Date: Sat, 20 Sep 2003 05:19:04 GMT From: Mark <admin@asarian-host.net> To: "Greg 'groggy' Lehey" <grog@freebsd.org> Cc: freebsd-questions@freebsd.org Subject: Re: "May be forged"? Message-ID: <200309200519.H8K5J3DS099268@asarian-host.net> References: <200309190044.H8J0IU5M025025@asarian-host.net> <200309190056.H8J0U35M025526@asarian-host.net> <20030919025620.GT37023@wantadilla.lemis.com> <200309190320.H8J3KL5M031529@asarian-host.net> <20030920023245.GA16686@wantadilla.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Friday, 19 September 2003 at 3:20:21 +0000, Mark wrote:
>
> > On Friday, September 19, 2003 2:44 AM, Mark wrote:
> >
> >>>> Thanks to Kris I found the new sendmail. :) But a slight anomaly
> >>>> occurs in> 8.12.10:
> >>>>
> >>>> AUTH=server, relay=my-xp-machine.net [192.168.1.3] (may be forged),
> >>>> authid=admin
> >>>>
> >>>> That is odd; why would it suddenly say "may be forged"?
> >>>
> >>> Hmm, this wouldn't, by any chance, have anything to do with Verisign's
> >>> latest DNS crap, would it? Kinda like a preemptive caution that a
> >>> "net" domain might be fake?
> >>
> >> No, this is the result of a failed reverse DNS lookup or a failed
> >> consistency check between forward and reverse DNS. Given that the
> >> address is in the non-routable RFC 1918 range, this is to be expected.
> >
> > Then why does it not occur in 8.12.9? If I start my 8.12.9 sendmail, it
> > does NOT say "may be forged". Did something change in-between versions?
>
> It would seem so.
>
> > Here is why I think it seems related to Verisign somehow:
> >
> > asarian-host: {root} % nslookup my-xp-machine.net
> > Name: my-xp-machine.net
> > Address: 64.94.110.11
>
> Ah. But this is an invalid domain.
Yes, it is the name of my XP machine within the network. :)
> > But that still does not explain why my 8.12.9 sendmail does not say
> > "may be forged". And if I change /etc/hosts to have 192.168.1.3
> > called "my-xp-machine.ORG", then the error goes away, in 8.12.10
> > too!
>
> Yes, that's a feature, not a bug.
I do not quite understand this. Why would it not say "may be forged" when de
domain name ends in .org?
At any rate, I installed 8.12.10 now, changed the name of my XP machine to
end in .org; and, for the rest, everything seems to work wonderfully. So,
whatever that small change between versions may have been, it must be a
minor thing. I just wanted to make sure I had not compiled the new sendmail
horribly wrong. Everything is ok now. :)
Thanks for your help,
- Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309200519.H8K5J3DS099268>