From owner-freebsd-questions@FreeBSD.ORG Tue Feb 5 15:18:50 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8E90016A469 for ; Tue, 5 Feb 2008 15:18:50 +0000 (UTC) (envelope-from tinguely@casselton.net) Received: from casselton.net (casselton.net [63.165.140.2]) by mx1.freebsd.org (Postfix) with ESMTP id 3684213C4E1 for ; Tue, 5 Feb 2008 15:18:50 +0000 (UTC) (envelope-from tinguely@casselton.net) Received: from casselton.net (localhost [127.0.0.1]) by casselton.net (8.14.2/8.14.2) with ESMTP id m15FHYih088698; Tue, 5 Feb 2008 09:17:34 -0600 (CST) (envelope-from tinguely@casselton.net) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=casselton.net; s=ccnMail; t=1202224654; bh=P47nP+fJUq3HFstRS3770tMMdwM=; h=Date: From:Message-Id:To:Subject:Cc:In-Reply-To; b=UQW6yu7egjcGTw/vGWJ3M ZfghkXWBexUWg9Hu3SHr9oVbjcpHe5c6R3Kia1sd36PRQoaV5+AchGXk8tZY3hMVihk Ks+p4fEcmvnwMUx/v1J7K6nqQFNpfux1EGO83e1b+ufdcrDRnVOcs+IdBa4oBX7nvdc ZDL2rZ++GixL+IBw= Received: (from tinguely@localhost) by casselton.net (8.14.2/8.14.2/Submit) id m15FHVpA088692; Tue, 5 Feb 2008 09:17:31 -0600 (CST) (envelope-from tinguely) Date: Tue, 5 Feb 2008 09:17:31 -0600 (CST) From: Mark Tinguely Message-Id: <200802051517.m15FHVpA088692@casselton.net> To: bc979@lafn.org, on@cs.ait.ac.th In-Reply-To: <200802050323.m153NnOG004527@banyan.cs.ait.ac.th> Cc: freebsd-questions@freebsd.org Subject: Re: Problem with makemap and hash tables X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2008 15:18:50 -0000 I got that error when there was a duplicate entry. I broke down and am now restricting emails to mailers that have a valid forward and reverse DNS entries. Most real mailers have properly configured DNS, but I also added a permission for those that have a DNS entry that comes back as possibly forged. the file /etc/mail/ForgedIP are the hosts that I will bypass the new filter. Added to sendmail.cf: F{ForgedIP} /etc/mail/ForgedIP (and in the relay area) SLocal_check_relay R$+ $| $={ForgedIP}$* $@ $1 $| $2 R$*$={ForgedNames} $| $* $@ $1 $| $2 R$* $: < $&{client_resolve} > R $#error $@ 4.7.1 $: "450 Access denied. Cannot resolve PTR record for " $&{client_addr} R $#error $@ 4.7.1 $: "550 Access denied. IP name possibly forged " $&{client_name} R $#error $@ 4.7.1 $: "550 Access denied. IP name lookup failed " $&{client_name} Scheck_relay