On 10/20/2014 11:12 AM, Quinn Comendant wrote:
Hi Guys
I've been discussing on the [email protected] list about a minor issue I'm
having with SA, and it was noted by a couple people that the headers of incoming mail
indicates qmail is not doing DNS lookups correctly. Specifically, it seems qmail is not
recording the reverse dns of the host from which it received the mail, and is instead
using "Received: from unknown …" for all incoming messages. DNS works on the
command line, if I query using `host` or `dig` so I don't think it is a problem with our
network's DNS. Does qmail need something special to be able to do dns lookups? This has
never been a problem for us but apparently this is affecting spamassassin's functionality.
Example "received" headers:
Here's one from gmail:
Received: from unknown (HELO mail-pd0-f175.google.com) (209.85.192.175)
by oak.strangecode.com with (AES128-SHA encrypted) SMTP; 19 Oct 2014
05:42:33 -0000
And testing this IP from the command line on our mail server:
{q@oak/0 ~} host 209.85.192.175
175.192.85.209.in-addr.arpa domain name pointer mail-pd0-f175.google.com.
{q@oak/0 ~} host mail-pd0-f175.google.com
mail-pd0-f175.google.com has address 209.85.192.175
Here's one from Rackspace (our host):
Received: from unknown (HELO smtp1-ext.ord1.corp.rackspace.com) (173.203.4.141)
by oak.strangecode.com with (DHE-RSA-AES256-SHA encrypted) SMTP; 20 Oct 2014
17:42:11 -0000
And from the command line:
{q@oak/0 ~} host 173.203.4.141
141.4.203.173.in-addr.arpa domain name pointer
smtp1-ext.ord1.corp.rackspace.com.
{q@oak/0 ~} host smtp1-ext.ord1.corp.rackspace.com
smtp1-ext.ord1.corp.rackspace.com has address 173.203.4.141
Thanks!
Quinn
That's on purpose. The tcpserver -H option, which is used by default,
tells tcpserver not to look up the rdns name, the only purpose of which
would be to add it in the message header. spamdyke is doing that
already, and it's in the logs. If you'd like to see the rdns name in the
message header, you can remove the -H option from the tcpserver line in
the /var/qmail/supervise/smtpd/run file. Personally, I think that's
information that doesn't need to be in the message header (along with
the authenticated user's account id, but that's another matter).
I'd like to see spamdyke add its own header at some point, at which time
I'm sure it will be there. Sam's very thorough about these things. ;)
Thanks.
--
-Eric 'shubes'
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]