[Mimedefang] RE: Sendmail config question

Thu Dec 27 12:35:03 EST 2007

On Thu, 27 Dec 2007, WBrown at e1b.org wrote:

> ------------------------------
> Date: Wed, 26 Dec 2007 15:56:36 -0500
>
> I am trying to set up a mail relay for internal use but I do not want it
> to check reverse DNS for PTR records.  Firewall will prevent outside
> systems from connecting to it.  Searching the web, I find lots of sites
> telling me how to enable rDNS, but later versions do it by default.  I
> need to turn it off.

     As Rob MacGregor said, the "Require Reverse DNS" FEATURE is not active 
unless specifically enabled in sendmail.mc, like so:

---- Cut Here ----
dnl # New feature in v8.14.0
dnl # Require connecting host to have a valid rDNS entry (PTR record)
dnl #   Check is performed at connect-time (check_relay), after
dnl #   access map is consulted
dnl # Does not validate PTR entry or compare it against the A record, nor
dnl #   insure the PTR matches the HELO from the host
FEATURE(`require_rdns')dnl
---- Cut Here ----

     Note that it is only available in sendmail v8.14.0 and later. If you 
have an earlier version of sendmail, it is not included.

     Similarly, the "Detect Bad MX Record" FEATURE (introduced in the same 
version) is not active unless specifically enabled:

---- Cut Here ----
dnl # New feature in v8.14.0
dnl # During RCPT TO;, takes Domain portion of Envelope Sender and
dnl #   checks DNS for a corresponding MX record
dnl # Will strip down to domain.tld before giving up
dnl # Requires an MX record to exist, will not look for A record
dnl # Does not insure match with HELO
FEATURE(`badmx')dnl
---- Cut Here ----

    Note that sendmail will use IDENT (RFC 1413) by default. In your 
environment, it sounds like that should probably be turned off:

---- Cut Here ----
dnl # Sendmail, Chap 24.9.109.13, Page 1065
dnl # Disable IDENT (RFC 1413) calls/turn off sending user-host 
dnl #    verification
define(`confTO_IDENT',`0')dnl
---- Cut Here ----

Dirk