On 9/19/2014 3:37 AM, li...@rhsoft.net wrote:
> why does postfix log sometimes "unknown[xx.xx.xx.xx]" when in fact the
> reason for the reject is the PTR itself? sadly it's also missing in
> the response in such cases and in case it would have been a legit
> human person the only relevant debug information is missing
>
> (disclaimer: there are 139 DUNNO rules in front to not catch any serverlike)
> _______________________________________________________________________________
>
> 23.107.88.136.rdns.as15003.net (23.107.88.136)
>
> RCPT from unknown[23.107.88.136]: 554 5.7.1 <unknown[23.107.88.136]>:
> Unverified Client host rejected: Generic
> DNS-Reverse-Lookup (PTR-Rule: 13)
> _______________________________________________________________________________
>
> identical rule hitted but correct logged and rejected
>
> RCPT from 64-139-73-50-Chattanooga.hfc.comcastbusiness.net[64.139.73.50]: 554
> 5.7.1
> <64-139-73-50-Chattanooga.hfc.comcastbusiness.net[64.139.73.50]>: Unverified
> Client host rejected: Generic
> DNS-Reverse-Lookup (PTR-Rule: 13)
> _______________________________________________________________________________
>
> /([0-9]{1,3}(\-|\.)[0-9]{1,3}(\-|\.)[0-9]{1,3}(\-|\.)[0-9]{1,3}.+[a-z0-9]+\.[a-z0-9]{2,6})$/
> REJECT Generic
> DNS-Reverse-Lookup (PTR-Rule: 13)
>
Since you're using a regexp already enclosed in (...) the easy fix
is to use $1 in your response somewhere, something like:
... REJECT Generic DNS-Reverse-Lookup (PTR-Rule: 13); $1
Postfix does log the offending unverified PTR on a different log line.
How do you suggest postfix log the unverified PTR in this case? The
"unknown" signifies the client failed FCrDNS and must not be changed.
-- Noel Jones
