On Sun, Feb 09, 2003 at 02:59:42AM +0100, Benjamin Pflugmann wrote: > Hi. > > > > From: Terry Smith <[EMAIL PROTECTED]> > > > Date: 08 Feb 2003 18:05:40 -0500 > [...] > > > Final-Recipient: RFC822; <[EMAIL PROTECTED]> > > > Action: failed > > > Status: 5.2.0 > > > Remote-MTA: dns; linux-mandrake.com > > > Diagnostic-Code: smtp; 450 Client host rejected: cannot find your hostname, >[64.8.50.181] > [...] > > On Sat 2003-02-08 at 19:58:04 -0500, [EMAIL PROTECTED] wrote: > [...] > > When you send a message to sympa, the Mandrake list server, it tries > > to do a reverse lookup on the ip address of the smtp server sending > > the connection to match the smtp domain name against the domain name > > of the from address. I gather that this technique is to prevent a > > spam attack from happening. > > Looks like that is the problem. Yes, reverse lookups are common > practice, not only by mail software. It's an easy and reasonable way > to raise the bar for abuse. > > > This kind of thing happens when the mailhost you are sending through > > is a virtual server, meaning there is one numeric ip address for > > many domains. > > Not completely correct. What you refer to is the fact that it can > happen that the reverse lookup results in a different name than > the domain provided originally, e.g. > > $ urpmi bind-utils > $ host www.nic.de > www.nic.de has address 194.246.96.76 > > but > > $ host 194.246.96.76 > 76.96.246.194.in-addr.arpa domain name pointer direct.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer intern.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer member.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer secure.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer project.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer transit.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer wwwtest.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer intern-old.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer www.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer jobs.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer test.denic.de. > 76.96.246.194.in-addr.arpa domain name pointer board.denic.de. > > Although they made the effort to list all the reverse lookups, they > missed www.nic.de in their list. So if the server makes a connection > as www.nic.de (which they probably don't do), the other side would end > up with a different name by the reverse lookup.
Having a different name on reverse lookup does not block the mail. This message got through from topoi.pooq.com, and it looks up as follows: hendrik@topoi:/home2/hendrik/dv/lang/microcosm > nslookup topoi.pooq.com Server: localhost Address: 127.0.0.1 Name: topoi.pooq.com Address: 216.138.195.194 hendrik@topoi:/home2/hendrik/dv/lang/microcosm > nslookup 216.138.195.194 Server: localhost Address: 127.0.0.1 Name: H194.C195.tor.velocet.net Address: 216.138.195.194 hendrik@topoi:/home2/hendrik/dv/lang/microcosm > nslookup H194.C195.tor.velocet.net Server: localhost Address: 127.0.0.1 Name: H194.C195.tor.velocet.net Address: 216.138.195.194 hendrik@topoi:/home2/hendrik/dv/lang/microcosm > So although reverse lookip of the IP number gives a different name from topoi.pooq.com, when (if?) it looks up that different name it still gets the proper IP number. By the way, I'm told that one of the purposes of using the reverse name lookup is to catch stolen IP numbers, which apparently has been a big problem in some countries. -- hendrik > > > But the cited error message (cannot find your hostname, [64.8.50.181]) > indicates that the reverse lookup failed completely. You can easily > check this yourself: > > $ host 64.8.50.181 > Host 181.50.8.64.in-addr.arpa not found: 3(NXDOMAIN) > > If you look at me, I am currently online as > pD9EB55B6.dip.t-dialin.net, which resolves fine: > > $ host pD9EB55B6.dip.t-dialin.net > pD9EB55B6.dip.t-dialin.net has address 217.235.85.182 > $ host 217.235.85.182 > 182.85.235.217.in-addr.arpa domain name pointer pD9EB55B6.dip.t-dialin.net. > > > In this case, sympa cannot do the reverse lookup and > > quietly rejects the message.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
