[afnog] Relay denied
Hannigan, Martin
hannigan at verisign.com
Thu Jul 14 22:09:57 EAT 2005
> -----Original Message-----
> From: afnog-bounces at afnog.org
> [mailto:afnog-bounces at afnog.org]On Behalf
> Of Brian Candler
> Sent: Thursday, July 14, 2005 2:50 PM
> To: asseym at smartvisions.net
> Cc: afnog at afnog.org
> Subject: Re: [afnog] Relay denied
>
>
> On Wed, Jul 13, 2005 at 09:38:04PM +0300,
> asseym at smartvisions.net wrote:
> > I have found out that mail can be sent easily and normally
> to any address
> > regardless of who hosts that domain with a flawless
> maillog. However when
> > mail is sent by the desktop MTAs the maillog developes
> errors like quoted
> > below---
> >
> > -----------------------------------------<quote>
> > Jul 4 12:24:22 ensim sendmail[6204]: j649OJqt006204:
> ruleset=check_rcpt,
> > arg1=<asseym at yahoo.com>, relay=[193.108.254.83], re
> > ject=550 5.7.1 <asseym at yahoo.com>... Relaying denied. IP name lookup
> > failed [193.108.254.83]
>
> There's your problem, right there.
>
> The client's IP address is 193.108.254.83. sendmail has a
> (stupid) policy
> set which says if this IP address cannot be converted to a
> hostname via a
> reverse DNS lookup, then relaying is denied.
>
> Your options are:
> 1. fix your DNS (so all your client IPs have reverse DNS, and there is
> matching forward DNS from those names back to the same IPs)
> or
> 2. fix sendmail so it doesn't have this stupid policy (unfortunately,
> sendmail configuration is a total nightmare)
> or
> 3. replace sendmail with a decent, modern MTA like exim or postfix,
> which can easily be configured with a sensible relaying policy
>
> Honestly, replacing sendmail will be considerably easier than
> trying to fix
> sendmail's config.
Also, see:
http://www.sendmail.org/~ca/email/chk-misc.html#RELAY
This should be current even though the last edit is a few years
ago.
I don't have an opinion on replacing Sendmail. I use it and it works
for me.
-M<
More information about the afnog
mailing list