On Friday, 19 September 2003 at 3:20:21 +0000, Mark wrote: > On Friday, September 19, 2003 2:44 AM, Mark wrote: >> >>>> Thanks to Kris I found the new sendmail. :) But a slight anomaly occurs >>>> in> 8.12.10: >>>> >>>> AUTH=server, relay=my-xp-machine.net [192.168.1.3] (may be forged), >>>> authid=admin >>>> >>>> That is odd; why would it suddenly say "may be forged"? >>> >>> Hmm, this wouldn't, by any chance, have anything to do with Verisign's >>> latest DNS crap, would it? Kinda like a preemptive caution that a "net" >>> domain might be fake? >> >> No, this is the result of a failed reverse DNS lookup or a failed >> consistency check between forward and reverse DNS. Given that the >> address is in the non-routable RFC 1918 range, this is to be expected. > > Then why does it not occur in 8.12.9? If I start my 8.12.9 sendmail, it does > NOT say "may be forged". Did something change in-between versions?
It would seem so.
> Here is why I think it seems related to Verisign somehow:
>
> asarian-host: {root} % nslookup my-xp-machine.net
> Name: my-xp-machine.net
> Address: 64.94.110.11
Ah. But this is an invalid domain.
> Maybe 8.12.10 picks up on the IP-mismatch?
But we're looking at the reverse lookup first. There's no global
reverse lookup for that network, but that doesn't mean that there
aren't local name servers which handle it.
> But that still does not explain why my 8.12.9 sendmail does not say
> "may be forged". And if I change /etc/hosts to have 192.168.1.3
> called "my-xp-machine.ORG", then the error goes away, in 8.12.10
> too!
Yes, that's a feature, not a bug.
Greg
--
When replying to this message, please copy the original recipients.
If you don't, I may ignore the reply or reply to the original recipients.
For more information, see http://www.lemis.com/questions.html
See complete headers for address and phone numbers
pgp00000.pgp
Description: PGP signature
