Date: Mon, 21 Feb 2005 12:27:45 +0100 From: Randy Adamczyk <randy@adamstudios.com> To: freebsd-isp@freebsd.org Subject: Re: Why the mail error for domains I don't host? Message-ID: <4219C5B1.1010105@adamstudios.com> In-Reply-To: <20050221043613.GA21273@wjv.com> References: <4219551F.9010808@pyramus.com> <20050221043613.GA21273@wjv.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigB0DBE708839A077FAA1B50EE Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Bill Vermillion wrote: > The door open and in walked trouble - disguised as our our old > nemesis Blake Swensen, who uttered, at Sun, Feb 20, 2005 at 19:27 : > >>sendmail[93922]: j1L2kZa5093920: SYSERR(root): >>mx1.distinguish.com. config error: mail loops back to me (MX >>problem?) > >>I know everyone has seen this message at least once in their >>life from improperly configured sendmail. However, my log is >>filling up with these messages for domains I do not host.... and >>when I dig the mentioned host, it always resolves to localhost >>(127.0.0.1). This happens over and over again on for domain >>after domain. Are there really that many unskilled admins who >>publish their mail server's address as localhost, or is this >>some sort of hack that I should worry about? > > I won't call myself unskilled - but I have one domain that > in desperation I set the MX record to localhost. > > I was running about 300,000 spam messages PER DAY to that domain. > Sorry if this site is giving you problems, but I'm open to any > suggestions that will keep the spam away and the 127.0.0.1 > is the only one I could come up with. are your mailservers configured to accept mail to addresses whose mx record points to your mailservers? so, i could just go ahead and have my mx record point to your mailserver and it would accept my mail? that's not a good idea..! if both of you configure your mailservers to only accept mail sent to the domains you are hosting, you could remove the 127.0.0.1 mx. your mailserver should then answer with "relaying denied" instead of collecting lots of spam. so long, randy --------------enigB0DBE708839A077FAA1B50EE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFCGcW23OBSA2oXHYoRAuNqAJ9sBxYuH7kvYPnHnifaZ8aFRh1MUACeI8mM 7EeyvV13a+d3/bTtcioBXoU= =J2et -----END PGP SIGNATURE----- --------------enigB0DBE708839A077FAA1B50EE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4219C5B1.1010105>