Alexander, It's not that I was complaining (which I am NOT); I just wanted to understand why it is going on and whether Sendmail on both servers works like it is supposed to. Thank you for your explanation. I would prefer not to send the real ips/domain names if I could. What was strange to me is that I do not get such 'relaying denied' messages for other domains -- only for those that are on Y as far as I can tell. Olga > Am Mi, den 23.06.2004 schrieb olga@xxxxxxxxxxxxxx um 22:29: > >> I just have a question about the log messages I am receiving. Here's the >> explanation of my setup. >> >> We used to have two servers: X and Y. We had Sendmail running only on >> one >> of them (X). Last month we completely wiped everything and changed the >> setup of what is running on each server. Now we have Sendmail running on >> both servers. Most of the virtual domains/websites that USED to be on X >> are NOW on Y. The mail works fine on both servers. Users on Y are >> receiving mail perfectly. However, I am getting a LOT of 'relaying >> denied' >> and 'relaying temporarily disabled' on the X server for the domains that >> are currently on Y. >> >> I have checked the zone information for each of the domains on Y and >> they >> have MX records listed correctly -- mail should first go to Y, then to >> X. >> MX 10 Y.ns1.com >> MX 15 X.ns2.com >> >> So my question is: if mail is received on Y why am is it still trying be >> relayed though X for the domains that are on Y? > > Because that is SPAMmers behaviour to use a lower priority MX directly, > because such hosts are often less secured and managed as the primary MX. > >> Here's a snippet of my log messages from /var/log/maillog: > > 1. example: > >> Jun 20 04:06:17 sendmail[30589]: i5K968bv030589: ruleset=check_rcpt, >> arg1=<valeria@xxxxxxx>, relay=[61.51.250.44], reject=550 5.7.1 >> <valeria@xxxxxxx>... Relaying denied. IP name lookup failed >> [61.51.250.44] >> Jun 20 04:06:19 sendmail[30589]: i5K968bv030589: lost input channel from >> [61.51.250.44] to MTA after rcpt >> Jun 20 04:06:19 sendmail[30589]: i5K968bv030589: >> from=<Carolyhcd@xxxxxxxxx>, size=0, class=0, nrcpts=0, proto=SMTP, >> daemon=MTA, relay=[61.51.250.44] > > The mail is rejected because it does not resolve. About what do you > complain? If it resolves on a different host, then you have a self made > problem with not proper working DNS. > > 2. example (incomplete): > >> Jun 20 04:09:39 sendmail[30590]: i5K99b9w030590: ruleset=check_rcpt, >> arg1=<webmaster@xxxxxxxx>, relay=YahooBB219007126054.bbtec.net >> [219.7.126.54], reject=550 5.7.1 <webmaster@xxxxxxxx>... Relaying >> denied. >> Proper authentication required. >> Jun 20 04:09:39 sendmail[30590]: i5K99b9w030590: reject=550 5.7.1 > > Attempt to send to a not local domain. Proper action by Sendmail. If > site.net is now on your server Y then the sender misbehaves. Very > certainly just a SPAMmer. > >> And others: >> Relaying denied. IP name lookup failed [220.89.226.158] > > Why do you think this is not ok? > >> Relaying denied. IP name possibly forged [65.91.92.64] > > The reason is different, "possibly forged" does not imply rejection. > >> Relaying denied. IP name lookup failed [219.248.33.52] > > See above. > >> And from the log file sent to root: >> Relaying denied: >> >From [actual ip address here] to radium@xxxxxxxxxx: 1 Times(s) >> >From [actual ip address here] to alex@xxxxxxxxxx: 1 Times(s) > > No reason given. Who shell judge then? > >> Anything I can do about those messages? Each day I get about 200 or so >> of >> these in root mail. (I have changed some sensitive info in the examples >> that I provided, but the gist of it should be there.) >> Thank you. >> >> Olga > > Conclusion: either you show real log entries where proper mail is > rejected where it should have been accepted or take all examples from > above as SPAM attempts. > > You may have a look at > > http://www.sendmail.org/~ca/email/relayingdenied.html > > Alexander > > > -- > Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 > Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435 > Serendipity 22:43:02 up 21:21, 8 users, 1.03, 1.27, 1.26 > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
