E.B. wrote: > Thanks. So my understanding is correct that Postfix gets the hostnames you > see in the logs from PTR records?
Yes. > And that "connect from unknown[1.2.3.4]" is caused by a missing PTR (or DNS > issue)? A missing PTR is one cause. A DNS glitch that means the PTR lookup fails is another. However, even if the PTR lookup succeeds, the name that returns must have a matching A record. Here's an example with my own server: $ host 209.91.179.62 62.179.91.209.in-addr.arpa domain name pointer deepnet.cx. $ host deepnet.cx. deepnet.cx has address 209.91.179.62 Or from one of the outbound mail servers here at ViaNet: $ host 209.91.128.18 18.128.91.209.in-addr.arpa domain name pointer smtp1.vianet.ca. $ host smtp1.vianet.ca. smtp1.vianet.ca has address 209.91.128.18 If that second lookup returned a different IP (or a lookup failure), you get "connect from unknown". > You are saying that additionally, if the A record for the domain doesn't > match the client IP, the PTR will be ignored and thus you'll still get > "unknown"? No, the A record for whatever name that the PTR returned, as with the examples above. In the case of my personal domain deepnet.cx, everything is on one box, and I decided to just keep it simple and use the root domain in the PTR. In the case of ViaNet's systems, we have separate inbound and outbound mail clusters, and the A record for vianet.ca points to our web server, not to any of the mail systems. But all of our servers have DNS entries that form a closed loop from IP to hostname to IP. > In my case, my PTR and A records look good, and online tools (mxtoolbox, etc) > seem to verify this. The "dig" command comes back looking good as well. Yet, > I keep getting "connect from unknown" (from my server, but others, like email > coming from gmail work correctly). I will have to assume that there is some > kind of glitch in the DNS lookups Postfix is doing for my domain/host. "connect from unknown" in YOUR logs has nothing to do with YOUR DNS entries. It has to do with the DNS entries for the remote system that's connecting to yours. -kgd
