dotaz ohledne postfix a DNS

[vlasta at devnull.cz]

On Fri, 18 Apr 2008, Jaroslav Votruba wrote:

> Postak mi blokuje maily z jedne firmy na zaklade toho, ze nesouhlasi dopredny 
> a zpetny zaznam v DNS.
> Coz blokuji kvuli spamu.Jejich spravce mi tvrdi, ze ma vse v poradku, ze 
> pouzivaji jednu IP pro prijem a jinou pro odesilani posty a ze to maji v 
> poradku.
> Ja mu oponuji, ze by hostname mailserveru a IP mela byt v poradku na DNS, 
> teda alespon ta pro odesilani.

To, ze pouzivaji jednu IP pro odesilani a jednu IP pro prijem posty neni v 
zadnem vztahu s tim, zda maji v poradku (konzistentni) dopredne a reverzni 
zaznamy k danym IP adresam.

Meli by si to dat do poradku, pokud se chteji vyhnout problemum toho typu, 
ktery popisujete.

RFC1912: Common DNS Operational and Configuration Errors
------------- cut -----------
2.1 Inconsistent, Missing, or Bad Data

    Every Internet-reachable host should have a name.  The consequences
    of this are becoming more and more obvious.  Many services available
    on the Internet will not talk to you if you aren't correctly
    registered in the DNS.

    Make sure your PTR and A records match.  For every IP address, there
    should be a matching PTR record in the in-addr.arpa domain.  If a
    host is multi-homed, (more than one IP address) make sure that all IP
    addresses have a corresponding PTR record (not just the first one).
    Failure to have matching PTR and A records can cause loss of Internet
    services similar to not being registered in the DNS at all.  Also,
    PTR records must point back to a valid A record, not a alias defined
    by a CNAME.  It is highly recommended that you use some software
    which automates this checking, or generate your DNS data from a
    database which automatically creates consistent data.
------------- cut -----------

Vlasta

> tohle je vypis host a logu
>
> root at postak# host 193.222.130.1
> 1.130.222.193.in-addr.arpa domain name pointer okmail.oksystem.cz.
> root at postak# host okmail.oksystem.cz
> okmail.oksystem.cz has address 193.222.130.65
>
>
> Apr 18 10:30:50 postak postfix/smtpd[76414]: warning: 193.222.130.1: address 
> not                                          listed for hostname 
> okmail.oksystem.cz
> Apr 18 10:30:50 postak postfix/smtpd[76414]: NOQUEUE: reject: RCPT from 
> unknown[                                         193.222.130.1]: 450 Client 
> host rejected: cannot find your hostname, [193.222.13 
> 0.1]; from=<nejakejpan at oksystem.cz> to=<kemenaserver at keytec.cz> proto=ESMTP 
> helo=<okmail                                         .oksystem.cz>
>
>
>
> kdo ma pravdu?
>

-- 
Vlastimil Zeman
System Administration Manager

VOLNY (Telekom Austria Czech Republic, a.s.)
U Nakladoveho nadrazi 8
130 00 Praha 3, Ceska Republika
Tel.: +420 246 000 408
Fax : +420 246 000 118
mailto:vlastimil.zeman at telekomaustria.cz
http://www.telekomaustria.cz