a result of
>> jabberd not binding to the proper ip address:
>> http://mail.jabber.org/pipermail/xmppwg/2002-October/000155.html
> 
> There's a deployment reason for dialback.  If you want your inbound and 
> outbound connections on separate boxes, it's handy to not just rely on 
> the IP address of the outbound server matching the one returned from DNS.

I have not seen any strictly separated inbound and outbound boxes for
quite some time. Even gmail does not use this feature (they connect from
209.85.163.125, aka xmpp-server4.l.google.com (which is contained in the
set of names returned when looking up _xmpp-server._tcp.gmail.com).

There is another reason why dialback is better than a simple dns lookup.
It protects against evil shell users on the originating server that are
able to open connections using its address.


More information about the Standards mailing list