Re: resolving addresses in smtpd and T-mobile addresses I login on with SSH being used

Tue, 03 Dec 2019 09:58:46 -0800 

On Tue, Dec 03, 2019 at 05:05:15PM +0000, Raf Czlonka wrote:
> 
> Hi Chris,
> 
> Is rdns anywhere in your smtpd.conf? You forgot to attach, so only
> guessing here...
> 
> Regards,
> 
> Raf

Sorry. This is for the server with the problem.
I can't guarantee that it was exactly like this, since I've been
fiddling.

Please note that are hosted here for website.
no-seas-necio.ninja
strengthcouragewisdom.rocks
capuchado.com

/etc/hosts for here
127.0.0.1       localhost
::1             localhost

162.255.139.10  no-seas-necio.ninja
162.255.139.11  bennettconstruction.us 
162.255.139.12  capuchado.com   
162.255.139.13  strengthcouragewisdom.rocks
162.255.139.14  mail.freedomforlife.rocks

--------------------------------------------------------------------

cowboyup.xyz and bennettconstruction.us are (just as of a few days ago)
using a CNAME for mail. and www.
bennettconstruction.us has not used a CNAME for years.
----------------------------------------------------
mail is on 172.107.202.138/29

/etc/hosts for there (where problem showed up)

127.0.0.1       localhost
::1             localhost

172.107.202.138 freedomforlife.rocks
172.107.202.139 mail.no-seas-necio.ninja
172.107.202.140 cowboyup.xyz
172.107.202.141 mail.strengthcouragewisdom.rocks
172.107.202.142 mail.capuchado.com

Everything signed with Let's Encrypt correctly

 pki mail.no-seas-necio.ninja         cert 
"/etc/ssl/mail.no-seas-necio.ninja.fullchain.pem"
 pki mail.no-seas-necio.ninja         key 
"/etc/ssl/private/mail.no-seas-necio.ninja.key"

 pki cowboyup.xyz                     cert "/etc/ssl/cowboyup.xyz.fullchain.pem"
 pki cowboyup.xyz                     key "/etc/ssl/private/cowboyup.xyz.key"

 pki mail.strengthcouragewisdom.rocks cert 
"/etc/ssl/mail.strengthcouragewisdom.rocks.fullchain.pem"
 pki mail.strengthcouragewisdom.rocks key 
"/etc/ssl/private/mail.strengthcouragewisdom.rocks.key"

 pki mail.capuchado.com               cert 
"/etc/ssl/mail.capuchado.com.fullchain.pem"
 pki mail.capuchado.com               key 
"/etc/ssl/private/mail.capuchado.com.key"

 filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', 
'.*\.dsl\..*' } \
     disconnect "550 no residential connections"

 filter check_rdns phase connect match !rdns \
     disconnect "550 no rDNS is so 80s"

 filter check_fcrdns phase connect match !fcrdns \
     disconnect "550 no FCrDNS is so 80s"

 filter senderscore \
     proc-exec "filter-senderscore -blockBelow 10 -junkBelow 70 -slowFactor 
5000"

filter "dkimsignNSNN" proc-exec "filter-dkimsign -d mail.no-seas-necio.ninja -s 
20191006 -k /etc/mail/dkim/mail.no-seas-necio.ninja.dkim.key" user _dkimsign 
group _dkimsign

filter "dkimsignSCWR" proc-exec "filter-dkimsign -d 
mail.strengthcouragewisdom.rocks -s 10312019scwr -k 
/etc/mail/dkim/mail.strengthcouragewisdom.rocks.dkim.key" user _dkimsign group 
_dkimsign


 table aliases      file:/etc/mail/aliases
 table addrnames    file:/etc/mail/addrnames


 action "maildir"  maildir alias <aliases>

 action "outbound" relay helo-src <addrnames>

 listen on lo0


listen on socket filter { check_dyndns, check_rdns, check_fcrdns, senderscore, 
dkimsignNSNN, dkimsignSCWR }

 listen on 172.107.202.139 hostname "no-seas-necio.ninja"         tls pki 
mail.no-seas-necio.ninja \
 filter { check_dyndns, check_rdns, check_fcrdns, senderscore, dkimsignNSNN }

 listen on 172.107.202.140 hostname "cowboyup.xyz" tls pki cowboyup.xyz \
 filter { check_dyndns, check_rdns, check_fcrdns, senderscore }
 listen on 172.107.202.141 hostname "strengthcouragewisdom.rocks" tls pki 
mail.strengthcouragewisdom.rocks \
 filter { check_dyndns, check_rdns, check_fcrdns, senderscore, dkimsignSCWR }

 listen on 172.107.202.142 hostname "capuchado.com"               tls pki 
mail.capuchado.com \
 filter { check_dyndns, check_rdns, check_fcrdns, senderscore }

 match from any   for domain "no-seas-necio.ninja"         action "maildir"
 match from any   for domain "strengthcouragewisdom.rocks" action "maildir"
 match from any   for domain "capuchado.com"               action "maildir"
 match from any   for domain "cowboyup.xyz"                action "maildir"

 match from local for any action "outbound"

table /etc/mail/addrnames (for problem server) is:

172.107.202.139 no-seas-necio.ninja
172.107.202.141 strengthcouragewisdom.rocks
172.107.202.142 capuchado.com


I can also send maillogs for here and there.
Also smtpd.conf for here too. Which I also have been fiddling with.
Obviously I need to get git on this to keep track of my changes
properly. My mistake.

Chris Bennett

Reply via email to