Operating System - HP-UX
1834007 Members
1636 Online
110063 Solutions
New Discussion

Double Lookup (forward and reverse) in Sendmail

 
A Ottenheimer
New Member

Double Lookup (forward and reverse) in Sendmail

How can I configure sendmail to do a forward
DNS lookup AND a reverse DNS lookup on any incoming mail? I want to only accept
mail from sites that have their ip address match their FQDN and vice versa. For those familiar with Apache - I'd like to have something in sendmail equivalent to the "HostNameLookup double" directive that is available in Apache.

Please note this is not a RELAY question. The
server is not an open relay and I'm not having problems with that. I mention this in advance since I looked for similar questions on this forum and have only seen replies recommending orbs(dnsbl), access_db, require one lookup.... I've already got all that setup. I'm just having too much regular mail from spammers who spoof their reverse DNS lookup.

Thanks in advance!

A
3 REPLIES 3
U.SivaKumar_2
Honored Contributor

Re: Double Lookup (forward and reverse) in Sendmail

Hi,
modern Sendmail has got inverse lookup features
for spam prevention. Have a look at this link.

http://www.sendmail.org/~ca/email/relayingdenied.html


regards,
U.SivaKumar
Innovations are made when conventions are broken
A Ottenheimer
New Member

Re: Double Lookup (forward and reverse) in Sendmail

Thanks U.SivaKumar,

But that link didn't answer my question. It had some information about how to interpret messages with "may be forged" in the header, but in neither it nor the links around it ( Claus' site http://www.sendmail.org/~ca/ )
could I find information on how to STOP
the delivery of mail from a site with a
forged reverse lookup.

I know there are the macros {client_resolve}, {client_name}, and {client_addr} - but to date - I can't see how to use that information to block e-mail based on a failure in a "double" lookup. Its been a long time since
wrote rules for the sendmail.cf file directly. My preference would be if there were a FEATURE or equivalent for which I could use m4.

Thanks in advance,
A
Rita C Workman
Honored Contributor

Re: Double Lookup (forward and reverse) in Sendmail

I don't know that this is the answer....but looking a bit farther on Sendmail 8.10 I found this thread that uses those black lists and mentions some instructions on rejecting emails where IP's are forged.

Now it's down at the bottom of this thread...look for Multiple DNS based black lists
Sendmail 8.10
...and try checking what's suggested starting there.

http://www.sendmail.org/~ca/email/chk-810.html

Like I said...don't know if this will help, but it can't hurt,

Rgrds,
Rita