I am running a Debian 7.9 server with Postfix 2.9.6 and Spamassassin 3.3.2.
One of the standard checks Spamassassin does, is to check for a rDNS record. I am assuming that it gets that info from the Received: from ... header in the message passed on from Postfix.
Now quite often Postfix fails to resolve a hostname for an IP address which unnecessarily gives a worse score than it deserves, since almost all of the times, a hostname actually exists. If I check these messages manually, I can see that the mentioned header often says Received: from example.com (unknown [1.2.3.4]) by ... while at the same time if I try to resolve the IP address myself (in the server's shell) it works without a problem.
What is the issue here? Is there a maybe a too aggressive timeout that doesn't give it enough time? If so, is there a way to adjust this timeout? My server is not getting thousands of messages per minute, so waiting a few more seconds wouldn't hurt. Would switching to DNS over TCP help this issue? If so, how can I tell Postfix to use TCP for DNS queries?
As it turns out, I was running my Postfix installation with the chroot-setting set to the default "yes". After I set this to "no" (since I am not running it in a chroot), it seems to resolve the issue.
I still don't understand why it seemed to have no problems before but now it works.
The setting in question is in
/etc/postfix/master.cf:(Source)