Reverse DNS and mail

phil-news-nospam at phil-news-nospam at
Sun Jan 18 01:51:42 UTC 2004

On Thu, 08 Jan 2004 09:55:30 +1100 Mark_Andrews at wrote:

|> Also,
|>   I believe the error you get that states "sender domain must resolve" is act
|> ually a Forward lookup of what is in the "Mail From:" command of a mail messa
|> ge. So if the server sent mail from John at then it would fail only if 
|> were not a real domain. And the mail would not even have to be comin
|> g from a server.  This is a rule that just checks to see if there is
|>  a real domain registered with that name.  The Domain should have an A record
|>  pointing somewhere.
|        If a MTA is performing this test then is should be looking
|        for a A, AAAA or MX record.  Anyone of these is enough to
|        satisfy the test.  Any MTA that demands a A record is broken
|        for the domain in the "mail from".
|                A IPv4 only host.
|                AAAA IPv6 only host.
|                MX mail only domain.
|        Note:  there are a lot of old IPv4 only aware MTA's which only
|        check A and MX.

One reason such checks are made is to verify if mail can be sent back to the
given sender address.  If the receiving host is only capable of IPv4, and the
sender's domain is only capable of receiving mail via IPv6, then mail cannot
be sent back to the sender, and the domain can be considered unresolvable for
that receiving host.  In such a case a test for AAAA would give incorrect
information if there was an AAAA record and no others.  So if the receiving
host is only capable of IPv4 it only needs to test for A and MX.  Likewise,
if it is only capable of IPv6 it only needs to test for AAAA and MX.  An MTA
capable of both IPv4 and IPv6, of course, should test for all three.

| Phil Howard KA9WGN       | |
| (first name) at | |

More information about the bind-users mailing list