Problem with discard & access

Problem with discard & access

am 01.04.2008 13:59:01 von Sciurus

egrep "versanet.de" /etc/mail/access:
versanet.de DISCARD

/var/log/maillog
Sendmail discards the message :
Mar 31 16:34:55 apache sendmail[27466]: ruleset=check_relay,
arg1=i577BEA9A.versanet.de, arg2=87.123.234.154,
relay=i577BEA9A.versanet.de [87.123.234.154], discard

Sendmail relays the message from versanet.de to main mx
(mail.anrb.ru).
Why does it happen?
Mar 31 17:29:53 apache sendmail[906]: m2VBTlQN000906:
from=, size=6537, class=0,
nrcpts=1,msgid=<000601c89324$07af1bb4$ade32387@rxeyv>, proto=ESMTP,
daemon=MTA, relay=i59F466E9.versanet.de [89.244.102.233] (may be
forged)

The main mx has versanet.de in the blacklist. Ruleset CheckReceived
finds out versanet.de
in the Received: filed and rejects this message:
Mar 31 17:29:53 apache sendmail[921]: m2VBTlQN000906:
to=, delay=00:00:01, xdelay=00:00:00, mailer=smtp,
pri=126537, relay=mail.anrb.ru. [212.193.134.2], dsn=5.0.0,
stat=Service unavailable
Mar 31 17:29:53 apache sendmail[921]: m2VBTlQN000906: m2VBTrQN000921:
DSN: Service unavailable

Apache.anrb.ru has the same CheckReceived ruleset so it reports about
versanet.de in the bounced mail:
Mar 31 17:29:55 apache sendmail[921]: m2VBTrQN000921:
ruleset=CheckReceived, arg1=from 89.244.102.233
(i59F466E9.versanet.de [89.244.102.233] (may be forged))\n\tby
apache.anrb.ru (8.13.8/8.13.8) with ESMTP id m2VBTlQN000906\n\tfor
; Mon, 31 Mar 2008 17:29:52 +0600, relay=localhost,
reject=554 5.0.0 ... Bad domain is in the header:
versanet.de
But now versanet.de is in the message body so as I was told before it
doesn't matter for sendmail and the bounced mail is sent to sender.
Mar 31 17:29:56 apache sendmail[921]: m2VBTrQN000921:
to=, delay=00:00:03, xdelay=00:00:03,
mailer=esmtp, pri=37772, relay=smtp.purdue.edu. [128.210.5.246],
dsn=2.0.0, stat=Sent (m2VBj7Bn001071 Message accepted for delivery)

Some time later the next message from versanet.de is discarded
successfully:
Mar 31 17:51:00 apache sendmail[2973]: ruleset=check_relay,
arg1=i577B397E.versanet.de, arg2=87.123.57.126,
relay=i577B397E.versanet.de [87.123.57.126], discard
Mar 31 17:51:03 apache sendmail[2973]: m2VBp0Nn002973:
ruleset=check_mail,
arg1=,relay=i577B397E.versanet.de [87.123.57.126],
reject=554 5.0.0 ... Bad domain is in the
helo:i577B397E.versanet.de
Mar 31 17:51:04 apache sendmail[2973]: m2VBp0Nn002973:
from=, size=0, class=0, nrcpts=0,
proto=ESMTP,daemon=MTA, relay=i577B397E.versanet.de[87.123.57.126]

I see the same things with other domains have been mentioned in the
access file (tiscali.it, net.il, surfer.at, etc). Messages from these
domains are discarded but not always.
Why does it happen?

Re: Problem with discard & access

am 01.04.2008 14:26:22 von Sciurus

> Mar 31 17:29:53 apache sendmail[906]: m2VBTlQN000906: from=, size=6537, class=0,
nrcpts=1,msgid=<000601c89324$07af1bb4$ade32387@rxeyv>, proto=ESMTP,
daemon=MTA, relay=i59F466E9.versanet.de [89.244.102.233] (may be
forged)

I have noticed that in all cases domain name of relay has status "may
be forged".
It seems that discard doesn't work for "may be forged" domains?