> Ignore the text immediately after the "from", in this case > "SUB.MYDOMAIN.MAIL". That is _not_ rDNS data, that is whatever the > client sent in its SMTP HELO, and can be _anything_. If you see the > correct hostname there it just means that computer is sending its > correct hostname when it says HELO. > > To illustrate, I pulled this out of your message to the list, it is > not edited in any way: > > Received: from localhost (unknown [213.108.33.133]) > by highlink.ru (Postfix) with ESMTP id 37F236A818D > for <users@spamassassin.apache.org>; Mon, 5 Oct 2009 10:28:48 > +0400 (MSD) > > I'm pretty sure 213.108.33.133's rDNS does not say "localhost". > > The "(unknown [12.12.12.12])" is the DNS data about the client as > your MTA sees it, and the fact that it says "unknown" means that for > some reason it cannot perform rDNS on that IP address, or perhaps its > rDNS is explicitly set to "unknown". If rDNS was working you'd see > something like: > > Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) > by ga.impsec.org (8.13.7/8.13.7) with SMTP id n956Tp8L020518 > for <jhar...@impsec.org>; Sun, 4 Oct 2009 23:29:55 -0700 > > Exactly how are you checking the rDNS of that IP address? Can you > demonstrate? For example, here are rDNS lookups on the two IP > addresses from my examples above: > > jhar...@dendarii ~ $ host 213.108.33.133 > 133.33.108.213.in-addr.arpa domain name pointer 133.33.108.213.hl.ru. > jhar...@dendarii ~ $ host 140.211.11.3 > 3.11.211.140.in-addr.arpa domain name pointer hermes.apache.org. > > I note that the first does have an rDNS, even though the Received: > header from the MTA in the example above says "unknown". > > Are you performing your rDNS tests on the MTA computer? It looks to > me like the DNS setup on it is misconfigured somehow and it can't > perform rDNS queries successfully. >
What I do (all commands on the mail-server, where SA is installed): # host SUB.MYDOMAIN.MAIL SUB.MYDOMAIN.MAIL has address 12.12.12.12 # host 12.1204.68.58 12.12.12.12.in-addr.arpa domain name pointer SUB.MYDOMAIN.MAIL. host does not produce anything else but a single row -- С уважением, Igor Bogomazov Игорь Богомазов Главный технический специалист HighLink Ltd. St-Petersburg, Russia 8(812)334-12-12 [доб. 220] 8(963)344-44-38 (Билайн) http://www.hl.ru
signature.asc
Description: PGP signature
