From owner-freebsd-questions@FreeBSD.ORG  Wed Dec  3 10:29:27 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D87AA16A4CE
	for <freebsd-questions@freebsd.org>;
	Wed,  3 Dec 2003 10:29:27 -0800 (PST)
Received: from anchor-post-34.mail.demon.net (anchor-post-34.mail.demon.net
	[194.217.242.92])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 950AE43FD7
	for <freebsd-questions@freebsd.org>;
	Wed,  3 Dec 2003 10:29:26 -0800 (PST)
	(envelope-from jeff+sender+e8ec28@jrpenn.demon.co.uk)
Received: from jrpenn.demon.co.uk ([194.222.241.254])
	by anchor-post-34.mail.demon.net with esmtp (Exim 3.35 #1)
	id 1ARbkb-000Ejq-0Y
	for freebsd-questions@FreeBSD.ORG; Wed, 03 Dec 2003 18:29:26 +0000
Received: by jrpenn.demon.co.uk (Postfix, from userid 1001)
	id 6008822CC; Wed,  3 Dec 2003 16:23:21 +0000 (GMT)
Received: by jrpenn.demon.co.uk (tmda-sendmail, from uid 1001);
	Wed, 03 Dec 2003 16:23:21 +0000 (GMT)
Date: Wed, 3 Dec 2003 16:23:20 +0000
To: freebsd-questions@FreeBSD.ORG
Message-ID: <20031203162320.GA382@jrpenn.demon.co.uk>
References: <001201c3b898$c6821720$0400a8c0@internalprocess>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <001201c3b898$c6821720$0400a8c0@internalprocess>
User-Agent: Mutt/1.4.1i
From: Jeff Penn <jeff+dated+1070900601.d3ea15@jrpenn.demon.co.uk>
Mail-Followup-To: freebsd-questions@FreeBSD.ORG
X-Delivery-Agent: TMDA/0.89 (Chateaugay)
Subject: Re: hosts.allow not always working... misses some IPs
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Dec 2003 18:29:28 -0000

On Tue, Dec 02, 2003 at 12:54:32AM -0500, Kerry B. Rogers wrote:
> I received an e-mail with the following header fragment:
> 
> ===V=== cut here ===V====
> Received: from priv-edtnes11-hme0.telusplanet.net (outbound03.telus.net
> [199.185.220.222])
>  by tinkertoys.net (8.12.10/8.11.6) with ESMTP id hANMNpKS021237;
>  Sun, 23 Nov 2003 15:23:51 -0700 (MST)
> ===^=== cut here ===^====
> 
> In my hosts.allow file (which usually rejects domains just fine) I have:
 
> smtp : 199.185.220.0/255.255.251.0 : deny

-------------------------------^^^

> The above listed e-mail should have been rejected but it wasn't. Is this a
> bug? Is a 975K host.allow file creating this problem? Please help...

I added your rule to my hosts.allow and tested it using:

tcpdmatch smtp 199.185.220.222

The rule was not triggered.  Changing the rule to a valid netmask 
(255.255.255.0) did trigger the rule & denied access.

Jeff