At 12:57 PM +0900 4/8/02, itojun@iijlab.net wrote:
>	In my opinion it is unwise to use the existence of reverse lookup
>	mapping as (sort of) authenticity.  i don't understand why many of the
>	ftp servers do configured this way.

It's the PARANOID option of TCP_WRAPPERS (which NetBSD makes the 
default behavior).  The purpose is to try to weed out spoofed DNS 
responses, and some fake IP source addresses.  Just makes it a tiny 
bit harder for the bad guys.
-- 
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu