relaying denied

olga at urbantimes.net olga at urbantimes.net
Wed Jun 23 21:14:18 UTC 2004 

Alexander,

It's not that I was complaining (which I am NOT); I just wanted to
understand why it is going on and whether Sendmail on both servers works
like it is supposed to.
Thank you for your explanation. I would prefer not to send the real
ips/domain names if I could. What was strange to me is that I do not get
such 'relaying denied' messages for other domains -- only for those that
are on Y as far as I can tell.

Olga

> Am Mi, den 23.06.2004 schrieb olga at urbantimes.net um 22:29:
>
>> I just have a question about the log messages I am receiving. Here's the
>> explanation of my setup.
>>
>> We used to have two servers: X and Y. We had Sendmail running only on
>> one
>> of them (X). Last month we completely wiped everything and changed the
>> setup of what is running on each server. Now we have Sendmail running on
>> both servers. Most of the virtual domains/websites that USED to be on X
>> are NOW on Y. The mail works fine on both servers. Users on Y are
>> receiving mail perfectly. However, I am getting a LOT of 'relaying
>> denied'
>> and 'relaying temporarily disabled' on the X server for the domains that
>> are currently on Y.
>>
>> I have checked the zone information for each of the domains on Y and
>> they
>> have MX records listed correctly -- mail should first go to Y, then to
>> X.
>>              MX   10 Y.ns1.com
>>              MX   15 X.ns2.com
>>
>> So my question is: if mail is received on Y why am is it still trying be
>> relayed though X for the domains that are on Y?
>
> Because that is SPAMmers behaviour to use a lower priority MX directly,
> because such hosts are often less secured and managed as the primary MX.
>
>> Here's a snippet of my log messages from /var/log/maillog:
>
> 1. example:
>
>> Jun 20 04:06:17 sendmail[30589]: i5K968bv030589: ruleset=check_rcpt,
>> arg1=<valeria at zzz.net>, relay=[61.51.250.44], reject=550 5.7.1
>> <valeria at zzz.net>... Relaying denied. IP name lookup failed
>> [61.51.250.44]
>> Jun 20 04:06:19 sendmail[30589]: i5K968bv030589: lost input channel from
>> [61.51.250.44] to MTA after rcpt
>> Jun 20 04:06:19 sendmail[30589]: i5K968bv030589:
>> from=<Carolyhcd at panda.com>, size=0, class=0, nrcpts=0, proto=SMTP,
>> daemon=MTA, relay=[61.51.250.44]
>
> The mail is rejected because it does not resolve. About what do you
> complain? If it resolves on a different host, then you have a self made
> problem with not proper working DNS.
>
> 2. example (incomplete):
>
>> Jun 20 04:09:39 sendmail[30590]: i5K99b9w030590: ruleset=check_rcpt,
>> arg1=<webmaster at site.net>, relay=YahooBB219007126054.bbtec.net
>> [219.7.126.54], reject=550 5.7.1 <webmaster at site.net>... Relaying
>> denied.
>> Proper authentication required.
>> Jun 20 04:09:39 sendmail[30590]: i5K99b9w030590:  reject=550 5.7.1
>
> Attempt to send to a not local domain. Proper action by Sendmail. If
> site.net is now on your server Y then the sender misbehaves. Very
> certainly just a SPAMmer.
>
>> And others:
>> Relaying denied. IP name lookup failed [220.89.226.158]
>
> Why do you think this is not ok?
>
>> Relaying denied. IP name possibly forged [65.91.92.64]
>
> The reason is different, "possibly forged" does not imply rejection.
>
>> Relaying denied. IP name lookup failed [219.248.33.52]
>
> See above.
>
>> And from the log file sent to root:
>> Relaying denied:
>> >From [actual ip address here] to radium at mysite.net: 1 Times(s)
>> >From [actual ip address here] to alex at mysite.net: 1 Times(s)
>
> No reason given. Who shell judge then?
>
>> Anything I can do about those messages? Each day I get about 200 or so
>> of
>> these in root mail. (I have changed some sensitive info in the examples
>> that I provided, but the gist of it should be there.)
>> Thank you.
>>
>> Olga
>
> Conclusion: either you show real log entries where proper mail is
> rejected where it should have been accepted or take all examples from
> above as SPAM attempts.
>
> You may have a look at
>
> http://www.sendmail.org/~ca/email/relayingdenied.html
>
> Alexander
>
>
> --
> Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
> Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435
> Serendipity 22:43:02 up 21:21, 8 users, 1.03, 1.27, 1.26
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>

More information about the fedora-list mailing list