Query times and recursive-clients

Ustun Kaya uskaya at gmail.com
Fri Apr 9 20:19:25 UTC 2010 

This goes out of BIND topics so you may want to respond back to me personally.

What I get is:

ustun at debian:~$ dig -x 212.106.31.50 +short
212-102-31-50.adsl.inetia.pl.

ustun at debian:~$ dig 212-102-31-50.adsl.inetia.pl +short
ustun at debian:~$

The host does not have A record and Postfix rejects saying this: "Apr
9 15:41:00 smtp02 postfix/smtpd[12012]: warning:
212.106.31.50:hostname 212-102-31-50.adsl.inetia.pl verification
failed: Host not found"

Can you tell the final destination of these emails? Because here it says:

reject_unknown_sender_domain
    Reject the request when Postfix is not final destination for the
sender address, and the MAIL FROM address has no DNS A or MX record,
or when it has a malformed MX record such as a record with a
zero-length MX hostname (Postfix version 2.3 and later).

So this is a very correct behavior if the sender is trying to relay
through your servers,

Best,
Ustun


ARPA domains are not counted as proper domains. With your setup,

On Fri, Apr 9, 2010 at 12:50 PM, Alex <mysqlstudent at gmail.com> wrote:
> HI,
>
> Ustun Kaya <uskaya at gmail.com> wrote:
>> I would suspect from Postfix behavior if you don't see any BIND
>> timeout error around. By saying valid hostname, you don't mean ARPA
>> records I suppose? Postfix rejects them depending on the configuration
>> (reject_unknown_client, as a result of a search).
>>
>> And the error means some mails are rejected, so that might be a problem,
>
> Yes, I do mean ARPA records. Here is a complete example. In the postfix logs:
>
> Apr  9 15:41:00 smtp02 postfix/smtpd[12012]: warning: 212.106.31.50:
> hostname 212-102-31-50.adsl.inetia.pl verification failed: Host not
> found
> Apr  9 15:41:00 smtp02 postfix/smtpd[12012]: connect from unknown[212.106.31.50]
>
> It's then rejected by zen because it's on the blacklist. I'm not using
> reject_unknown_client, but I do have these postfix restrictions:
>
>        reject_non_fqdn_sender,
>        reject_non_fqdn_recipient,
>        reject_unknown_sender_domain,
>        reject_unknown_recipient_domain,
>
> Here is some info about the host:
>
> $ host 212.106.31.50
> 50.31.106.212.in-addr.arpa domain name pointer 212-102-31-50.adsl.inetia.pl.
>
> And the info in the named.query.log:
>
> 09-Apr-2010 15:41:00.305 queries: client 127.0.0.1#49357: query:
> 50.31.106.212.in-addr.arpa IN PTR +
> 09-Apr-2010 15:41:01.808 queries: client 127.0.0.1#49357: query:
> 50.31.106.212.zen.spamhaus.org IN A +
> 09-Apr-2010 15:41:01.868 queries: client 127.0.0.1#49357: query:
> 50.31.106.212.zen.spamhaus.org IN TXT +
>
> Can anything be ascertained from this info? Is there further debugging
> info I should enable?
>
> Thanks again for your help.
> Best,
> Alex
>

More information about the bind-users mailing list