[lug] sendmail from cable/dhcp

Bear Giles bgiles at coyotesong.com
Wed Mar 26 00:01:28 MST 2003


Neal McBurnett wrote:
> I did have to do one thing to make this work: add my DNS name to
> my /etc/hosts file for 127.0.0.1:
> 
>  127.0.0.1       12-253-85-111.client.attbi.com lock localhost.localdomain localhost
> 
> [...]  I get bounces with this message
> 
>  451 4.1.8 Domain of sender address neal at 12-253-85-111.client.attbi.com does not resolve

It doesn't matter what you call yourself, what's important is what 
AT&T's DNS servers call you.  If you don't understand why, I'll 
forward you my mail logs "showing" that yahoo, aol, msn, etc. have 
decided to dump their expensive mail servers for cable modems and 
dialup systems.

> and it keeps trying every hour with the same error.  That started
> yesterday.

At least your mailer is well-behaved.  I'll sometimes "tail -f" my 
mail logs and see some jerk retrying every 90 seconds or so for days.

> First, I
> hadn't changed the hosts file when I got the new IP address via DHCP,
> so I was claiming to be from the wrong place.

That's actually probably not a problem, although I guess it could 
be with the strictest checking.  (E.g., if a site requires you 
provide a FQDN when you HELO and they verify that it's valid, but 
AT&T had removed it from the DNS pool....)

>  2) How do most people (e.g. Mutt users) send mail from boxes that use
>  DHCP?   Changing the /etc/hosts file is a royal pain.

Then don't.  I used my own domain name for many years, and rarely 
had problems even though there was no A record and the MX record 
pointed elsewhere.  Things aren't quite as simple now as many 
sites start strictly enforcing the protocols as an anti-spam 
measure, but it's easily worked around.  Get a domain, set up a 
free DNS account and have it point to your home box.

>  3) I've also run into at least one site that just won't take email
>  directly from a cable box, obviously for spam reasons.

Spam is becoming such a critical problem that sites can no longer 
leave it to spam filtering rules.  I'm in the camp that demands 
strict adherence to the protocols - my philosophy is that if you 
don't provide me sufficient information to contact you if there's 
a delivery problem, then there's no possibility of true 
communications and I'm utterly uninterested in anything you have 
to say.  That knocks out a lot of one-off spam, but it can also 
knock out a lot of legitimate traffic from virtual sites sharing 
IP addresses with others.  (Or sites that have their own IP 
address, but not all DNS servers agree on who's sitting on them.) 
It requires a lot of hand-holding to identify these sites and add 
manual exceptions for them.

Larger sites don't have that option, and they'll just refuse mail 
from any dialup or cable modem address.

This is probably going to get a lot worse before it gets better. 
I don't see any real solutions until we have bounties on open 
relays and impersonating systems and real enforcement options.




More information about the LUG mailing list