From owner-freebsd-questions@FreeBSD.ORG Tue Feb 18 23:26:42 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EA720FDE for ; Tue, 18 Feb 2014 23:26:42 +0000 (UTC) Received: from smtpb.telissant.net (smtpb.telissant.net [199.233.230.156]) by mx1.freebsd.org (Postfix) with ESMTP id BCAB712F0 for ; Tue, 18 Feb 2014 23:26:42 +0000 (UTC) Received: from barrida.3dresearch.com (localhost [127.0.0.1]) by smtpb.telissant.net (Postfix) with ESMTP id 326512730E for ; Tue, 18 Feb 2014 18:17:47 -0500 (EST) X-Virus-Scanned: amavisd-new at telissant.net Received: from smtpb.telissant.net ([127.0.0.1]) by barrida.3dresearch.com (barrida.3dresearch.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bCmKdIK_XG8I for ; Tue, 18 Feb 2014 18:17:33 -0500 (EST) Received: from doncurzio.3dresearch.com (pool-71-112-5-200.pitbpa.east.verizon.net [71.112.5.200]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by smtpb.telissant.net (Postfix) with ESMTPSA id 670DB27392 for ; Tue, 18 Feb 2014 18:17:22 -0500 (EST) Received: from doncurzio.3dresearch.com (localhost [127.0.0.1]) by doncurzio.3dresearch.com (Postfix) with SMTP id A147FA1E49 for ; Tue, 18 Feb 2014 18:17:21 -0500 (EST) Date: Tue, 18 Feb 2014 18:06:20 -0500 From: Janos Dohanics To: FreeBSD Questions Subject: Reverse DNS question Message-Id: <20140218180620.0807880cf0dd661482e394b9@3dresearch.com> X-Mailer: Sylpheed 3.3.0 (GTK+ 2.24.19; amd64-portbld-freebsd9.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Feb 2014 23:26:43 -0000 Hello List, Could you please explain this odd behavior: My Postfix logs show entries like this: Feb 18 08:35:13 barrida postfix/smtpd[86649]: connect from unknown[207.238.171.17] Feb 18 08:35:13 barrida postfix/smtpd[86705]: connect from spam2.continental-realestate.com[207.238.171.17] This host is a source of legitimate messages, and sends a number of messages every day. However, it seems that more often than not, Postfix is unable to resolve the name for 207.238.171.17. Postfix queries a resolver (djbdns) which runs on the same machine. I understand that DNS lookups can fail for reasons other than records not existing. However, every time I check with host: # host 207.238.171.17 17.171.238.207.in-addr.arpa domain name pointer mail1.continental-realestate.com. 17.171.238.207.in-addr.arpa domain name pointer mail.continental-realestate.com. 17.171.238.207.in-addr.arpa domain name pointer spam2.continental-realestate.com. or with dig: # dig -x 207.238.171.17 ; <<>> DiG 9.9.3-P2 <<>> -x 207.238.171.17 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32993 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;17.171.238.207.in-addr.arpa. IN PTR ;; ANSWER SECTION: 17.171.238.207.in-addr.arpa. 38333 IN PTR mail1.continental-realestate.com. 17.171.238.207.in-addr.arpa. 38333 IN PTR mail.continental-realestate.com. 17.171.238.207.in-addr.arpa. 38333 IN PTR spam2.continental-realestate.com. ;; Query time: 5 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Feb 18 17:41:23 EST 2014 ;; MSG SIZE rcvd: 130 I get replies as expected. Of all the hosts which send e-mail regularly, this is the only one with such odd behavior. So, my questions are: 1. Other than network congestion, what might cause this recurring name resolution failure? 2. If you look at the time stamps of the above 2 log entries: How is it possible that precisely at the same time, name resolution BOTH does not succeed AND does succeed? This "coinciding" time stamp isn't unique either; I could show a number of other instances. The system is FreeBSD 9.2-STABLE, postfix-2.10.2,1, djbdns-1.05. -- Janos Dohanics