On 4/6/06, Les Mikesell <lesmikesell@xxxxxxxxx> wrote: > On Thu, 2006-04-06 at 08:21, Bob Brennan wrote: > > On 4/6/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote: > > > Bob Brennan wrote: > > > > On 4/6/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote: > > > >> Somebody has probably changed a DNS entry for theFamily.net so that > > > >> instead of or as well as A/MX records, there's a: > > > >> > > > >> theFamily.net. CNAME wc.funnel.revenuedirect.com.akadns.net. > > > >> > > > >> record. Sendmail properly rewrites addresses for @theFamily.net to > > > >> @wc.funnel.revenuedirect.com.akadns.net during the address > > > >> canonicalisation stage in this case. > > > >> > > > >> Paul. > > > > > > > > All of my DNS entries for all of my domains are managed at > > > > mydomain.com (literally) and I have checked that everything on their > > > > DNS server is correct and there are no canonical entries. The refused > > > > email is being delivered correctly to my own server, so their DNS > > > > records must be correct. > > > > > > > > However it is within my own server that things are going wrong. I do > > > > not have an active DNS server but use the "hosts" file instead. The > > > > hosts file is accurate and unchanged. > > > > > > > > As I said earlier I searched all files in /etc/ for any entries that > > > > might rewrite anything to or even contain the words > > > > wc.funnel.revenuedirect.com.akadns.net and found nothing. > > > > > > > > Is there any other information I can give or look for that might help > > > > narrow this down? Or tests I can do? Or clever magical incantation > > > > command lines I can try? > > > > > > Try DNS lookups for your domain on your machine: > > > > > > $ dig domain.xxx mx > > > $ dig theFamily.net mx > > > > > > If you gave the real domain name(s) it might help too as we can see what > > > DNS lookups from outside your network are like. > > > > > > Paul. > > > > You are correct Paul - the dig command gives: > > > > ;; ANSWER SECTION > > thebrennan.net 56879 IN CNAME wc.traffic.puredns.com. > > wc.traffic.puredns.com 23661 IN CNAME > > wc.funnel.revenuedirect.com.akadns.net. > > wc.funnel.revenuedirect.com.akadns.net. 2 IN A 69.25.47.165 > > wc.funnel.revenuedirect.com.akadns.net. 2 IN A 66.150.161.58 > > > > with similar results for other domains on my server such as > > mi-server.net. Any ideas as to how to correct this and how it > > happened? > > It is fairly common for ISPs to manage customer domains as > CNAMES into their own namespaces. Note that your inbound > email follows the MX record instead: > > ;; QUESTION SECTION: > ;thebrennan.net. IN MX > > ;; ANSWER SECTION: > thebrennan.net. 2400 IN MX 0 mail.mi-server.net. > thebrennan.net. 2400 IN MX 10 mx1.sitelutions.com. > thebrennan.net. 2400 IN MX 20 mx2.sitelutions.com. > > On outbound mail, sendmail normally reverse-resolves its > interface address to find it's own name. You can override > that on the inbound side by providing all the domain names > it should accept in the /etc/mail/local-host-names file > and on the outbound side by uncommenting and editing the > MASQUERADE_AS(`mydomain.com')dnl line in /etc/mail/sendmail.mc. > Both changes require a restart of sendmail to take effect. > > -- > Les Mikesell > lesmikesell@xxxxxxxxx Thanks for that Les. The mail.mi-server.net is the same IP as all of my domains, I just use it as a generic pointer in case I chop and/or change other names. Sitelutions is a mail backup service that is hopefully gathering and saving my email as we speak, well worth the $1.50/month because even though my FC3 system is fairly watertight there is no telling how, why, or for how long some lowlife has compromised Demon's nameservers. bob
