[RCU] Misconfigured Mailing List DNS

roundcube at ptld.com roundcube at ptld.com
Sun Aug 15 16:51:38 CEST 2021


I got an email from this mailing list...

Client IP = 95.128.36.21 -> mx.kolabsys.com
Client PTR = mx.kolabsys.com -> 95.128.36.22
                              -> 95.128.36.21
                              -> 212.103.80.151
                              -> 95.128.36.23
                              -> 212.103.80.150
                              -> 212.103.80.152

Kind of okay there, at least it maps back, however i have never seen PTR 
sharing the same domain like that. Not sure that won't have strange side 
effects. But then that client gave a HELO of...

ext-mx-out001.kolabsys.com -> 212.103.80.148

And 212.103.80.148 (Helo) != 95.128.36.21 (client IP), this IMO is a 
problem. The Helo IP isn't even one of the half dozen IP's sharing the 
same PTR domain. I think it would be better if the Helo mapped back to 
the client using it. Or even just used the PTR (mx.kolabsys.com) for the 
helo. Although if it was me i would give each server its own mapping PTR 
with matching Helo and not share the same PTR for multiple servers.


More information about the users mailing list