On Thu, Apr 30, 2015 at 11:23:18AM -0400, James B. Byrne wrote:
> > Separately, various restrictions like "reject_unknown_helo_hostname"
> > and "reject_unknown_sender_domain", ... use explicit DNS lookups
> > that do disable the search list.
> >
> > Nothing to see here, the DNS queries are not unexpected.
>
> I follow that. My point is that in the circumstance that a host
> identifies itself solely with an IP address then the only manner in
> which Postfix can obtain the associated domain name is via the PTR RR.
In your original problem report the *HELO* name was rejected.
> Since that must be, by definition, a FQDN then why is the search path
> in the local resolver involved at all?
It is NOT by definition an FQDN, because in smtpd(8) the IP->name
mapping is via getnameinfo(), not DNS PTR lookups.
> The issue to me seems to be the trailing dot on the FQDN returned from
> the PRT RR which then is seemingly ignored.
There is no "trailing dot". Postfix gets a name from getnameinfo()
which it passes for forward checking to getaddrinfo(). Whether
the C-library is doing any DNS under the covers is up to the C-
library. The name returned by getnameinfo() could have come from
/etc/hosts, NIS, LDAP, ...
--
Viktor.
