Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 20 Sep 2003 12:02:45 +0930
From:      Greg 'groggy' Lehey <grog@FreeBSD.org>
To:        Mark <admin@asarian-host.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: "May be forged"?
Message-ID:  <20030920023245.GA16686@wantadilla.lemis.com>
In-Reply-To: <200309190320.H8J3KL5M031529@asarian-host.net>
References:  <200309190044.H8J0IU5M025025@asarian-host.net> <200309190056.H8J0U35M025526@asarian-host.net> <20030919025620.GT37023@wantadilla.lemis.com> <200309190320.H8J3KL5M031529@asarian-host.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--X1bOJ3K7DJ5YkBrT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Friday, 19 September 2003 at  3:20:21 +0000, Mark wrote:
> On  Friday, September 19, 2003 2:44 AM, Mark wrote:
>>
>>>> Thanks to Kris I found the new sendmail. :) But a slight anomaly occurs
>>>> in> 8.12.10:
>>>>
>>>> AUTH=server, relay=my-xp-machine.net [192.168.1.3] (may be forged),
>>>> authid=admin
>>>>
>>>> That is odd; why would it suddenly say "may be forged"?
>>>
>>> Hmm, this wouldn't, by any chance, have anything to do with Verisign's
>>> latest DNS crap, would it? Kinda like a preemptive caution that a "net"
>>> domain might be fake?
>>
>> No, this is the result of a failed reverse DNS lookup or a failed
>> consistency check between forward and reverse DNS. Given that the
>> address is in the non-routable RFC 1918 range, this is to be expected.
>
> Then why does it not occur in 8.12.9? If I start my 8.12.9 sendmail, it does
> NOT say "may be forged". Did something change in-between versions?

It would seem so.

> Here is why I think it seems related to Verisign somehow:
>
> asarian-host: {root} % nslookup my-xp-machine.net
> Name:    my-xp-machine.net
> Address:  64.94.110.11

Ah.  But this is an invalid domain.

> Maybe 8.12.10 picks up on the IP-mismatch?

But we're looking at the reverse lookup first.  There's no global
reverse lookup for that network, but that doesn't mean that there
aren't local name servers which handle it.

> But that still does not explain why my 8.12.9 sendmail does not say
> "may be forged". And if I change /etc/hosts to have 192.168.1.3
> called "my-xp-machine.ORG", then the error goes away, in 8.12.10
> too!

Yes, that's a feature, not a bug.

Greg
--
When replying to this message, please copy the original recipients.
If you don't, I may ignore the reply or reply to the original recipients.
For more information, see http://www.lemis.com/questions.html
See complete headers for address and phone numbers

--X1bOJ3K7DJ5YkBrT
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (FreeBSD)

iD8DBQE/a7xNIubykFB6QiMRAkucAJ9iA4z7ntcJ6gHkjbUQwL8R+Un/6gCeIKlj
cfMqD076Sy+NFIsY0h2hg5Q=
=nlkL
-----END PGP SIGNATURE-----

--X1bOJ3K7DJ5YkBrT--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030920023245.GA16686>