Reverse DNS question

Arthur Chance freebsd at
Wed Feb 19 09:02:07 UTC 2014

On 18/02/2014 23:43, Darren Pilgrim wrote:
> On 2/18/2014 3:06 PM, Janos Dohanics wrote:
>> My Postfix logs show entries like this:
>> Feb 18 08:35:13 barrida postfix/smtpd[86649]: connect from
>> unknown[]
>> Feb 18 08:35:13 barrida postfix/smtpd[86705]: connect from
> [...]
>> # host
>> domain name pointer
>> domain name pointer
>> domain name pointer
>> 1. Other than network congestion, what might cause this recurring name
>> resolution failure?
> There are a couple of issues with the above:
> 1. More than one PTR record for a given IP address is a
> misconfiguration.  It is supported and there is no RFC saying you must
> not have more than one, but in practice most software will only look for
> one and thus only take the first PTR RR returned from the query.

Actually RFC 2181 section 10.2 pretty much says multiple PTRs should be 
supported, but I've never met any software that allows for it, and my 
ISP, who are normally very good about standards, only supports one PTR 
per IP address.

> 2. mail1 and mail do not resolve to, so you only have
> forward-confirmed reverse DNS (FCRDNS) for spam2.  Postfix will use the
> hostname of "unknown" for anything that does not have FCRDNS.

Slightly changing the topic, does anyone have any idea how IPv6 is going 
to affect use of RDNS for spam prevention? Given that machines will 
often have multiple addresses, do we have to bolt down our MTAs to using 
specific publicly visible addresses, or is RDNS just going to get 
dropped. I don't have an IPv6 system to play with yet.

More information about the freebsd-questions mailing list