Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Feb 2014 09:01:53 +0000
From:      Arthur Chance <freebsd@qeng-ho.org>
To:        Darren Pilgrim <list_freebsd@bluerosetech.com>, FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: Reverse DNS question
Message-ID:  <53047301.4050201@qeng-ho.org>
In-Reply-To: <5303F01C.3030205@bluerosetech.com>
References:  <20140218180620.0807880cf0dd661482e394b9@3dresearch.com> <5303F01C.3030205@bluerosetech.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 18/02/2014 23:43, Darren Pilgrim wrote:
> On 2/18/2014 3:06 PM, Janos Dohanics wrote:
>> My Postfix logs show entries like this:
>>
>> Feb 18 08:35:13 barrida postfix/smtpd[86649]: connect from
>> unknown[207.238.171.17]
>> Feb 18 08:35:13 barrida postfix/smtpd[86705]: connect from
>> spam2.continental-realestate.com[207.238.171.17]
>>
> [...]
>> # host 207.238.171.17
>> 17.171.238.207.in-addr.arpa domain name pointer
>> mail1.continental-realestate.com.
>> 17.171.238.207.in-addr.arpa domain name pointer
>> mail.continental-realestate.com.
>> 17.171.238.207.in-addr.arpa domain name pointer
>> spam2.continental-realestate.com.
>
>> 1. Other than network congestion, what might cause this recurring name
>> resolution failure?
>
> There are a couple of issues with the above:
>
> 1. More than one PTR record for a given IP address is a
> misconfiguration.  It is supported and there is no RFC saying you must
> not have more than one, but in practice most software will only look for
> one and thus only take the first PTR RR returned from the query.

Actually RFC 2181 section 10.2 pretty much says multiple PTRs should be 
supported, but I've never met any software that allows for it, and my 
ISP, who are normally very good about standards, only supports one PTR 
per IP address.

> 2. mail1 and mail do not resolve to 207.238.171.17, so you only have
> forward-confirmed reverse DNS (FCRDNS) for spam2.  Postfix will use the
> hostname of "unknown" for anything that does not have FCRDNS.


Slightly changing the topic, does anyone have any idea how IPv6 is going 
to affect use of RDNS for spam prevention? Given that machines will 
often have multiple addresses, do we have to bolt down our MTAs to using 
specific publicly visible addresses, or is RDNS just going to get 
dropped. I don't have an IPv6 system to play with yet.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53047301.4050201>