Sendmail weirdness

Mark Donnelly gimli at offcenter.org
Wed Oct 20 11:30:30 EDT 1999



On Wed, 20 Oct 1999, Daniel P. Katz wrote:


> b) Is this an intentional security feature or a configuration error?

It's actually a combination of the two.

Here's what's going on:


> -------------------------------------------------------------------------
> bishop:/users/dkatz[1]% mail -v dkatz at cam-katz

[snip!]

> >>> RCPT To:<dkatz at dhcp-250-11.kenan.com>
> 550 <dkatz at dhcp-250-11.kenan.com>... Relaying denied

Do you notice a difference here?  What's going on is that somehow cam-katz
is getting translated into dhcp-250-11.kenan.com.  Assumedly, cam-katz
doesn't know about the dhcp* name, so it's rejecting the mail, on the
reasoning that someone is trying to use it to send mail to another machine
(also known as relaying, a favored technique of spammers).

This is both a configuration problem (due to DNS issues, or not listing
all the recognized names in the proper /etc/mail/* file under RedHat), and
a security problem (trying to stop the spam).

To fix it, I'd suggest either getting bishop to recognize cam-katz as
such, or add dhcp-250-11.kenan.com to the appropriate /etc/mail/* file.  I
think that there might be another option - configuring it to accept mail
for all of kenan.com - but that might not be what you want.

> dkatz at cam-katz... User unknown

I'm guessing this is the friendly error message from /bin/mail that
corresponds to a 550 SMTP error code.

--Mark

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).



More information about the Discuss mailing list