From owner-freebsd-test@freebsd.org  Sun Apr 10 20:00:51 2016
Return-Path: <owner-freebsd-test@freebsd.org>
Delivered-To: freebsd-test@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 15D69B0A48C
 for <freebsd-test@mailman.ysv.freebsd.org>;
 Sun, 10 Apr 2016 20:00:51 +0000 (UTC)
 (envelope-from david@catwhisker.org)
Received: from albert.catwhisker.org (mx.catwhisker.org [198.144.209.73])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id C0ADA1E05;
 Sun, 10 Apr 2016 20:00:49 +0000 (UTC)
 (envelope-from david@catwhisker.org)
Received: from albert.catwhisker.org (localhost [127.0.0.1])
 by albert.catwhisker.org (8.15.2/8.15.2) with ESMTP id u3AK0mXW004648;
 Sun, 10 Apr 2016 20:00:48 GMT
 (envelope-from david@albert.catwhisker.org)
Received: (from david@localhost)
 by albert.catwhisker.org (8.15.2/8.15.2/Submit) id u3AK0mMK004647;
 Sun, 10 Apr 2016 13:00:48 -0700 (PDT) (envelope-from david)
Date: Sun, 10 Apr 2016 13:00:48 -0700
From: David Wolfskill <david@catwhisker.org>
To: Dominic Fandrey <kami@freebsd.org>
Cc: freebsd-test@freebsd.org, postmaster@freebsd.org
Subject: Re: testmail
Message-ID: <20160410200048.GD1226@albert.catwhisker.org>
References: <1460316757.71105.3.camel@freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="C1iGAkRnbeBonpVg"
Content-Disposition: inline
In-Reply-To: <1460316757.71105.3.camel@freebsd.org>
User-Agent: Mutt/1.6.0 (2016-04-01)
X-BeenThere: freebsd-test@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Test posting area <freebsd-test.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-test>,
 <mailto:freebsd-test-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-test/>
List-Post: <mailto:freebsd-test@freebsd.org>
List-Help: <mailto:freebsd-test-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-test>,
 <mailto:freebsd-test-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Apr 2016 20:00:51 -0000


--C1iGAkRnbeBonpVg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Apr 10, 2016 at 09:32:37PM +0200, Dominic Fandrey wrote:
> 123 test
> ....

OK; here we have the "Requirements for sending mail through mx1":

  The SMTP server in this case, mx1.freebsd.org, is set up so that it
  requires:
 =20
  * the IP address of the SMTP client must "reverse-resolve" to a
    hostname and
 =20
  * the hostname thus obtained must resolve to a set of IP addresses,
    one of which must match the IP address of the client and
 =20
  * the (fully-qualified) hostname given in the SMTP conversation
    (either HELO or EHLO) must resolve a set of IP addresses, one of
    which must match the IP address of the client.


And here's the Received header for the handoff to mx1:

Received: from mail.server1.bsdforen.de (bsdforen.de [82.193.243.81])
        by mx1.freebsd.org (Postfix) with ESMTP id 48AFB1283
        for <postmaster@freebsd.org>; Sun, 10 Apr 2016 19:33:57 +0000 (UTC)
        (envelope-from kami@freebsd.org)

The SMTP client using IPv4 address 82.193.243.81 identified itself as
"mail.server1.bsdforen.de", but:

root@mx1:/var/log # host mail.server1.bsdforen.de
Host mail.server1.bsdforen.de not found: 3(NXDOMAIN)
root@mx1:/var/log #=20

So that contravenes the 3rd point (re: HELO or EHLO).

The rest looks OK:

root@mx1:/var/log # host bsdforen.de
bsdforen.de has address 82.193.243.81
bsdforen.de has IPv6 address 2a01:a380:4408:a003::2
bsdforen.de mail is handled by 20 bsdforen.de.
root@mx1:/var/log # host 82.193.243.81
81.243.193.82.in-addr.arpa domain name pointer bsdforen.de.
root@mx1:/var/log #=20

So if an A record could be created for mail.server1.bsdforen.de
(with the value "82.193.243.81", that should make things work
properly.

Or if the SMTP client could be persuaded to identify itself merely
as "bsdforen.de", that would also work.

Finally, if neither of these is feasible within a reasonable time
period, we (postmaster@) could "whitelist" mail.server1.bsdforen.de
-- but the DNS stuff really ought to be addressed at some point.

Peace,
david   (current hat: part of postmaster@freebsd.org)
--=20
David H. Wolfskill				david@catwhisker.org
Those who would murder in the name of God or prophet are blasphemous coward=
s.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.

--C1iGAkRnbeBonpVg
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQF8BAEBCgBmBQJXCrDwXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRDQ0I3Q0VGOTE3QTgwMUY0MzA2NEQ3N0Ix
NTM5Q0M0MEEwNDlFRTE3AAoJEBU5zECgSe4XAN8IALoJES/jT7V7sFHHkFmJ6Ak9
Aj3G+SVzqdT+v5kOCv1AKAUgiMOvky95ChVIaovcPr2dacJAC7KW59QMy4xVfl8a
O0wWZXuvIe+ZePVqmzKNiRWiKWQLUrd9RUXrTgelqR4BoS6CoenT4f/Qznyl2DPs
rWQ6VXrqS3Tf8j2DrCwYUfqNFjWiF9QznvjvG2YPs2Q8qCv3q/HxGs8k1zHhO36z
6CibqBrRSKmjS8tSgjWv9Itw680CDZ7ftNxPwO/1aovnpfch42/YkQ+/lK2xOart
1Xklw9sfg/iWJA1zVS/C2Oc8HBpf281Q6EG0LkvOgoWCNdQbiKSI/ZyTjok4fWI=
=Q2/A
-----END PGP SIGNATURE-----

--C1iGAkRnbeBonpVg--