Thus, openser internally has a list of aliases it is responsible of. This list includes: [snip]
- all the domain names found out by reverse lookups of the listening IPs
I see that Richard Bennett had discovered that as he earlier typed:
== it seems something was trying to look-up the aliases == that that server itself was listening on
where he likely meant IP addresses and not aliases.
I have to say that this is a big mistake. Doing the lookups is a bad idea and basing any sort of operational aspects of openser on the domains culled from such reverse lookups is even worse.
The list of supported domains should be purely under the explicit configuration control of the person running the openser box... either with explicit "alias" statements, or with the use of the "domain" module.
I could support this claim with a lengthy, experience supported, argument. But I'll save time with just this:
70.22.4.4.in-addr.arpa name = wbar1.sjo1-4-4-022-070.sjo1.dsl-verizon.net.
-mark
-
Mark Kent