On Wed, 7 Mar 2001, Gregory Neil Shapiro wrote:

> root> I am using the standard freebsd.mc created during a buildworld.  I
> root> have started noticing that I am missing/rejecting a lot of emails
> root> from places like: yahoogroups.com.
> It would be helpful to show the actual log message so we can determine why
> it is being rejected.  If it is something like:
> Mar  7 18:45:51 horsey sendmail[69643]: f282jdlg069643: ruleset=check_mail, 
>reject=501 5.1.8 <[EMAIL PROTECTED]>... Domain of sender address 
>[EMAIL PROTECTED] does not exist
Yes, that is it.  I actually started noticing the problem in my email for
the daily (nightly) run.  I went to look in the maillog, however, and that
is the essence of the error (I think the PID might have been different ;).

> Then at the time the mail came in, yahoogroups.com was not resolvable.  You
> can check with:
> nslookup -q=AAAA yahoogroups.com.
> nslookup -q=A yahoogroups.com.
> nslookup -q=MX yahoogroups.com.
I did this and it does resolve for that one, but it doesn't for an ISP
that one of my clients is trying to receive an email from.  I emailed the
owner of the ISP who promptly informed me that you should never setup an
IP for your domain name, just for things like the www.<hisname>.org ;).
However, the MX does (and has all along) resolved for his domain.  I
thought sendmail would do the DNS lookup/RDNS double-check thing for the
MX machine instead of the origination machine, which was why I was so

> root> I have been looking in the sendmail config stuff, and I have not yet
> root> figured out what rule I would need to change, but I need it fixed
> root> soon, customers are complaining.  I think what needs to be done is
> root> add a rule that says (if it is a TLD, go ahead and accept it).  And,
> root> yes, I realize that means I will get a lot of emails from places
> root> like: akjasdkfhaskhdf.com, but a "whois" lookup would be WAY TOO
> root> SLOW.
> >From /usr/share/sendmail/cf/README:
> FEATURE(accept_unresolvable_domains)
>               Normally, MAIL FROM: commands in the SMTP session will be
>               refused if the host part of the argument to MAIL FROM:
>               cannot be located in the host name service (e.g., an A or
>               MX record in DNS).  If you are inside a firewall that has
>               only a limited view of the Internet host name space, this
>               could cause problems.  In this case you probably want to
>               use this feature to accept all domains on input, even if
>               they are unresolvable.
Saw this, and didn't like the sound of it one darn bit.  I am on a AT&T
T1, which has been extremely reliable, and have never (that I know of) had
problems resolving names unless the other persons bind or connection to
the net is shakey.

> ...
> An ``access'' database can be created to accept or reject mail from
> selected domains.  For example, you may choose to reject all mail
> originating from known spammers.  To enable such a database, use
>       FEATURE(`access_db')
> ...
>       OK              Accept mail even if other rules in the
>                       running ruleset would reject it, for example,
>                       if the domain name is unresolvable.
Okay, just call me stupid :).  I use this feature already to allow relays
from/to my various domain names, reject email from spammers, etc.  I can
even control it directly from webmin instead of looking at all those
strange rules in the .cf file.

- brian

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to