On 08.11.25 14:35, Thomas Barth via users wrote:
I’m trying to understand why the first unthrusted mail hop in a
received header shows rDNS: unknown, but when I check the same IP
manually using dig -x, I do get a PTR record.
Received: from suomenporakaivo.fi (unknown [107.150.1.216])
Why would SpamAssassin / Postfix log unknown in this case? Could it be
due to a temporary DNS lookup failure, caching issue, or something
else? Only two hours have passed since the spam was received.
% dig +nocmd +noquestion +nocomments +nostats -x 107.150.1.216
216.1.150.107.in-addr.arpa. 140 IN PTR
107-150-1-216-host.colocrossing.com.
% dig +nocmd +noquestion +nocomments +nostats
107-150-1-216-host.colocrossing.com.
colocrossing.com. 1640 IN SOA brad.ns.cloudflare.com.
dns.cloudflare.com. 2387928562 10000 2400 604800 1800
while the IP has PTR record, the name in PTR does not exist, so nobody will
seriously use its content.
For reverse lookup being used, the 107-150-1-216-host.colocrossing.com.
would have to point back to IP 107.150.1.216
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"They say when you play that M$ CD backward you can hear satanic messages."
"That's nothing. If you play it forward it will install Windows."
