Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 17 Jan 1998 17:31:27 -0800 (PST)
From:      Dan Busarow <dan@dpcsys.com>
To:        Thordur Ivarsson <totii@est.is>
Cc:        Font <font@Mcs.Net>, questions@FreeBSD.ORG
Subject:   Re: MAIL FROM: address check commented out in /etc/mail additions?
Message-ID:  <Pine.UW2.3.95.980117165645.15493A-100000@cedb>
In-Reply-To: <34C1485E.977C0065@est.is>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sun, 18 Jan 1998, Thordur Ivarsson wrote:
> This rule is rather nasty: If sender has not legimate A record in name
> server the rule fails and sends back error, CNAME record is not enough
> for sender.

It may be that from time to time we bounce legitimate mail.  But
I haven't received any complaints and I've had this turned on for 
several months now.  We also return a 451 error meaning that they
will retry on a DNS hickup.

But I thought I'd take a look at the logs again today.  There
have been 450 rejects so far today, here's the summary.


   7 1-707-429-0999-Doc.989 206.214.98.15
   5 1-707-429-0999-Doc.989 206.214.98.16
   5 16683.com 210.140.140.2
  15 17482.com 209.135.75.2
  22 19735.com 195.10.42.36
   1 1cannel.com 169.152.79.3             not a registered domain
  20 23615.com 208.133.82.3
  22 2e2yji.net 205.139.56.34
   1 32204.com 206.151.85.34
  12 Beat-IRS-411.com 206.214.98.11
  11 Freedom.bizzpost.com 207.43.80.148 NO NS records for freedom, IP 
                                        is mail.bizzpost.com
This next one is one of our web servers so I checked on it.  It was
someone (or bot) hitting a CGI form with a bogus address (no MX or A
records) every half hour.
  45 Northgrum.Com 206.16.184.194
   2 bingo.edu 207.100.79.10
   9 bulkemailserver.com 208.139.245.34
  56 cantv.com 161.196.66.41           NO DNS
  88 do 206.16.184.194                 another web form (twice every half hour)
  21 gamescleaning.com.au 208.133.82.3
   9 le1ttrbox.com 198.69.103.26
  45 mail.hpccsocal.com 207.217.137.18 earthlink dialup (34 separate IPs)
  20 maketingtips.com 204.174.35.21
  18 qcqnb5.net 206.141.239.126
   9 skywa1tches.net 198.69.103.26
   5 t-1net.com 132.248.251.5
   2 t-1net.com 148.232.1.2

I don't think we or our customers are missing anything.

Dan
-- 
 Dan Busarow                                                  714 443 4172
 DPC Systems / Beach.Net                                    dan@dpcsys.com
 Dana Point, California  83 09 EF 59 E0 11 89 B4   8D 09 DB FD E1 DD 0C 82

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.UW2.3.95.980117165645.15493A-100000>