Re: Received From IP from behind router

"Barry Veinotte" <barry@xxxxxxxxxxxx> writes:

> > Well I call that a forgery, and that is one thing I look for when deciding
> > to block a server, and I will block them at the firewall, and any server
> > that doesn't write any received header at all (which is what you are
> > essentially suggesting) get's blocked or at the very least never white-
> > listed. I don't care about private IPs, only public IPs.
> > I really doubt that the header that Sendmail was writing is the problem,
> it
> > looks to me like the problem is with his DNS. Look it up in
> > http://www.dnsreport.com/ , for one there's no MX record for the eMail
> > address he's using here, which is a good enough reason to get rejected, I
> > don't reject based on senders with no MX, but I'd like to.
> > I'm no expert on DNS, but at one time I probably found enough info to
> > figure it out on either Windows or UNIX, all I can recover right now is
> > http://www.dnsstuff.com/info/revdns.htm
> > http://www.garykessler.net/library/dns.html
> > http://www.hostlibrary.com/BasicDNSPTRRecordsAndWhyYouCare-reverse-ip.html
> >
> > and a bunch other DNS BIND stuff. I'm sure there's better info, like a
> > book.
> >
> I have tons of rejected mail due to timeouts when the receiving end looks to
> be trying to resolve the internal IP in the received from header. Some
> actually
> bounce with "Config error - mail loops back to me..." because they are
> trying
> to resolve 192.168.1.1

Are you sure that this error is not from your sendmail?

> I have "DNS and BIND" in front of me, and admit I should go back to page
> one and start over. However, I do have (obviously wrong) MX records in
> place.
> Could you tell me what is wrong with this entry? Don't be gentle - I know I
> don't
> know what I am doing!
>
>
> $TTL 86400
>
> @ IN SOA ns1.veinotte.com. webmaster.veinotte.com. (
> 1038079814 ; Serial
> 10800 ; Refresh
> 3600 ; Retry
> 604800 ; Expire
> 86400 ) ; Minimum
>
> veinotte.com. IN NS ns1.veinotte.com.
> veinotte.com. IN NS ns2.veinotte.com.
> veinotte.com. IN A 24.222.94.162
> ns1.veinotte.com. IN A 24.222.94.162
> ns2.veinotte.com. IN A 24.222.94.163
> mail.veinotte.com. IN A 24.222.94.162
> *.veinotte.com. IN A 24.222.94.162
> veinotte.com. IN MX 10 mail.veinotte.com.

I think that it is cleaner, if you drop mail.veinotte.com
and make

veinotte.com. IN MX 10 ns1.veinotte.com.


After all it is:

[hurtta@attruh hurtta]$ host 24.222.94.162
162.94.222.24.in-addr.arpa domain name pointer ns1.veinotte.net.


In other words make MX point to actual hostname.


And there is danger that *.veinotte.com may cause problems.

/ Kari Hurtta
.

Relevant Pages

  • RE: SMTP Outgoing - Connection Dropped
    ... Then checked the result of the SMTP diag, ... Checking TCP/UDP SOA serial number using DNS server. ... conversation with the receiving Mail Server computer. ...
    (microsoft.public.windows.server.sbs)
  • Re: No incoming email on new SBS 2003 network
    ... the Telnet test I ran seemed to work fine. ... Check your DNS records for your domain name here ... my network's IP address, however, we are not receiving any emails into the ... Exchange server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Setup problem with SenderID and OWA
    ... >mail with OWA. ... of the Exchange server, not the IP address of the machine running the ... >Sample SMTP Header from Exchange server.... ... surely isn't the one inserted by the receiving server. ...
    (microsoft.public.exchange.admin)
  • Re: Login Error / Question
    ... > I'm receiving the below error message when I log into my ... > Server 2003 DCs, and they are both running DNS. ... > error indicates that it is an error with the way the DNS ... > receiving these error messages either. ...
    (microsoft.public.windows.server.dns)
  • Re: Urgent : IE Web control problem
    ... I'm assuming that no-ip offers essentially standard DNS services; ... hostname resolves to an IP, and your IIS server checks the host ... header to direct the request. ...
    (microsoft.public.dotnet.framework.aspnet)