Your Received line breaks down like this:
- "unknown" is the user identified by the "ident" service on the remote end.
If the remote server is not running ident it will lag SMTP connections
between
15 and 45 seconds, depending on the mailer. MS Exchange usually does not
run ident, other servers could have it firewalled off. Because of this
(chicken
or the egg?), it's a helper for diagnosis, not a requirement of a SMTP
session.
- "HELO mail.ntechville.com" is who the remote server thinks it is and
identifies itself as when it connects to your mail server
- "211.63.67.251" is the IP of the remote mail server
- "mail.certainty.net" is your mail server (or what it thinks it is)
- the rest is obvious
The enforcement of reverse DNS lookups requires the IP address to
reverse-resolve to the HELO identification string. The reverse DNS
requirement helps knock down rogue mail servers or ones that are improperly
configured. It does not block spammers if they have their mail server
properly setup.
If this leads to a spammer hitting your server I have built notes for
tracking techniques if you are interested.
Hope this helps,
-Dave
----- Original Message -----
From: "Ed Henderson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 03, 2001 8:50 AM
Subject: tcpserver
This question is not specifically vpopmail but I'm hoping that someone can
help me better understand qmail and tcpserver. Here goes: As I understand
after reading the docs for tcpserver that if I use the "-p" option with
qmail-smtpd that it will reject smtp requests from mailers that have no
valid DNS entry. But my system doesn't appear to be doing that. Here is
the final "Recieve" line from a Spam message that I got this morning:
Received: from unknown (HELO mail.ntechville.com) (211.63.67.251) by
mail.certainty.net with SMTP; 3 Jul 2001 04:35:30 -0400
Doesn't the "unkown" indicate that the DNS name was not resolvable and
therefore the message should have been rejected? I also tried nslookup on
the IP address and got nothing for it as expected.
Here is my tcpserver run line for qmail-smtpd:
exec /usr/local/bin/softlimit -m 2000000
/usr/local/bin/tcpserver -p -v -R -l mail.certainty.net -x
/etc/tcp.smtp.cdb -c "$MAXSMTPD" -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp
/var/qmail/bin/qmail-smtpd 2>&1
