On 2026-04-04 at 08:00:51 UTC-0400 (Sat, 4 Apr 2026 13:00:51 +0100
(BST))
Andrew C Aitchison <[email protected]>
is rumored to have said:
I've noticed that many of the false-positives I receive have hit
__RDNS_NONE after being relayed through
outbound.protection.outlook.com
eg spamassassin -D
Apr 3 17:20:42.063 [523179] dbg: rules: ran header rule
__RDNS_NONE ======> got hit: "[ ip=2a01:111:f403:c205::5 rdns= "
Apr 3 17:20:42.063 [523179] dbg: rules: ran header rule
__LAST_EXTERNAL_RELAY_NO_AUTH ======> got hit: "[
ip=2a01:111:f403:c205::5 rdns=
helo=LO0P265CU003.outbound.protection.outlook.com
by=mailhub-hex-d.mythic-beasts.com ident=
[email protected]
intl=0 id=1w7pf0-00A15k-1o auth= "
Is it reasonable to expect that IPv6 outbound servers have rDNS
(given that IPv6 space is so much bigger than IPv4) ?
Actually this one does appear to have rDNS:
# host 2a01:111:f403:c205::5
5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.5.0.2.c.3.0.4.f.1.1.1.0.1.0.a.2.ip6.arpa
domain name pointer
mail-uksouthazlp170120005.outbound.protection.outlook.com.
How do I debug why my Ubuntu machine is hitting this rule ?
Check your system resolver configuration and any local SpamAssassin DNS
config to determine if you may be disabling AAAA with something
equivalent to the BIND (e.g.dig, named, and host) option "-4" to avoid
getting unwanted AAAA answers
Beyond that, Greg's suggestion of timing being the issue (DNS operates
mostly over UDP and the data is ephemeral...) seems the most likely
explanation.
--
Bill Cole
[email protected] or [email protected]
(AKA @[email protected] and many *@billmail.scconsult.com
addresses)
Please keep discussion mailing list replies *on-list*
Not Currently Available For Hire