Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] mail(): Received (may be forged) question



On Mon, 7 Apr 2003 12:28, Jean-Christian Imbeault wrote:
> Received: from localhost.localdomain (ns.tokyo-av-land.com
> [219.118.175.244] (may be forged))
> 	by ns.mega-bucks.co.jp (8.12.8/8.12.5) with ESMTP id h37298a7013765

> Why is the mail sent from my box marked as having a possibly forged header?

Doing some NS lookups (host or dig, doesn't matter much):

$ host ns.tokyo-avland.com
ns.tokyo-avland.com does not exist, try again

$ host 219.118.175.244
Name: ns.tokyo-av-land.com
Address: 219.118.175.244

It looks like the name isn't in the DNS, but the reverse is.

The host ns.mega-bucks.co.jp (whose reverse and forward do match) is probably 
checking the name and reverse address lookup and finding they don't match so 
it notes "may be forged".

If the zone for tokyo-avland.com had an entry for ns.tokyo-avland.com that 
ns.mega-bucks.co.jp could look up, this probably wouldn't happen.

-- Sam

-- 
--
Sam Tilders
sam@example.com

Cogito Ergo Sum - I think, therefore I am.  (Descartes)


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links