[PLUG] Sendmail and DNS checks

Paul Heinlein heinlein at madboa.com
Wed Mar 17 15:11:02 UTC 2004


On Wed, 17 Mar 2004, Keith Nasman wrote:

> > > Mar 17 12:06:22 server sendmail[19557]: i2HK6LfR019557:
> > > ruleset=check_rcpt, arg1=,
> > > relay=gw.domain.com.zzz.yyy.xxx.www.in-addr.arpa [www.xxx.yyy.zzz]
> > > (may be forged), reject=550 5.7.1 ... Relaying denied. IP name
> > > possibly forged [www.xxx.yyy.zzz]
> >
> > This looks like DNS isn't setup properly for your LAN. How do you
> > manage name lookups internally (e.g., /etc/hosts, DNS)?
> >
>
> The server is running bind, so the server itself is the DNS
> server. LAN clients are resolving Internet sites itself. [....]
>
> From the server and externally I can dig gw.domain.com,
> mail.domain.com, and domain.com and they all point back to the
> correct public IP address.

What does dig or host turn up when you feed it the IP address you
masked out in your original message ("www.xxx.yyy.zzz")?

Also, I'm a bit suspicious of the name sendmail gets for the relay:

  relay=gw.domain.com.zzz.yyy.xxx.www.in-addr.arpa

That's just bizarre. I grepped through some sendmail logs for similar
error messages, and never once found sendmail reporting a hostname
ending in in-addr.arpa (the reverse-pointer faux domain).

-- Paul Heinlein <heinlein at madboa.com>




More information about the PLUG mailing list