Re: [vps-mail] Multiple domain on VPS - rDNS for mail doesn't match mail server

[Harrison Hind <hhind@xxxxxxxxxxxxx>]

comments inline:

On Thu, Jan 22, 2004 at 06:01:08PM +0100, Marjolein Katsma wrote:
> At 17:31 2004-01-22, you wrote:
> >On Thu, Jan 22, 2004 at 04:35:05PM +0100, Marjolein Katsma wrote:
> > > The server actually services three domains; main domain javawoman.com, 
> > with
> > > two more, all serviced by the
> > > same email server (sendmail) at the same IP address (additional domains 
> > set
> > > up as virtual domains in sendmail config).
> > >
> > > Is there some way I can adapt the sendmail configuration so that for each
> > > of the domains it reports the correct mail server host name? Or something
> > > else I can do to correct this?
> >
> >   No.
> >   Understanding how the protocol works behind the scenes helps to explain
> >why.  There is a definite format to the conversation -- sort of like a
> >scripted telephone call.  When a mail program runs, it listens for
> >connections on a specified ip/port  (comparable to your phone number).  When
> >it receives a connection, it has access only to the ip from which it
> >comes (sort of like caller-id)  The first thing the smtp protocol requires is
> >that the answering server announces who it is.  (Hello, this is the Hind
> >residence).
> 
> Right - I *do* understand that.

With all due respect, I must disagree with the above statement.  As evidence,
I reference the statement below...

> But when someone sends mail to anaddress@xxxxxxxxxx the mail server says 
> it's javawoman.com.

  That is because the mail server IS javawoman.com.  It does not know at 
this point that the person on the other end is sending mail to hshelp.com.

> DNS has an MX record for hshelp.com, hshelp.com resolves to an IP - but the 
> rDNS for that IP is javawoman.com.

  According to DNS, hshelp.com DOES NOT have an MX record.  Instead it has an 
A record with an IP that is identical to javawoman.com.  That is not 
necessarily a problem.  I do agree with you that the reverse DNS for that 
shared IP is javawoman.com.

> This non-match is the problem.
> 
> >At this point you have no idea who the email is for, or who is
> >actually sending it. It is only later in the conversation that the sender and
> >recipient (including recipient domain) are identified.  So how can you know
> >what name to use when you answer.
> 
> It should be, I think, the domain name of the mail server the sender is 
> connecting to. Which would be hshelp.com, not javawoman.com.

  The server that the sender is connecting to IS javawoman.com.  It also is 
hshelp.com.  

> >(Now admittedly, when I answer the phone,
> >and the caller-id shows that it is one of my wife's friends, I sometimes
> >answer with "Hello, this is Callie's house") But I don't think that sendmail
> >is configurable to answer differently based on incoming IPs, and furthermore
> >it wouldn't be very practical...
> 
> Incoming IPs aren't relevant here. Sender connects to mail server for 
> hshelp.com, which identifies itself as javawoman.com.

  The server that the sender is connecting to IS 161.58.218.44, and 
identifies itself as javawoman.com.  Bennett offers some suggestions for 
changing the greeting to not list any name.  But I stand by my point that it
is not possible to configure it to answer different names based on who the 
sender thinks they are connecting to.  If you don't like that plain fact then 
put each mail server on its own IP.

> Many ISPs are blocking mail from mail servers with such incorrect rDNS data.

  This is totally unrelated to the issue under discussion (incoming mail).  



Harrison.

======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).