about the A and PTR for sending mail
cswiger at mac.com
Thu Nov 10 02:11:17 UTC 2011
On Nov 9, 2011, at 5:57 PM, 风河 wrote:
> I have two server IPs, the A records for them are:
> mail.dnsbed.com. 300 IN A 22.214.171.124
> mail.dnsbed.com. 300 IN A 126.96.36.199
> The corresponding PTR records are:
> 188.8.131.52.in-addr.arpa. 36466 IN PTR dnsbed.com.
> 184.108.40.206.in-addr.arpa. 36453 IN PTR dnsbed.com.
So a double-reverse lookup check will fail, because the PTR records go to dnsbed.com and not to mail.dnsbed.com.
> But this setting can't make email sending successful.
> The Postfix system says:
> postfix/smtp: A65713180D9: to=<***@freenet.de>,
> relay=mx.freenet.de[220.127.116.11]:25, delay=1.2,
> delays=0.29/0.02/0.76/0.16, dsn=5.0.0, status=bounced (host
> mx.freenet.de[18.104.22.168] said: 550 inconsistent or no DNS PTR
> record for 22.214.171.124 (see RFC 1912 2.1) (in reply to RCPT TO
> Is there any RFC item said the A and PTR records must be consistent?
> And why they must?
Why, yes-- by "see RFC 1912 2.1", they mean:
This is only a "should" recommendation, and not a "must" requirement. freenet.de appears to be enforcing a rather strict policy check here, but a DNS mismatch is a decent indicator of spammy mailservers; I'd use it for scoring purposes myself, and not as an absolute pass/fail.
More information about the bind-users