Wrong DNS configuration. Which?

To: <bind9-users@isc.org>, <debian-security@lists.debian.org>
Subject: Wrong DNS configuration. Which?
From: "Romanenko M.A." <mikhail@angg.ru>
Date: Thu, 1 Mar 2001 10:59:20 +0500
Message-id: <[🔎] 021201c0a214$d1485cc0$010119ac@angg.ru>
Reply-to: "Romanenko M.A." <mikhail@angg.ru>

Someone has been failing to connect to my sendmail for several days. My syslog is full with error messages:
[...]
Mar  1 08:29:08 lee sendmail[1042]: f213T8o01042: ruleset=check_mail, arg1=<otv@tgngu.tyumen.ru>, relay=server.tgngu.tyumen.ru [194.67.48.89] (may be forged), reject=451 4.1.8 <otv@tgngu.tyumen.ru>... Domain of sender address otv@tgngu.tyumen.ru does not resolve
Mar  1 08:29:08 lee sendmail[1042]: f213T8o01042: from=<otv@tgngu.tyumen.ru>, size=272074, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=server.tgngu.tyumen.ru [194.67.48.89] (may be forged)
[...]

I'm not very experienced with bind, but  so far as I understand something's wrong with either my DNS configuration or with the other side's. I believe it isn't mine. I get a lot of mail daily without problem (for example, from this list). On the other hand when I try `dig  tgngu.tyumen.ru ANY' I don't see any A-record.

Am I right, that sendmail's check_mail rejects connection because there are no A-record for tgngu.tyumen.ru in other side DNS configuration?

Is it right address: 194.67.48.65.tyumen.ru. (I saw it in output of `dig  tgngu.tyumen.ru ANY')?

May it be someone's trying to hack me?

I use Debian Linux unstable (kernel 2.4.2, libc6 2.2.2), bind 9.1.0, sendmail 8.11.2.

Thank you Mikhail.

Reply to:

Follow-Ups:
- Re: Wrong DNS configuration. Which?
  - From: Jamie Heilman <jamie@audible.transient.net>

Next by Date: Re: Wrong DNS configuration. Which?
Next by thread: Re: Wrong DNS configuration. Which?
Index(es):
- Date
- Thread