In my /etc/mail/access file, I have:
ded.swbell.net REJECT
and today, I received this spam message:
Return-Path: <meggoiwan_ik4561@check1check.com>
Received: from 65-70-26-18.ded.swbell.net (65-70-26-18.ded.swbell.net
[65.70.26.18] (may be forged))
by tethys.ringofsaturn.com (8.12.10/8.12.10) with SMTP id
i0DLtGav090378
for <WEBMASTER@SATURNCONSULTING.COM>; Tue, 13 Jan 2004 15:55:17
-0600 (CST)
(envelope-from
meggoiwan_ik4561@check1check.com)
Received: from [178.30.179.204] by 65-70-26-18.ded.swbell.net with
ESMTP id C19AC7BF8FC; Sun, 18 Jan 2004 10:56:27 +0000
Message-ID: <r$-1-5$-955$l4219@u4t0gr2us>
From: "Robyn Miller" <meggoiwan_ik4561@check1check.com>
Reply-To: "Robyn Miller" <meggoiwan_ik4561@check1check.com>
To:
WEBMASTER@SATURNCONSULTING.COM Subject: Code #674
Date: Sun, 18 Jan 04 10:56:27 GMT
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="9BD9CF_1730B..2"
X-Priority: 1
X-MSMail-Priority: High
which very much resolves correctly:
[tethys]:[4:07pm]:[/etc/mail] > host 65.70.26.18
18.26.70.65.IN-ADDR.ARPA domain name pointer
65-70-26-18.ded.swbell.net
[tethys]:[4:07pm]:[/etc/mail] >
So, why did sendmail allow this?
Also, another question I have is how to get sendmail to completely
ignore the HELO/EHLO line of what the server identifies itself as
because I just want to check the DNS of the host?
Thanks!
Rusty Nejdl
Hostmaster, Ring of Saturn