[SGVLUG] I think I figured out why SpamAssassin things SGVLUG's server is part of botnet

Christopher Smith x at xman.org
Tue May 27 21:06:00 PDT 2008


matti wrote:
> --- Christopher Smith <x at xman.org> wrote:
>
>   
>> If you look at the message headers for this list, you'll see that the
>>
>> outbound MTA is from 67.43.162.226.
>>
>> # host 67.43.162.226
>> 226.162.43.67.in-addr.arpa domain name pointer
>> mail.realtybrokeroffice.com.
>> # host mail.realtybrokeroffice.com
>> mail.realtybrokeroffice.com has address 67.43.162.227
>>
>> So, the usual double reverse DNS process fails rather spectacularly.
>>
>> --Chris
>>     
>
> hmmm...
>
> So, the question...
>
> how does one handle virtual domain email hosting
> and avoid this??
>   
It's not a problem. So long as the reverse lookup for the IP matches the 
forward lookup, you don't have a problem, even if the host is 
advertising a different name initially.

In general, with virtual mail hosting, you expect that the *forward* 
lookup of the host name might go to an IP shared by multiple other 
domain names, but it is weird for the *reverse* lookup for the IP to 
point to a host record that doesn't claim to be attached to that IP in 
any way, shape or form.
> I'm assuming this problem is happening ALL over
> the place.
>   
Nope. This is a pretty rare problem for mail servers. In fact, it's 
pretty much a violation of some rule engraved somewhere for the double 
reverse lookup (lookup IP, then lookup the host name you got back from 
step one) should work for *any* host.

--Chris


More information about the SGVLUG mailing list