I am looking at PTR checking on a email server. In test, I see there
are a few DNS setups where they CNAME their PTR records. From a RFC
standpoint, is this valid, I am not finding any data to claim one way
or the other.

If it is acceptable, and I realize this is getting as bit off topic,
is the only recourse to simply whitelist those hosts that are doing
this?

Here is the first one I found, that tripped up my filter test (mysql
mailing list):
$dig -x 213.136.52.31

; <<>> DiG 9.4.2-P2 <<>> -x 213.136.52.31
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28031
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;31.52.136.213.in-addr.arpa. IN PTR

;; ANSWER SECTION:
31.52.136.213.in-addr.arpa. 86400 IN CNAME 31.0-25.52.136.213.in-
addr.arpa.
31.0-25.52.136.213.in-addr.arpa. 3600 IN PTR lists2.mysql.com.

--
Scott