Bloody useless network admins.

There are so many badly configured DNS and mail servers out there!! Recently I installed and configured Postfix on this server and set it as the main mail exchanger (MX). In an effort to combat the amount of spam I receive I’ve made the default restrictions fairly hash but not, I think, irrationally so. Yet many legitimate mail sources are getting bounced due to their hosting ISP’s complete and utter incompetence when it comes to DNS.

The main issue is usually inaccurate PTR to A RR lookups. Ie, a host with an IP has a PTR record that resolves to but when you look up the A record for you get NXDOMAIN. FECK! That is so completely broken! Postfix of course, rightly assumes that this could be a DNS spoofing attack and temporarily rejects (SMTP reponse 450) the mail as coming from an “unknown host”.

Another right doozy is when mail servers say “HELO” when doesn’t resolve because it’s an internal (to the sending network) host name. Or better yet say “HELO” yet their IP resolves to something completely different.

A prayer to all network admins: “Fix your fucking DNS!!!”.

Some tools to help you:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s