--- Jim Scott <jscott (at mark) infoconex.com> wrote:
>
> >>
> >> > Return-Path: <rebecka.davie (at mark) mayr-glatzl.at>
> >> > Received: from 63-138-182-110.customer.static.ip.paetec.net
> >> > (63-138-182-110.customer.static.ip.paetec.net [63.138.182.110] (may
> be
> >> > forged))
> >> > by [my server] (8.13.1/8.13.1) with ESMTP id m55EcXDE022327
> >> > for <me (at mark) example.com>; Thu, 5 Jun 2008 09:38:37 -0500
> >>
>
> Ok I think I have your answer. The IP address 63.138.182.110 has a
> reverse
> DNS entry of 63-138-182-110.customer.static.ip.paetec.net
>
> However if you do a A lookup on
> 63-138-182-110.customer.static.ip.paetec.net
> it does not resolve to anything. When that happens sendmail writes out
> (may
> be forged) and at that point will not use the DNS information in
> determining
> if it should block but instead will use only the IP address.
That is not how it ever worked on the RaQ4. Since 63.138.182.110 correctly
resolves to 63-138-182-110.customer.static.ip.paetec.net the server would
use that in checking access. In the many years I had my RaQ4 with
customer.static.ip.paetec.net REJECT
in the access list, I never once got a piece of spam from that or anything
else listed in access as long what the IP resolved to was listed. The (may
be forged) didn't affect that and was only tossed in as a warning.
I'm wondering if it was some kind of invisible error in my copy of access.
Since now I'm seeing plenty of rejections for *.retail.telecomitalia.it
which was one that was getting through before. I rewrote that line.
>
> This makes sense since I can set my reverse DNS if I own the IP block to
> anything I want.
>
> Here is a reference that talks about (may be forged ) and how if it fails
> it
> will ignore DNS and only use IP information.
>
> http://www.sendmail.org/~ca/email/relayingdenied.html#MSGFORGED
>
I think that only relates to relaying email, not accepting it.
--
Dan Kriwitsky