Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 12-05-2012, 04:37 PM   #1
LQ Newbie
Registered: Apr 2011
Posts: 8

Rep: Reputation: 0
Qmail relaying. 421 Refused. You have no reverse DNS entry. UPDATE: Spamdyke, bypass rdns by ip?

I am trying desperately to set up my Qmail server so that my web servers can relay mail through it. Unfortunately, when the web server tries to send mail to the qmail server, it responds with "421 Refused. You have no reverse DNS entry."

I know that I do have a Reverse DNS entry for the public IP Address of the mail server, but this seems to be an entirely different animal altogether. It seems that the Qmail server is trying to look up rDNS of the web server so that it can prevent spam or whatever. Trouble is, I'm routing this mail on an internal network, so the IP won't match its public IP even if I added such a record.

I'm pulling my hair out trying to figure out how to disable this. I've tried disabling rDNS checks on port 25 by adding -H to the tcpserver command in /var/qmail/supervise/smtp/run but nothing changes.

I tried adding a line in /etc/tcprules.d/tcp.smtp to allow relaying from my internal IP. I even tried adding RBLSMTPD="" to those lines. Nothing.

I'm at a loss.


Last edited by seismicmike; 12-06-2012 at 07:56 AM.
Old 12-06-2012, 07:52 AM   #2
LQ Newbie
Registered: Apr 2011
Posts: 8

Original Poster
Rep: Reputation: 0
I've made some significant progress since I first posted this. Browsing through the log file again, I finally noticed the following:

@4000000050bfc4180fc8562c spamdyke[28133]: DENIED_RDNS_MISSING from: to: origin_ip: origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty)

This put me on to spamdyke. I was then able to temporarily restore E-mail relaying by disabling the "reject-empty-dns" option. After doing this, most messages worked, but some others were being denied due to not having an MX record. This prompted me to disable the "reject-missing-sender-mx" option.

I don't like just having these options disabled as this leaves me vulnerable to spam from incoming messages. Are there any ways to configure spamdyke to completely bypass the rdns look up and the mx lookup on ip addresses that I specify? There are options in here like "ip-in-rdns-keyword-whitelist-file", but as far as I can tell, that's for whitelisting the result of the rDNS look up after you get it (i.e., considering the message as ham because it comes from a known good sender and bypassing all of the spam checks that come later).

These IPs don't have rDNS entries because they're internal, so I want spamdyke to completely skip looking up the rdns and mx records for them, but only them so that it will continue to look for rDNS and MX if the message came from outside.



Last edited by seismicmike; 12-06-2012 at 07:57 AM.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Reverse DNS entry ZAMO Linux - Networking 1 10-19-2010 01:48 PM
Qmail Toaster relaying lima25 Linux - Server 2 02-24-2010 11:54 AM
reverse lookup entry in DNS configuration using BIND bzlaskar Linux - Server 1 05-14-2007 03:49 PM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:17 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration