Results 1 to 3 of 3

Thread: Does reject_invalid_hostname cause a DNS lookup?

  1. #1
    Simulcast is offline Intermediate Member
    Join Date
    Dec 2011
    Posts
    15
    Rep Power
    3

    Default Does reject_invalid_hostname cause a DNS lookup?

    Hi,

    I'm using reject_invalid_hostname as the first of my smtpd_recipient_restrictions in Postfix.

    I believe the following is a log entry for a related (eventual) rejection:

    Dec 29 23:57:18 smtp postfix/smtpd[26403]: warning: 209.124.166.41: hostname atclientaccess.baltimorehousing.org verification failed: Name or service not known

    In the interest of performance and possible reordering of my restrictions, does anyone happen to know if reject_invalid_hostname causes a DNS lookup?

    If not, how does Postfix deem "atclientaccess.baltimorehousing.org" "invalid"?

    Thanks in advance!
    Last edited by Simulcast; 12-30-2011 at 11:31 AM.

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,586
    Rep Power
    57

    Default

    Quote Originally Posted by Simulcast View Post
    In the interest of performance and possible reordering of my restrictions, does anyone happen to know if reject_invalid_hostname causes a DNS lookup?
    No, it doesn't.

    Quote Originally Posted by Simulcast View Post
    If not, how does Postfix deem "atclientaccess.baltimorehousing.org" "invalid"?
    Search for the restriction name here: http://www.troubleshootingwiki.org/P...i-Spam_Methods
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Simulcast is offline Intermediate Member
    Join Date
    Dec 2011
    Posts
    15
    Rep Power
    3

    Default

    Thanks Phoenix and Vavai.

    Fwiw, for a test I turned off ALL Zimbra admin interface MTA protocol and DNS checks, bounced postfix, verified via postconf that restrictions were reduced to "reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/opt/zimbra/conf/zmmta_white_and_black_list, reject_unauth_destination, permit", and still get the warnings.

    And, "tcpdump -i eth0 udp port 53" confirmed there ARE DNS queries associated associated with the log entries:

    Code:
    zimbra.log: Jan  1 13:38:32 smtp postfix/smtpd[28178]: warning: 110.138.133.5: hostname 5.subnet110-138-133.speedy.telkom.net.id verification failed: Name or service not known
    tcpdump: 13:38:27.665938 IP smtp.domain.com.56060 > 172.16.0.1.domain:  19696+ PTR? 5.133.138.110.in-addr.arpa. (44)
    
    zimbra.log: Jan  1 13:40:57 smtp postfix/smtpd[28178]: warning: 190.189.34.68: hostname 68-34-189-190.cab.prima.net.ar verification failed: Name or service not known
    tcpdump: 13:40:57.430417 IP smtp.domain.com.45127 > 172.16.0.1.domain:  15487+ PTR? 68.34.189.190.in-addr.arpa. (44)
    
    zimbra.log: Jan  1 13:41:21 tamago postfix/smtpd[28178]: warning: 110.138.133.5: hostname 5.subnet110-138-133.speedy.telkom.net.id verification failed: Name or service not known
    tcpdump: 13:41:21.463231 IP smtp.domain.com.48700 > 172.16.0.1.domain: 45231+ PTR? 5.133.138.110.in-addr.arpa. (44)
    Perhaps not critical but I'm still curious. Since they entries are warnings maybe they are just default postfix behavior though I couldn't verify this.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra Server Sending and Recieveing +DNS Lookup
    By f1tzz1mbr4 in forum Administrators
    Replies: 11
    Last Post: 07-20-2011, 09:13 AM
  2. [SOLVED] Amavisd-Postfix RCPT TO Takes a long time
    By samuraii in forum Administrators
    Replies: 8
    Last Post: 02-11-2009, 03:34 PM
  3. Failed DNS lookup when entries exist
    By toadkicker@gmail.com in forum Installation
    Replies: 5
    Last Post: 09-02-2008, 03:23 PM
  4. :( DNS Lookup issues
    By jhgutierrezg in forum Administrators
    Replies: 3
    Last Post: 05-30-2007, 08:00 AM
  5. Dns lookup re-enable by itself?
    By xtrem in forum Administrators
    Replies: 1
    Last Post: 06-28-2006, 09:14 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •