Reverse DNS question
Arthur Chance
freebsd at qeng-ho.org
Wed Feb 19 09:02:07 UTC 2014
On 18/02/2014 23:43, Darren Pilgrim wrote:
> On 2/18/2014 3:06 PM, Janos Dohanics wrote:
>> My Postfix logs show entries like this:
>>
>> Feb 18 08:35:13 barrida postfix/smtpd[86649]: connect from
>> unknown[207.238.171.17]
>> Feb 18 08:35:13 barrida postfix/smtpd[86705]: connect from
>> spam2.continental-realestate.com[207.238.171.17]
>>
> [...]
>> # host 207.238.171.17
>> 17.171.238.207.in-addr.arpa domain name pointer
>> mail1.continental-realestate.com.
>> 17.171.238.207.in-addr.arpa domain name pointer
>> mail.continental-realestate.com.
>> 17.171.238.207.in-addr.arpa domain name pointer
>> spam2.continental-realestate.com.
>
>> 1. Other than network congestion, what might cause this recurring name
>> resolution failure?
>
> There are a couple of issues with the above:
>
> 1. More than one PTR record for a given IP address is a
> misconfiguration. It is supported and there is no RFC saying you must
> not have more than one, but in practice most software will only look for
> one and thus only take the first PTR RR returned from the query.
Actually RFC 2181 section 10.2 pretty much says multiple PTRs should be
supported, but I've never met any software that allows for it, and my
ISP, who are normally very good about standards, only supports one PTR
per IP address.
> 2. mail1 and mail do not resolve to 207.238.171.17, so you only have
> forward-confirmed reverse DNS (FCRDNS) for spam2. Postfix will use the
> hostname of "unknown" for anything that does not have FCRDNS.
Slightly changing the topic, does anyone have any idea how IPv6 is going
to affect use of RDNS for spam prevention? Given that machines will
often have multiple addresses, do we have to bolt down our MTAs to using
specific publicly visible addresses, or is RDNS just going to get
dropped. I don't have an IPv6 system to play with yet.
More information about the freebsd-questions
mailing list