[PLUG] Sendmail and DNS checks
Paul Heinlein
heinlein at madboa.com
Wed Mar 17 15:11:02 UTC 2004
On Wed, 17 Mar 2004, Keith Nasman wrote:
> > > Mar 17 12:06:22 server sendmail[19557]: i2HK6LfR019557:
> > > ruleset=check_rcpt, arg1=,
> > > relay=gw.domain.com.zzz.yyy.xxx.www.in-addr.arpa [www.xxx.yyy.zzz]
> > > (may be forged), reject=550 5.7.1 ... Relaying denied. IP name
> > > possibly forged [www.xxx.yyy.zzz]
> >
> > This looks like DNS isn't setup properly for your LAN. How do you
> > manage name lookups internally (e.g., /etc/hosts, DNS)?
> >
>
> The server is running bind, so the server itself is the DNS
> server. LAN clients are resolving Internet sites itself. [....]
>
> From the server and externally I can dig gw.domain.com,
> mail.domain.com, and domain.com and they all point back to the
> correct public IP address.
What does dig or host turn up when you feed it the IP address you
masked out in your original message ("www.xxx.yyy.zzz")?
Also, I'm a bit suspicious of the name sendmail gets for the relay:
relay=gw.domain.com.zzz.yyy.xxx.www.in-addr.arpa
That's just bizarre. I grepped through some sendmail logs for similar
error messages, and never once found sendmail reporting a hostname
ending in in-addr.arpa (the reverse-pointer faux domain).
-- Paul Heinlein <heinlein at madboa.com>
More information about the PLUG
mailing list