Joe Smith wrote: > I'm using SpamAssassin 3.0 when I use whitelist_from_rcvd with domain > names that reverse to only one possible domain it works just as it > should. When the domain name is one that has multiple possibilities > that it can reverse dns to then it doesn't work unless it happens to > pick the domain name listed in my whitelist_rcvd_to entry.
This is a DNS resolver library/client (not sure which) issue more than anything else; although it's also due in part to some admin being slightly less clueful that usual in issuing multiple PTR records for a single IP in the first place. > For example, > if I create an entry for whitelist_from_rcvd [EMAIL PROTECTED] > domain1.com but the server hosting domain1.com also hosts > domain2.com, anotherdomain.com and anotherdomain.net, I have > problems. Say the server that hosted email for the domain I wanted to > whitelist had an ip of 123.123.123.1 and I did dig -x 123.123.123.1, > it would give me all the various domains that that address is > configured for. dig will, but many other resolvers won't- or at least, they'll just return one random entry in much the same way they would return one IP from a round-robin forward DNS lookup. > Do I need to specify the IP address of the > server using multiple dns entries to get whitelist_from_rcvd to work You can try, but I don't think this will work. > or should this not be an issue and I need to look at other reasons > why this particular domain is causing problems. :/ You need to contact the person/organization responsible for rDNS for that IP, and get them to remove the multiple entries- preferably putting in something like "hosted-rmx.hostingcompany.com" rather than the multiple PTR records you're seeing now. I don't recall if it's formalized in an RFC somewhere, but while any number of domains can point to the same IP, the rDNS for that IP *should* only point to ONE hostname - that hostname should be the FQDN of that physical machine. In the meantime, you'll have to work around this with custom local rules that manually implement whitelist_from_rcvd functionality based on the IP. Or, just add whitelist_from_rcvd entries for each of the rDNS names you see for this IP. -kgd -- Get your mouse off of there! You don't know where that email has been!
