derHummel wrote:
nik600 hotmail wrote:
I'm experiencing a strange problem with RDNS_NONE.
On the same sender host, sometimes it is marked with RDNS_NONE, and
sometimes not.
The host has a reverse dns!
Example:
Received: from dadosoftware.com (dns2.dadosoftware.com [217.199.13.2]) ->
OK
Received: from dadosoftware.com (unknown [217.199.13.2]) -> FALSE POSITIVE
either rdns lookup is disabled or there was a failure. This is one of
the reasons why RDNS_NONE should have a low score.
But 217.199.13.2 has a reverse dns!
2.13.199.217.in-addr.arpa. 11894 IN PTR dns2.dadosoftware.com.
Who decides the presence of RDNS_NONE ?
the MTA added the Received header.
A real dns check or a parsing of the email headers?
And, in case of parse who decides to write dns2.dadosoftware.com
[217.199.13.2] instead of unknown [217.199.13.2]?
MTA adds Received headers.
Thanks to all in advance.
--
/*************/
nik600
http://www.kumbe.it
[snip]
All I had to do in this case is:
/etc/postfix/master.cf:
smtp unix - - n - - smtp -o
smtp_bind_address=yyy.yyy.yyy.yyy
It helped me.
no, it did not. you didn't test enough (you've been mystified by DNS
caching?).
- if you have multiple PTRs for an IP, then they must all resolve back
to the IP. otherwise, with round robin, you'll get random failures.
- if you have multiple A for a name, then it's ok as one of the IPs
matches the client IP.
The logic is:
1- let $ip be the client IP
2- let $ptr be the first PTR for the $ip
3- resolve $ptr to IPs: you get $ip[0], $ip[1], $ip[2], ...
4- check whether $ip = $ip[k] for some k (MTA is free to only check
first m records).
at step 2, if you have multiple PTRs and if they are returned in a round
robin manner, steps 3 and 4 may work or not.
at any step, a DNS failure will break the test. postfix and other MTAs
will set the rdns to "unknown". so you can't distinguish rdns
misconfiguration from temp failures, or from cases when rdns lookup is
disabled.
