info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
sendmail putting mails to non-existing hosts into local accounts
18 views
Skip to first unread message
insad
Apr 26, 2015, 1:28:53 PM4/26/15
to
Sorry for crossposting (put it also on Stackoverflow, but no responses there):
On a linux server ("myserver.com"), I have local users, e.g. users "john" and "mary".
User "john" - through his mail client and authenticating correctly on his account "jo...@myserver.com" - sends an email to "ma...@bogus-non-existing-host.com".
Sendmail instead of rejecting the email, puts the same in the mailbox of local user "mary" (i.e., Sendmail rewrites "ma...@bogus-non-existing-host.com" as "ma...@myserver.com", instead of throwing an error).
Some configuration in Sendmail to prevent this behaviour?
On a linux server ("myserver.com"), I have local users, e.g. users "john" and "mary".
User "john" - through his mail client and authenticating correctly on his account "jo...@myserver.com" - sends an email to "ma...@bogus-non-existing-host.com".
Sendmail instead of rejecting the email, puts the same in the mailbox of local user "mary" (i.e., Sendmail rewrites "ma...@bogus-non-existing-host.com" as "ma...@myserver.com", instead of throwing an error).
Some configuration in Sendmail to prevent this behaviour?
Andrzej Adam Filip
Apr 26, 2015, 1:36:41 PM4/26/15
to
Could you post results produced by the test command below to exclude other
possible causes?
echo '3,0 ma...@bogus-non-existing-host.com' | sendmail -bt
echo '3,0 ma...@bogus-non-existing-host.com' | sendmail -bt -d8.20
-d8.20 - trace DNS queries
--
[Andrew] Andrzej A. Filip - https://www.linkedin.com/in/andfil
insad
Apr 26, 2015, 1:54:27 PM4/26/15
to
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> canonify input: alberto @ bogus-non-existing-host . com
Canonify2 input: alberto < @ bogus-non-existing-host . com >
dns_getcanonname(bogus-non-existing-host.com, trymx=1)
dns_getcanonname: trying bogus-non-existing-host.com. (A)
NO: errno=0, h_errno=1
dns_getcanonname: trying bogus-non-existing-host.com.mediatrend2.nl (A)
YES
dns_getcanonname: trying mediatrend2.nl. (A)
YES
dns_getcanonname: mediatrend2.nl
Canonify2 returns: alberto < @ mediatrend2 . nl . >
canonify returns: alberto < @ mediatrend2 . nl . >
parse input: alberto < @ mediatrend2 . nl . >
Parse0 input: alberto < @ mediatrend2 . nl . >
Parse0 returns: alberto < @ mediatrend2 . nl . >
ParseLocal input: alberto < @ mediatrend2 . nl . >
ParseLocal returns: alberto < @ mediatrend2 . nl . >
Parse1 input: alberto < @ mediatrend2 . nl . >
Parse1 returns: $# local $: alberto
parse returns: $# local $: alberto
insad
Apr 26, 2015, 2:01:02 PM4/26/15
to
On Sunday, April 26, 2015 at 6:36:41 PM UTC+1, Andrzej Adam Filip wrote:
Andrzej Adam Filip
Apr 26, 2015, 2:27:51 PM4/26/15
to
insad <alb...@gmail.com> wrote:
> correctly. Really no big need for the wildcard record there (only to
> disguise for hackers some URL's we use internally). Thanks very much
> for your support!
I think you may reconfigure sendmail to make it "survive" wildcard CNAME.
[I no longer use sendmail myself. Refreshing this area of "sendmail logic"
would take too much time. I prefer to avoid sending guesses as fixes.]
> On Sunday, April 26, 2015 at 7:01:02 PM UTC+1, insad wrote:
>> On Sunday, April 26, 2015 at 6:36:41 PM UTC+1, Andrzej Adam Filip wrote:
>> > insad <alb...@gmail.com> wrote:
>> > > Sorry for crossposting (put it also on Stackoverflow, but no responses there):
>> > >
>> > > On a linux server ("myserver.com"), I have local users, e.g. users "john" and "mary".
>> > >
>> > > User "john" - through his mail client and authenticating correctly on
>> > > his account "jo...@myserver.com" - sends an email to
>> > > "ma...@bogus-non-existing-host.com".
>> > >
>> > > Sendmail instead of rejecting the email, puts the same in the mailbox
>> > > of local user "mary" (i.e., Sendmail rewrites
>> > > "ma...@bogus-non-existing-host.com" as "ma...@myserver.com", instead of
>> > > throwing an error).
>> > >
>> > > Some configuration in Sendmail to prevent this behaviour?
>> >
>> > Most likely it is caused by wilcard DNS record in your DNS domains.
>> >
>> > Could you post results produced by the test command below to exclude other
>> > possible causes?
>> >
>> > echo '3,0 ma...@bogus-non-existing-host.com' | sendmail -bt
>> > echo '3,0 ma...@bogus-non-existing-host.com' | sendmail -bt -d8.20
>> >
>> > -d8.20 - trace DNS queries
>>
>> On Sunday, April 26, 2015 at 6:36:41 PM UTC+1, Andrzej Adam Filip wrote:
>> > insad <alb...@gmail.com> wrote:
>> > > Sorry for crossposting (put it also on Stackoverflow, but no responses there):
>> > >
>> > > On a linux server ("myserver.com"), I have local users, e.g. users "john" and "mary".
>> > >
>> > > User "john" - through his mail client and authenticating correctly on
>> > > his account "jo...@myserver.com" - sends an email to
>> > > "ma...@bogus-non-existing-host.com".
>> > >
>> > > Sendmail instead of rejecting the email, puts the same in the mailbox
>> > > of local user "mary" (i.e., Sendmail rewrites
>> > > "ma...@bogus-non-existing-host.com" as "ma...@myserver.com", instead of
>> > > throwing an error).
>> > >
>> > > Some configuration in Sendmail to prevent this behaviour?
>> >
>> > Most likely it is caused by wilcard DNS record in your DNS domains.
>> >
>> > Could you post results produced by the test command below to exclude other
>> > possible causes?
>> >
>> > echo '3,0 ma...@bogus-non-existing-host.com' | sendmail -bt
>> > echo '3,0 ma...@bogus-non-existing-host.com' | sendmail -bt -d8.20
>> >
>> > -d8.20 - trace DNS queries
>>
>> And yes we have a CNAME wildcard record in the DNS settings. Something that can be done at the Sendmail config level?
>
> Well I removed the CNAME wildcard, and now things work
>
> correctly. Really no big need for the wildcard record there (only to
> disguise for hackers some URL's we use internally). Thanks very much
> for your support!
I think you may reconfigure sendmail to make it "survive" wildcard CNAME.
[I no longer use sendmail myself. Refreshing this area of "sendmail logic"
would take too much time. I prefer to avoid sending guesses as fixes.]
insad
Apr 26, 2015, 2:19:25 PM4/26/15
to
On Sunday, April 26, 2015 at 7:01:02 PM UTC+1, insad wrote:
0 new messages