Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!news.chainon-marquant.org!nntpfeed.proxad.net!proxad.net!feeder1-1.proxad.net!198.186.194.247.MISMATCH!news-out.readnews.com!transit3.readnews.com!panix!usenet.stanford.edu!not-for-mail
From: Chuck Swiger <cswiger@mac.com>
Newsgroups: comp.protocols.dns.bind
Subject: Re: about the A and PTR for sending mail
Date: Wed, 09 Nov 2011 18:11:17 -0800
Lines: 41
Approved: bind-users@lists.isc.org
Message-ID: <mailman.40.1320891337.68562.bind-users@lists.isc.org>
References: <CAA3U4eMEHMG0Nx9ry==zYBGJTMnbb4_y+npHzwKCzKehsWTT2A@mail.gmail.com>
NNTP-Posting-Host: lists.isc.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Trace: usenet.stanford.edu 1320891337 27275 149.20.64.75 (10 Nov 2011 02:15:37 GMT)
X-Complaints-To: action@cs.stanford.edu
Cc: bind-users@lists.isc.org
To: =?utf-8?B?6aOO5rKz?= <shorttag@gmail.com>
Return-Path: <cswiger@mac.com>
X-Original-To: bind-users@lists.isc.org
Delivered-To: bind-users@lists.isc.org
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.4.6813,1.0.211,0.0.0000 definitions=2011-11-09_04:2011-11-09, 2011-11-09, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1012030000 definitions=main-1111090271
In-reply-to: <CAA3U4eMEHMG0Nx9ry==zYBGJTMnbb4_y+npHzwKCzKehsWTT2A@mail.gmail.com>
X-Mailer: Apple Mail (2.1084)
X-Spam-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM, NORMAL_HTTP_TO_IP,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mx.ams1.isc.org
X-BeenThere: bind-users@lists.isc.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: BIND Users Mailing List <bind-users.lists.isc.org>
List-Unsubscribe: <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe>
List-Archive: <https://lists.isc.org/pipermail/bind-users>
List-Post: <mailto:bind-users@lists.isc.org>
List-Help: <mailto:bind-users-request@lists.isc.org?subject=help>
List-Subscribe: <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe>
Xref: x330-a1.tempe.blueboxinc.net comp.protocols.dns.bind:80

On Nov 9, 2011, at 5:57 PM, =E9=A3=8E=E6=B2=B3 wrote:
> I have two server IPs, the A records for them are:
>=20
> mail.dnsbed.com.        300     IN      A       74.117.233.4
> mail.dnsbed.com.        300     IN      A       74.117.232.204
>=20
> The corresponding PTR records are:
>=20
> 4.233.117.74.in-addr.arpa. 36466 IN     PTR     dnsbed.com.
> 204.232.117.74.in-addr.arpa. 36453 IN   PTR     dnsbed.com.

So a double-reverse lookup check will fail, because the PTR records go =
to dnsbed.com and not to mail.dnsbed.com.

> But this setting can't make email sending successful.
> The Postfix system says:
>=20
> postfix/smtp[13775]: A65713180D9: to=3D<***@freenet.de>,
> relay=3Dmx.freenet.de[195.4.92.211]:25, delay=3D1.2,
> delays=3D0.29/0.02/0.76/0.16, dsn=3D5.0.0, status=3Dbounced (host
> mx.freenet.de[195.4.92.211] said: 550 inconsistent or no DNS PTR
> record for 74.117.233.4 (see RFC 1912 2.1) (in reply to RCPT TO
> command))
>=20
>=20
> Is there any RFC item said the A and PTR records must be consistent?
> And why they must?

Why, yes-- by "see RFC 1912 2.1", they mean:

  http://www.ietf.org/rfc/rfc1912.txt

This is only a "should" recommendation, and not a "must" requirement.  =
freenet.de appears to be enforcing a rather strict policy check here, =
but a DNS mismatch is a decent indicator of spammy mailservers; I'd use =
it for scoring purposes myself, and not as an absolute pass/fail.

Regards,
--=20
-Chuck