Intel,Altiris Group

  • 1.  RDNS error messages

    Posted Jun 08, 2009 03:35 AM
    Hi all,

    since a few days we have a strange behaviour on our Brightmail appliances - we have a lot of entries of this type:

    sieve: RDNS: Connecting IP 220.225.151.74 does not match DNS record for (speedonline.net) with IP 203.199.124.90

    As far I understand, there must be a problem with the reverse lookup of the MX-Record - but I am not clear how should I handle this messages?

    A lot of our users a claiming, that they could not send mails to these domains?

    What is best practice in handling with domains with reverse lookup failiures?


    I am happy about any reply, because I am little bit under pressure!

    Thanks
    Roger


  • 2.  RE: RDNS error messages

    Posted Jun 08, 2009 03:58 AM
    Hi Roger,

    RDNS warnings where records do not match the expected connecting IP can be a symptom of spammers using other domain names to send email to your organization.

    Due to the (low) severity of these events, please note that RDNS-related messages will be logged at the INFO level (and not WARNING as they're now) upon the next minor release of Symantec Brightmail Gateway, expected for the end of this month.

    For more information and recommendations, please have a look at out Best Practices articles below:

    Hope this helps,

    regards

    -m


  • 3.  RE: RDNS error messages

    Posted Jun 08, 2009 04:05 AM
    Hi MatiaB,

    thanks for the update, I will read this documents. It´s good to know, that the logging for these entries will be changed.

    Thanks
    Roger