Does PTR/RevDNS for IP address is somehow needed in RFC?

Question asked by Webio - 3/20/2023 at 3:36 AM

Unanswered

Hello,

From time to time I have questions from my clients about long email sending. After some investigation issue is with no RevDNS/PTR which makes SMTP connection stuck for one minute.

Example:

2023.03.17 22:21:17.616 [CLIENTIP][17096596] Performing PTR host name lookup for CLIENTIP
2023.03.17 22:22:14.315 [CLIENTIP][17096596] PTR host name for CLIENTIP resolved as UnknownHost

and now I'm wondering. Does PTR/RevDNS is somehow mentioned in RFC as needed for SMTP incoming connections from end clients?

I've got response from SmarterTools staff for my question about DNS check timeout for (PTR/RevDNS):

There is no place to enter a timeout. One thing that you could try however is placing their IP address in the IP bypass.
You can do this by going to Settings->Antispam->IP Bypass.

but for obvious reasons I'm not interested in IP bypassing every single IP address especially when it comes for client SMTP connections. Actually I don't even need to know PTR hosts for client connections so maybe this could be optional (especially that I don't have Reverse DNS SPAM check enabled for inbound and outbound SMTP connections).

Thanks

4 Replies

Reply to Thread

Gabriele Maoret - SERSIS Replied

3/20/2023 at 5:15 AM

It is needed for anti-spam reason.

Many systems refuse your connections if you don't have a valid PTR record (and if your helo don't match it...)

Gabriele Maoret - Head of SysAdmins and CISO at SERSIS

Currently manages 7 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 6 on-premise for customers who prefer to have their mail server in-house)

Kyle Kerst Replied

3/20/2023 at 3:53 PM

Employee Post

What Gabriele said here is correct; the reverse DNS is a standard antispam check that is performed by most if not all email providers/servers.

The long delays you are seeing when performing RDNS lookups could be stemming from DNS delays, so I recommend retesting those scenarios with some common public DNS servers in place temporarily to see if the issue improves. You can try the following which are known to be a good starting point - and these are configured in Settings>General in SmarterMail when logged on as a system administrator:

1.1.1.1 (Cloudflare DNS)

8.8.8.8 (Google DNS)

Kyle Kerst

Lead Internal Network/System Administrator

SmarterTools Inc.

smartertools.com

Webio Replied

3/21/2023 at 2:19 AM

Maybe I had been misunderstood here. IP which has no RevDNS is my clients IP from ISP which connects to my SmarterMail main instance which is not performing any antispam actions (I do that on incoming gateways). Just to clarify it here: this IP is not IP of any mail server or any mail gateway but just client IP from his ISP.

Issue here is that when client is sending email from his Outlook sending message window is stuck for one minute because of SMTP session being hang because o RevDNS checking on SmarterMail side.

I've used tools like (just to be sure):

https://mxtoolbox.com/ReverseLookup.aspx

to verify RevDNS and users IP addres does not have one so changing DNS servers will not change anything here.

My point here is that if I don't perform any antispam operations on my main SmarterMail instance agains incoming SMTP connections (especially ones which are authenticated) does SmarterMail must perform RevDNS resolving in first place?

Webio Replied

4/4/2023 at 1:26 AM

I would like to return to this topic with a question:

If no spam checks are being done on SmarterMail instance to which SMTP client is connecting then is there a need to perform RevDNS resolving during incoming SMTP session?

Back to Community Threads

Please leave this box unchecked

Reply to Thread

Enter the verification text