require_rdns bug
in [Sendmail]
|
Prev: Does anyone have an example of how to make LUSER_RELAY and preserve_luser_host work?
Next: require_rdns bug (?)
From: DJ GRP on 22 Feb 2010 05:52 Hi all, we are using compiled sendmail (latest version) under CentOS 5.4. For the last 48 hours there have been some issues with it. In particular, it started rejecting a large number of messages because it claimed they came from unresolved IPs. We are indeed using require_rdns feature. The thing is, it behaved similarly for properly resolved IPs, too. There was no DNS service interruption during the specific interval. I even tried to perform a dig and an nslookup at the same time sendmail was rejecting IP 1.2.3.4, and I got back a proper hostname. As a workaround, I restarted sendmail and the issue was gone. I would appreciate some comments and/or help on this, since I am not willing to stop using require_rdns.
From: Michael on 17 Mar 2010 21:18
"DJ GRP" <deejay.grp(a)gmail.com> wrote in message news:c0a2cd5b-9cea-43d7-945b-4b96e06ae2d4(a)q16g2000yqq.googlegroups.com... > Hi all, > we are using compiled sendmail (latest version) under CentOS 5.4. For > the last 48 hours there have been some issues with it. In particular, > it started rejecting a large number of messages because it claimed > they came from unresolved IPs. > > We are indeed using require_rdns feature. The thing is, it behaved > similarly for properly resolved IPs, too. There was no DNS service > interruption during the specific interval. I even tried to perform a > dig and an nslookup at the same time sendmail was rejecting IP > 1.2.3.4, and I got back a proper hostname. > > As a workaround, I restarted sendmail and the issue was gone. > > I would appreciate some comments and/or help on this, since I am not > willing to stop using require_rdns. If you have perl on your installation, use Net::DNSBL::MultiDaemon instead. Then you can do a standard lookup on the IP address to MutliDaemons daemon or extension on bind9 using FEATURE(`dnsbl','pseudo.dnsbl','reject message') and bypass the sendmail rdns code entirely. This module will also prioritize other DNSBL lookups so that the ones providing the most hits are queried first rather than in the order you set up in the sendmail mc file, which is very difficult to optimize since it changes over time. See example here: http://www.spamcannibal.org/dnsbl_stats.shtml the boxes in the MIDDLE of the page are stats for the month to date for our installation showing the effect of prioritization where in-addr.arpa is the zone for rDNS This page http://www.spamcannibal.org/history/2010-03-14.html shows an exemplry set of stats for 100k+ ip addresses collected last week by the San Diego computer center run against the same set of DNSBL's to give you an idea of where the overlap is in the various databases. Note that for GENERIC and MISSING ptr records, this accounts for fully 80+% of all spam IP's Michael |