Re: require_rdns bug
- From: "Michael" <michael@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 17 Mar 2010 18:18:11 -0700
"DJ GRP" <deejay.grp@xxxxxxxxx> wrote in message
we are using compiled sendmail (latest version) under CentOS 5.4. For
the last 48 hours there have been some issues with it. In particular,
it started rejecting a large number of messages because it claimed
they came from unresolved IPs.
We are indeed using require_rdns feature. The thing is, it behaved
similarly for properly resolved IPs, too. There was no DNS service
interruption during the specific interval. I even tried to perform a
dig and an nslookup at the same time sendmail was rejecting IP
184.108.40.206, and I got back a proper hostname.
As a workaround, I restarted sendmail and the issue was gone.
I would appreciate some comments and/or help on this, since I am not
willing to stop using require_rdns.
If you have perl on your installation, use Net::DNSBL::MultiDaemon instead.
Then you can do a standard lookup on the IP address to MutliDaemons daemon
or extension on bind9 using FEATURE(`dnsbl','pseudo.dnsbl','reject message')
and bypass the sendmail rdns code entirely. This module will also prioritize
other DNSBL lookups so that the ones providing the most hits are queried
first rather than in the order you set up in the sendmail mc file, which is
very difficult to optimize since it changes over time.
See example here: http://www.spamcannibal.org/dnsbl_stats.shtml
the boxes in the MIDDLE of the page are stats for the month to date for our
installation showing the effect of prioritization where in-addr.arpa is the
zone for rDNS
This page http://www.spamcannibal.org/history/2010-03-14.html
shows an exemplry set of stats for 100k+ ip addresses collected last week by
the San Diego computer center run against the same set of DNSBL's to give
you an idea of where the overlap is in the various databases. Note that for
GENERIC and MISSING ptr records, this accounts for fully 80+% of all spam
- Prev by Date: Re: Question on Sendmail rDNS feature
- Next by Date: Re: avoid bouncing of rejected messages
- Previous by thread: bind sendmail to specific interface - multihomed
- Next by thread: Re: avoid bouncing of rejected messages