--
[ Picked text/plain from multipart/alternative ]
Philip Hazel wrote:
>On Thu, 8 Aug 2002, Russell Wilton wrote:
>
>> Looking in the reject log on the internal machine (B) I find many
>>messages where "Sender verify failed" or "host lookup did not complete".
>> My question is : Why am I seeing these on the internal machine? Why
>>didn't the DMZ machine (A) reject them? A "host" or "nslookup" command
>>on both machines produces the same result: it does not find the rejected
>>host. Any ideas greatly appreciated. Thanks.
>>
>
>Try using the -bv option on host (A) to see why it verifies these
>addresses. Use with -d to get detailed debugging information. Or use the
>-bh option on host (A) to simulate an incoming connection, also get get
>debugging information.
>
Thanks for your help. It seems I had neglected to put a
"no_verify_sender" command on the "accept" router that I use to route
thinks to spamassassin on the machine in my DMZ. It was accepting
everything, so the "require verify = sender" in the ACL was basically a
noop. Thanks again for the pointers.
Russ
--
Russell D. Wilton E Mail: WILTON@???
Network Services Manager Voice: (403) 329-2525
University of Lethbridge FAX: (403) 382-7108
4401 University Drive Lethbridge, Alberta, CANADA T1K 3M4
--
