# Weird sendmail behaviour



## Zare (Mar 1, 2012)

This is not FreeBSD related since this particular sendmail is running on RHEL, but I'm curious if someone can shed some light on this issue...

Some users started complaining they can't send mails via webmail. They were rejected by SMTP with "possible IP forged" message. Sendmail somehow wrongly reverse-resolves webmail machine. DNS is all right, all PTR's are correct and in place, and issuing the *host* command on the SMTP server resolves like it should, both forward and in reverse. nscd is caching but has been restarted, issue still there.

But the funniest thing is, it's account based. With one account I can send through webmail, and in logs I have correct reverse-resolve hostname. With other account, from same machine, I get the above scenario.

I have bypassed the problem by using additional RFC1918 network route between webmail host and sendmail machine. However I'm curious about this. First, shouldn't sendmail use gethostbyaddr() for reverse resolving, how does it yield different results? DNS client stuff, eg. resolv.conf, hosts file, etc. is correct. It's not something left in cache because I've restarted both sendmail and nscd several times.

Does anyone know how exactly check_rcpt sendmail mechanism operates, eg. how it does its DNS resolving stuff?


----------



## DutchDaemon (Mar 1, 2012)

Are the PTR and A record in agreement? Are there multiple records of either?


----------



## Zare (Mar 2, 2012)

Yes, and no.


----------

