On 2018-02-05 12:26, Allen Coates wrote: > On 05/02/18 00:12, Viktor Dukhovni wrote: >> >> >>> On Feb 4, 2018, at 5:46 PM, J Doe <gene...@nativemethods.com> wrote: >>> >>> Feb 4 15:05:46 server postfix/smptd[718]: warning: hostname >>> 1-2-3-4.dyn.isp.net does not resolve to address 1.2.3.4: Name or service >>> not known >>> >>> Does this mean that: >>> >>> 1. smtpd receives a connection from an smtp client and does a reverse DNS >>> lookup >>> 2. smtpd performs a forward DNS lookup on the result and compares the >>> resulting IP address to the initial IP >>> 3. If the IP addresses don’t match it reports this error >>> >>> ... or is some other logic used to generate the error message? >> >> The message happens when the hostname obtained from 1 fails to resolve >> to an IP address that can be compared in 2. The error is a hard error >> (NXDomain). >> > > Is this a reliable bad-host detector? The last three instances in my > log were subsequently rejected by a DNSBL > > Allen C
It is a good indicator. All well configured mail servers should have correct PTR records (full circle DNS). A lot of spam sending machines have this problem as usually spammer can't control PTR records of the IP that they are spamming from. Unfortunately a lot of legitimate mail comes from badly configured servers and outright rejecting mail coming from hosts with bad PTR/no PTR might prevent you from receiving legitimate e-mail as well. But, as usual, it depends on your user base and YMMV. I've heard that gmail is rejecting / spam tagging email from such hosts but never confirmed that myself. Maybe in some foreseeable future it will be safe to reject bad PTR hosts but, in my opinion, not yet. k. -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
