From owner-freebsd-questions  Sun Jan 18 02:17:13 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id CAA01780
          for questions-outgoing; Sun, 18 Jan 1998 02:17:13 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from cedb.dpcsys.com (cedb.dpcsys.com [206.16.184.4])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA01773
          for <questions@FreeBSD.ORG>; Sun, 18 Jan 1998 02:17:09 -0800 (PST)
          (envelope-from dan@dpcsys.com)
Received: from localhost (dan@localhost) by cedb.dpcsys.com (8.8.5/8.8.2) with SMTP id BAA15701; Sun, 18 Jan 1998 01:31:27 GMT
Date: Sat, 17 Jan 1998 17:31:27 -0800 (PST)
From: Dan Busarow <dan@dpcsys.com>
To: Thordur Ivarsson <totii@est.is>
cc: Font <font@Mcs.Net>, questions@FreeBSD.ORG
Subject: Re: MAIL FROM: address check commented out in /etc/mail additions?
In-Reply-To: <34C1485E.977C0065@est.is>
Message-ID: <Pine.UW2.3.95.980117165645.15493A-100000@cedb>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk

On Sun, 18 Jan 1998, Thordur Ivarsson wrote:
> This rule is rather nasty: If sender has not legimate A record in name
> server the rule fails and sends back error, CNAME record is not enough
> for sender.

It may be that from time to time we bounce legitimate mail.  But
I haven't received any complaints and I've had this turned on for 
several months now.  We also return a 451 error meaning that they
will retry on a DNS hickup.

But I thought I'd take a look at the logs again today.  There
have been 450 rejects so far today, here's the summary.


   7 1-707-429-0999-Doc.989 206.214.98.15
   5 1-707-429-0999-Doc.989 206.214.98.16
   5 16683.com 210.140.140.2
  15 17482.com 209.135.75.2
  22 19735.com 195.10.42.36
   1 1cannel.com 169.152.79.3             not a registered domain
  20 23615.com 208.133.82.3
  22 2e2yji.net 205.139.56.34
   1 32204.com 206.151.85.34
  12 Beat-IRS-411.com 206.214.98.11
  11 Freedom.bizzpost.com 207.43.80.148 NO NS records for freedom, IP 
                                        is mail.bizzpost.com
This next one is one of our web servers so I checked on it.  It was
someone (or bot) hitting a CGI form with a bogus address (no MX or A
records) every half hour.
  45 Northgrum.Com 206.16.184.194
   2 bingo.edu 207.100.79.10
   9 bulkemailserver.com 208.139.245.34
  56 cantv.com 161.196.66.41           NO DNS
  88 do 206.16.184.194                 another web form (twice every half hour)
  21 gamescleaning.com.au 208.133.82.3
   9 le1ttrbox.com 198.69.103.26
  45 mail.hpccsocal.com 207.217.137.18 earthlink dialup (34 separate IPs)
  20 maketingtips.com 204.174.35.21
  18 qcqnb5.net 206.141.239.126
   9 skywa1tches.net 198.69.103.26
   5 t-1net.com 132.248.251.5
   2 t-1net.com 148.232.1.2

I don't think we or our customers are missing anything.

Dan
-- 
 Dan Busarow                                                  714 443 4172
 DPC Systems / Beach.Net                                    dan@dpcsys.com
 Dana Point, California  83 09 EF 59 E0 11 89 B4   8D 09 DB FD E1 DD 0C 82