On Mon, Apr 16, 2012 at 07:58:31AM +0100, Sam Jones wrote: > A bit of an extreme example, but i've often wondered, when > looking through my Postfix logs, why some senders do this: > > Received: from mx-out.facebook.com (outmail019.snc7.facebook.com > [69.171.232.153]) by ..... > > The connecting host has HELO'd as 'mx-out.facebook.com' > If it is traced through in DNS: > mx-out.facebook.com: 69.63.179.26 > 69.63.179.26: mx.snc1.tfbnw.net. > mx.snc1.tfbnw.net 67.231.153.30 > 67.231.153.30 mx0b-00082601.pphosted.com. > mx0b-00082601.pphosted.com. 67.231.153.30 > > What I find a little crazy is why this bears no relationship to > the connecting IP, and its reverse DNS: > > 69.171.232.153 - matching, as shown, outmail019.snc7.facebook.com > > I'm just wondering as to what circumstances would lead to a host > HELO'ing with a hostname that differs from the connecting IP and > host.
Possibly the sending MTA is behind a load balancer? > I'm sure it is perfectly legal, but I don't see the logic? I wouldn't do it that way ... I would have had all the load balancer IP addresses resolve to the HELO name. But I have not managed a project on the scale of Facebook, so maybe there is some other consideration involved. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
