Message
From: John Rudd [mailto:jrudd (AT) ucsc (DOT) edu]
Sent: donderdag 19 oktober 2006 22:49
To: Mark
Cc: users (AT) spamassassin (DOT) apache.org
Subject: Re: Scoring PTR's
I setup mail servers all the time and I always make sure the
Mail server broadcast name, the 'A' record and the PTR all
match, IT IS JUST GD PRACTICE.
No, it's NT good practice. Seriously. Without battering
the point, it'sreally perfectly legit for an MTA to use different
HEL names (say, based on hosting of virtual servers), whilst the
IP address for that MTA has a "fixed" PTR.
The statement you're replying to doesn't say anything about the HEL
string.
? The P's example was:
cirencester.co.uk (c204131.adsl.hansenet.de [213.39.204.131])
Here, "cirencester.co.uk" is the HEL name; and "c204131.adsl.hansenet.de"
the PTR. Similarly, in the line:
Received: from mail.apache.org (hermes.apache.org [209.237.227.199])
"mail.apache.org" was the supplied HEL name, whereas the connecting IP
address resolves to "hermes.apache.org".
It says the PTR and A records should match (and they SHULD).
? An IP address lookup will give you a single PTR; but many domains can
be registered in DNS with the same IP address, of course. An A record
lookup for "mail.apache.org" resolves to 209.237.227.199; whereas the
199.227.237.209.in-addr.arpa query (PTR) gives you "hermes.apache.org".
This is neither an error, nor wrong in any other way.
Besides, what do you mean by an A record in the context of a mail
exchanger anyway? The A record of the HEL name? an A record for the
PTR? The A record for "hermes.apache.org" (PTR) resolves nicely to
209.237.227.199. But it doesn't have to. For instance, in the case of
microsoft.com and yahoo.com there are multiple A records (done for load
balancing?). And you will get them returned in random order. Exit "PTR and
A records should match".
- Mark

Mark wrote:

I setup mail servers all the time and I always make sure the
Mail server broadcast name, the 'A' record and the PTR all
match, IT IS JUST GD PRACTICE.
No, it's NT good practice. Seriously. Without battering
the point, it'sreally perfectly legit for an MTA to use different
HEL names (say, based on hosting of virtual servers), whilst the
IP address for that MTA has a "fixed" PTR.
>The statement you're replying to doesn't say anything about the HEL
>string.

? The P's example was:

I didn't say "the P's example", I said "the statement you're replying
to", as quoted above. The statement that was being replied to was
specifically about PTR and A record matching.


>It says the PTR and A records should match (and they SHULD).

? An IP address lookup will give you a single PTR; but many domains can
be registered in DNS with the same IP address, of course.

Yes. A situation I have already covered. Multiple times.

Besides, what do you mean by an A record in the context of a mail
exchanger anyway?

The A record of the HEL name?

Is the HEL string a PTR record? or merely a string that may or may not
match a PTR record? Then clearly that's not what I'm referring to.

an A record for the
PTR?

Clearly, that's what I'm referring to.

The A record for "hermes.apache.org" (PTR) resolves nicely to
209.237.227.199. But it doesn't have to. For instance, in the case of
microsoft.com and yahoo.com there are multiple A records (done for load
balancing?). And you will get them returned in random order

As long as the hostname in the PTR record has an A record which contains
the IP address in question, all is good. As I have said multiple times.

Exit "PTR and
A records should match".

Not even close.