Someone has been failing to connect to my sendmail for several days. My syslog is full
with error messages:
[...]
Mar 1 08:29:08 lee sendmail[1042]: f213T8o01042: ruleset=check_mail,
arg1=<[EMAIL PROTECTED]>, relay=server.tgngu.tyumen.ru [194.67.48.89] (may be
forged), reject=451 4.1.8 <[EMAIL PROTECTED]>... Domain of sender address
[EMAIL PROTECTED] does not resolve
Mar 1 08:29:08 lee sendmail[1042]: f213T8o01042: from=<[EMAIL PROTECTED]>,
size=272074, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=server.tgngu.tyumen.ru
[194.67.48.89] (may be forged)
[...]
I'm not very experienced with bind, but so far as I understand something's wrong with
either my DNS configuration or with the other side's. I believe it isn't mine. I get a
lot of mail daily without problem (for example, from this list). On the other hand
when I try `dig tgngu.tyumen.ru ANY' I don't see any A-record.
Am I right, that sendmail's check_mail rejects connection because there are no
A-record for tgngu.tyumen.ru in other side DNS configuration?
Is it right address: 194.67.48.65.tyumen.ru. (I saw it in output of `dig
tgngu.tyumen.ru ANY')?
May it be someone's trying to hack me?
I use Debian Linux unstable (kernel 2.4.2, libc6 2.2.2), bind 9.1.0, sendmail 8.11.2.
Thank you Mikhail.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
