David Laight <david@l8s.co.uk> wrote:

> > Another example:
> > Received: from proping (NK218-187-59-152.4-174.pl.apol.com.tw
> > [218.187.59.152])
> >         by reva.sixgirls.org (8.11.6/8.11.6) with SMTP id gA3H08d24914
> > 
> > Well, proping doesn't resolve to anything, so I'd like my mail server to
> > reject this.
> 
> No, you can't do that.  You lose all mail that comes out of systems
> with dynamic addresses, and (probably) those with multiple interfaces.
> 
> In any case all you then do is add the feature to sendmail to make
> it do a dns lookup for its own address so that it can put its
> external name into the helo= message.

I do a DNS name lookup on all host that send mail to me. And It works well for computers with dynamic IPs. All serious ISPs will have a working reverse DNS entry for all IPs they use.
If DNS is not working, it is very likely that is is spam.

Put this in a your sendmail "feature" directory as "dns_resolution.m4":
---
LOCAL_RULESETS
SLocal_check_mail
R$*	$: $&{client_resolve}
RTEMP	$#error $@ 4.7.1 $: "450 Access temporarily denied. Cannot resolve PTR record for " $&{client_addr}
RFORGED	$#error $@ 4.7.1 $: "550 Access denied. Your PTR record is in conflict with your A record for " $&{clien
t_name} " - Please fix your DNS server"
RFAIL	$#error $@ 4.7.1 $: "551 Access denied. IP name lookup failed " $&{client_name}
---
(R$*,RTEMP, RFORGED and RFAIL are all on single lines with a tab before "$")

then include this in your .mc file

FEATURE(dns_resolution)

If you get too many forged mail from non-spam-people you may leave out the line starting with "RFORGED".

your /etc/mail/service.switch may look like that:
aliases files
hosts files dns

then you can add some "friendly misconfigured hosts" to /etc/hosts 

HTH.

Dave 

---
   _  _
 _(_)(_)_  David Wetzel, Turbocat's Development,
(_) __ (_) Buchhorster Strasse 23, D-16567 Muehlenbeck/Berlin, FRG,
  _/  \_   Fax +49 33056 82835 Phone +49 33056 82834
 (______)  http://www.turbocat.de/  dave@turbocat.de