From: Bratyakin Sergey <sergey@zorya.com.ua>
To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
Subject: Re: [Sysadmins] Postfix in chroot can't resolv client name in ALT Server 4.0.1
Date: Wed, 19 Mar 2008 12:02:33 +0200
Message-ID: <47E0E4B9.9050100@zorya.com.ua> (raw)
In-Reply-To: <m3fxun3wk6.fsf@vvk.distance.ru>
Vladimir V. Kamarzin пишет:
>>>>>> On 19 Mar 2008 at 12:05 "BS" == Bratyakin Sergey writes:
>
> BS> К тому же если выполнить
> BS> tcpdump -i lo port 53 -n
> BS> То результат
> BS> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> BS> listening on lo, link-type EN10MB (Ethernet), capture size 96 bytes
> BS> 08:51:48.457040 IP 127.0.0.1.57509 > 127.0.0.1.domain: 56897+ A?
> BS> 45.28.177.205.list.dsbl.org. (45)
> BS> 08:51:48.550444 IP 127.0.0.1.domain > 127.0.0.1.57509: 56897 NXDomain
> BS> 0/1/0 (97)
> BS> 08:51:48.550536 IP 127.0.0.1.57509 > 127.0.0.1.domain: 23072+ A?
> BS> 45.28.177.205.cbl.abuseat.org. (47)
> BS> 08:51:48.617295 IP 127.0.0.1.domain > 127.0.0.1.57509: 23072 NXDomain
> BS> 0/1/0 (95)
> BS> 08:51:48.617399 IP 127.0.0.1.57509 > 127.0.0.1.domain: 43711+ A?
> BS> 45.28.177.205.sbl.spamhaus.org. (48)
> BS> То есть rbl проверки выполняет, а вот не разрешаются имена клиентов по IP
>
> Т.е. в tcpdump-е не видно даже попыток разрезолвить PTR-записи для хостов?
>
Верно!
Вот фрагмент если postfix не chrooted то есть запросы PTR
11:56:18.286918 IP 127.0.0.1.58500 > 127.0.0.1.domain: 34467+ A?
cp592628-b.venlo1.lb.home.nl. (46)
11:56:18.295411 IP 127.0.0.1.58501 > 127.0.0.1.domain: 47385+ PTR?
152.92.29.84.in-addr.arpa. (43)
11:56:18.295593 IP 127.0.0.1.domain > 127.0.0.1.58501: 47385 1/4/0 (157)
11:56:18.295726 IP 127.0.0.1.58501 > 127.0.0.1.domain: 46146+ A?
cp592628-b.venlo1.lb.home.nl. (46)
11:56:18.315356 IP 127.0.0.1.domain > 127.0.0.1.58500: 34467 1/4/4 (198)
11:56:18.315451 IP 127.0.0.1.domain > 127.0.0.1.58501: 46146 1/4/4 (198)
11:56:19.197018 IP 127.0.0.1.58501 > 127.0.0.1.domain: 3544+ PTR?
241.228.200.88.in-addr.arpa. (45)
Перевожу в chroot и все - отсутствуют попытки разрезолвить PTR-записи
для хостов.
У кого то хоть работает в ALT Server 4.0.1?
next prev parent reply other threads:[~2008-03-19 10:02 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-19 5:57 Bratyakin Sergey
2008-03-19 6:16 ` Vladimir V. Kamarzin
2008-03-19 7:05 ` Bratyakin Sergey
2008-03-19 9:14 ` Vladimir V. Kamarzin
2008-03-19 10:02 ` Bratyakin Sergey [this message]
2008-03-19 7:14 ` Bratyakin Sergey
2008-03-19 10:07 ` Dmitry V. Levin
2008-03-19 10:21 ` Bratyakin Sergey
2008-03-19 10:26 ` Dmitry V. Levin
2008-03-19 10:55 ` Bratyakin Sergey
2008-03-19 11:28 ` Vladimir V. Kamarzin
2008-03-19 12:15 ` Bratyakin Sergey
2008-03-20 5:44 ` Bratyakin Sergey
2008-03-20 5:53 ` Dmitry V. Levin
2008-03-20 6:25 ` Bratyakin Sergey
2008-03-20 6:32 ` Peter Evdokimov
2008-03-20 7:24 ` Bratyakin Sergey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47E0E4B9.9050100@zorya.com.ua \
--to=sergey@zorya.com.ua \
--cc=sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git