"Relaying temporarily denied. Cannot resolve PTR record for IP address"
This error message means that sendmail encountered a "SERVFAIL" during the check_rcpt ruleset when attempting to resolve the DNS PTR record for IP address. This lookup is performed by the Relay_ok ruleset, called within the check_rcpt ruleset.
A DNS PTR record does not necessarily have to exist for an IP address to pass sendmail's check_rcpt
ruleset; the lookup may produce an NXDOMAIN. However, if the lookup
produces a SERVFAIL, the error is treated as a transient DNS error and
sendmail will TEMPFAIL the session.
Example:
Feb 16 04:06:37 hostname
sm-mta[27799]: [ID 801593 mail.notice] k1GA6Sn7027799:
ruleset=check_rcpt, arg1=<SystemMessage@successfactors.com>,
relay=[213.216.132.236], reject=450 4.4.0
<SystemMessage@successfactors.com>... Relaying temporarily
denied. Cannot resolve PTR record for 213.216.132.236
$ dig -x 213.216.132.236
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
To debug the DNS problem, run dig with the +trace option.
$ dig +trace -x 213.216.132.236
132.216.213.in-addr.arpa. 172800 IN NS pdns01.lndn01.exodus.net.
132.216.213.in-addr.arpa. 172800 IN NS ns2.nj.exodus.net.
;; Received 105 bytes from 192.134.0.49#53(NS3.NIC.FR) in 120 ms
dig: Couldn't find server 'pdns01.lndn01.exodus.net': node name or service name not known
In this case, the DNS A records could not be looked up for the authoritative name servers for 132.216.213.in-addr.arpa.
Back to brandonhutchinson.com.
Last modified: 02/03/2006