Date: Tue, 18 Feb 2014 18:36:42 -0500 From: Kevin Phair <phair.kevin@gmail.com> To: Janos Dohanics <web@3dresearch.com>, FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Reverse DNS question Message-ID: <5303EE8A.5040503@gmail.com> In-Reply-To: <20140218180620.0807880cf0dd661482e394b9@3dresearch.com> References: <20140218180620.0807880cf0dd661482e394b9@3dresearch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
mail1.continental-realestate.com doesn't appear to resolve. Is it possible that postfix reports 'unknown' whenever thats the name it gets in the reverse lookup? On 2/18/14, 6:06 PM, Janos Dohanics wrote: > Hello List, > > Could you please explain this odd behavior: > > My Postfix logs show entries like this: > > Feb 18 08:35:13 barrida postfix/smtpd[86649]: connect from unknown[207.238.171.17] > Feb 18 08:35:13 barrida postfix/smtpd[86705]: connect from spam2.continental-realestate.com[207.238.171.17] > > This host is a source of legitimate messages, and sends a number of > messages every day. However, it seems that more often than not, Postfix > is unable to resolve the name for 207.238.171.17. Postfix queries a > resolver (djbdns) which runs on the same machine. > > I understand that DNS lookups can fail for reasons other than records > not existing. However, every time I check with host: > > # host 207.238.171.17 > 17.171.238.207.in-addr.arpa domain name pointer mail1.continental-realestate.com. > 17.171.238.207.in-addr.arpa domain name pointer mail.continental-realestate.com. > 17.171.238.207.in-addr.arpa domain name pointer spam2.continental-realestate.com. > > or with dig: > > # dig -x 207.238.171.17 > > ; <<>> DiG 9.9.3-P2 <<>> -x 207.238.171.17 > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32993 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;17.171.238.207.in-addr.arpa. IN PTR > > ;; ANSWER SECTION: > 17.171.238.207.in-addr.arpa. 38333 IN PTR mail1.continental-realestate.com. > 17.171.238.207.in-addr.arpa. 38333 IN PTR mail.continental-realestate.com. > 17.171.238.207.in-addr.arpa. 38333 IN PTR spam2.continental-realestate.com. > > ;; Query time: 5 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Tue Feb 18 17:41:23 EST 2014 > ;; MSG SIZE rcvd: 130 > > I get replies as expected. > > Of all the hosts which send e-mail regularly, this is the only one with > such odd behavior. > > So, my questions are: > > 1. Other than network congestion, what might cause this recurring name > resolution failure? > > 2. If you look at the time stamps of the above 2 log entries: How is it > possible that precisely at the same time, name resolution BOTH does not > succeed AND does succeed? This "coinciding" time stamp isn't unique > either; I could show a number of other instances. > > The system is FreeBSD 9.2-STABLE, postfix-2.10.2,1, djbdns-1.05. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5303EE8A.5040503>