config error: mail loops back to me?

Matthew Seaman m.seaman at infracaninophile.co.uk
Tue May 27 13:30:33 PDT 2003 

On Tue, May 27, 2003 at 09:50:03AM -0400, phillip.smith at sympatico.ca wrote:
> 
> Hi there, hoping this is a common issue with a simple fix...
> 
> Someone is trying to use my box for a relay, which sendmail is taking care of nicely, but I keep getting 
> A) my inbox filled with messages that for some reason it's trying to deliver locally and B) these strange 
> log messages....
> 
> > May 24 22:43:37 freedom sm-mta[62410]: h4P2hbFs062410: SYSERR(root):
> fre.sg.co.nz.mydomainname.com. config error: mail loops back to me (MX problem?)
> 
> If I do an nslookup on this fre.sg.co.nz, i get the following:
> 
> Server:  tor-ns1.netcom.ca
> Address:  207.181.101.4  <-  my upstream nameserver that I use
> 
> Non-authoritative answer:
> Name:    fre.sg.co.nz.muydomainname.com
> Addresses:  209.82.123.456, 209.167.123.456
> 
> Why is my upstream returning this as my domain? I'm not clear on where the issue lies?
> 
> If you have an idea, please let me know. Also, if you could CC me it would be great, as I'm not currently 
> subscribed to the list.

Yeah --- the fre.sg.co.nz scuzzbags are always showing up in my
rejected e-mail logs.  [I mean to cast aspersions only on those that
are attaching that address to e-mails, who are not necessarily the
same people as the owners of the quite valid sg.co.nz domain]. Usually
it appears in the mail logs like this:

    May 26 18:16:50 happy-idiot-talk sm-mta[18628]: h4QHGmLQ018628: ruleset=check_mail, arg1=<bss at fre.sg.co.nz>, relay=[218.70.117.225], reject=553 5.1.8 <bss at fre.sg.co.nz>... Domain of sender address bss at fre.sg.co.nz does not exist
    May 26 18:16:50 happy-idiot-talk sm-mta[18628]: h4QHGmLQ018628: from=<bss at fre.sg.co.nz>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=[218.70.117.225]

Now, those IP numbers they're relaying through in this instance are
from somewhere in China -- probably badly configured open relays.

Anyhow, the e-mail is rejected because there's no such host as
fre.sg.co.nz in the DNS -- the default FreeBSD sendmail configuration
should do that automatically for you.  If not, then /etc/mail/access
will swiftly remove them from your perception.  (If you're not feeding
the mails from fetchmail locally into sendmail, then you're probably
using a MDA with equivalent filtering capabilities).

However, the problem you're seeing is actually to do with your local
DNS configuration, rather than anything to do with the remote senders.
Because you or your service provider have set up the DNS using
wildcard records, and because 'fre.sg.co.nz' doesn't really exist,
your providers' DNS is doing as it has been told and applying that
wild card rule.  In general, the rule on wildcards in the DNS is
*don't use them*.  They will cause you a great deal of misery.
However, I suspect that it's actually your ISP that's using the
wildcard record, and they're possibly going to be resistant to
stopping doing that on just your request.

One thing you might do is just put 'fre.sg.co.nz.muydomainname.com'
directly into your access database. Or run a local DNS and put in a
dummy zone with A and MX records for fre.sg.co.nz --- that will stop
the problems with the wildcard thing --- and then add fre.sg.co.nz
into /etc/mail/access to reject the messages.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030527/e7b648c6/attachment.bin

More information about the freebsd-questions mailing list