OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: /etc/hosts.deny, SMTP and user bellyaching
From: David D.W. Downey (david.downeyCODECASTLE.COM)
Date: Fri Oct 06 2000 - 21:05:57 CDT

I would suggest the SMTP:ALL. What appears to be hapopening is that the
email server is trying to resolve the name back to the specific host. This
is exactly the behaviour it is supposed to be doing since you specified
PARANOID (make sure the name resolves back to what itstates it's hostname
is.) Try theSMTP:ALL.

On Fri, 6 Oct 2000, Don Felgar wrote:

> Anyone have practical advise on allowing mail to be delivered from
> mis-configured hosts? People often try to send email to my users, only to
> be rebuked as follows (from daemon.log):
>
> Oct 1 11:51:05 ns tcplogd: smtp connection attempt from
> 200-221-72-147.dsl-sp.uol.com.br [200.221.72.147]
> Oct 1 11:51:06 ns in.smtpd[8612]: warning: /etc/hosts.deny, line 15:
> can't verify hostname: gethostbyname(200-221-72-147.dsl-sp.uol.com.br)
> failed
>
> my /etc/hosts.deny line 15 reads "ALL:PARANOID", provided by Debian. I've
> sent email to some of these hosts and gotten problems fixed. I've added
> SMTP:host entries in /etc/hosts.allow, but the problem doesn't seem to be
> going away. I'm hoping there's a better way which is not appreciably less
> secure. Should I add SMTP:ALL in /etc/hosts.allow? What are you all doing?
>
> Thanks in advance.
> 

--
David D.W. Downey          Red Hat Certified Engineer   |   Internet Security Specialist
KiXO Linux                 http://www.KiXOLinux.com | http://sourceforge.net/projects/kixolinux
Member OSWG, LPI           http://www.owsg.org   |   http://www.lpi.org

                   Resume: http://www.brainbench.com/transcript.jsp?pid=96113
     -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
       "Any lad can choose the mundane, but tis the explorers that are truly free in choice!"