From owner-freebsd-questions@FreeBSD.ORG Fri Sep 19 19:39:09 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EED9E16A4BF for ; Fri, 19 Sep 2003 19:39:09 -0700 (PDT) Received: from ozlabs.org (ozlabs.org [203.10.76.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3E76543F85 for ; Fri, 19 Sep 2003 19:39:08 -0700 (PDT) (envelope-from grog@lemis.com) Received: from blackwater.lemis.com (blackwater.lemis.com [192.109.197.80]) by ozlabs.org (Postfix) with ESMTP id 41BA22BC02 for ; Sat, 20 Sep 2003 12:39:06 +1000 (EST) Received: by blackwater.lemis.com (Postfix, from userid 1004) id 756AD518ED; Sat, 20 Sep 2003 12:02:45 +0930 (CST) Date: Sat, 20 Sep 2003 12:02:45 +0930 From: Greg 'groggy' Lehey To: Mark Message-ID: <20030920023245.GA16686@wantadilla.lemis.com> References: <200309190044.H8J0IU5M025025@asarian-host.net> <200309190056.H8J0U35M025526@asarian-host.net> <20030919025620.GT37023@wantadilla.lemis.com> <200309190320.H8J3KL5M031529@asarian-host.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="X1bOJ3K7DJ5YkBrT" Content-Disposition: inline In-Reply-To: <200309190320.H8J3KL5M031529@asarian-host.net> User-Agent: Mutt/1.4i Organization: The FreeBSD Project Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.FreeBSD.org/ X-PGP-Fingerprint: 9A1B 8202 BCCE B846 F92F 09AC 22E6 F290 507A 4223 cc: freebsd-questions@freebsd.org Subject: Re: "May be forged"? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Sep 2003 02:39:10 -0000 --X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Friday, 19 September 2003 at 3:20:21 +0000, Mark wrote: > On Friday, September 19, 2003 2:44 AM, Mark wrote: >> >>>> Thanks to Kris I found the new sendmail. :) But a slight anomaly occurs >>>> in> 8.12.10: >>>> >>>> AUTH=server, relay=my-xp-machine.net [192.168.1.3] (may be forged), >>>> authid=admin >>>> >>>> That is odd; why would it suddenly say "may be forged"? >>> >>> Hmm, this wouldn't, by any chance, have anything to do with Verisign's >>> latest DNS crap, would it? Kinda like a preemptive caution that a "net" >>> domain might be fake? >> >> No, this is the result of a failed reverse DNS lookup or a failed >> consistency check between forward and reverse DNS. Given that the >> address is in the non-routable RFC 1918 range, this is to be expected. > > Then why does it not occur in 8.12.9? If I start my 8.12.9 sendmail, it does > NOT say "may be forged". Did something change in-between versions? It would seem so. > Here is why I think it seems related to Verisign somehow: > > asarian-host: {root} % nslookup my-xp-machine.net > Name: my-xp-machine.net > Address: 64.94.110.11 Ah. But this is an invalid domain. > Maybe 8.12.10 picks up on the IP-mismatch? But we're looking at the reverse lookup first. There's no global reverse lookup for that network, but that doesn't mean that there aren't local name servers which handle it. > But that still does not explain why my 8.12.9 sendmail does not say > "may be forged". And if I change /etc/hosts to have 192.168.1.3 > called "my-xp-machine.ORG", then the error goes away, in 8.12.10 > too! Yes, that's a feature, not a bug. Greg -- When replying to this message, please copy the original recipients. If you don't, I may ignore the reply or reply to the original recipients. For more information, see http://www.lemis.com/questions.html See complete headers for address and phone numbers --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) iD8DBQE/a7xNIubykFB6QiMRAkucAJ9iA4z7ntcJ6gHkjbUQwL8R+Un/6gCeIKlj cfMqD076Sy+NFIsY0h2hg5Q= =nlkL -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT--