IP name possibly forged

  • Read

These days got a sendmail issue and fixed it after some research and tests, and I though it could be shared here.

The primary email server was and was used as relay server to send email to the internet, and I was configuring another server to send email through the relay server.

I added the network 192.168.6 to the access file and generated new access.db file, while when I did the test I got below error:

Apr 10 21:46:52 ServerA sendmail[12680]: w3ADkqYT012680: ruleset=check_rcpt, arg1=<xxxxxx@cn.ibm.com>, relay=212.215.xxnet [2XX.1XX.212.215] (may be forged), rej
ect=550 5.7.1 <xxxxxx@cn.ibm.com>... Relaying denied. IP name possibly forged [2XX.1XX.212.215]

I made sure the email address xxxxxx@cn.ibm.com could receive email without any issue, and I did not know where the ip address 2XX.1XX.212.215 came.

I searched and found one reason was that the A record of the DNS server was different, while for me I did not use DNS to lookup both hostnames but the /etc/hosts files, and of course they matched on both servers.

At the beginning I lost minds in the sendmail configurations and wasted much time in finding the issues in the config files, while eventually I found the reason with really simple traceroute command:

On ServerA(
traceroute to (, 30 hops max, 38 byte packets
 1 (  0.987 ms  1.097 ms  0.960 ms
 2  212.215.xxnet (2XX.1XX.212.215)  1.276 ms  1.288 ms  1.519 ms

On ServerB(
traceroute to (, 30 hops max, 60 byte packets
 1 (  5.874 ms  5.849 ms  5.836 ms
 2 (  5.873 ms  5.911 ms  5.938 ms

As I checked this issue remotely and had no idea about the network configurations, so I did not think public ip address was used in the network path.

To fix this issue, I added the ip address 2XX.1XX.212.215 to the access file and then I would still get below warning:

Apr 15 23:28:21 ServerA sendmail[16329]: w3FFSKEU016329: from=<xxxxxx@ServerB>, size=494, class=0, nrcpts=1, msgid=<20180415152821.511084122F@ServerB>, proto=ESMTP, daemon=MTA, relay=212.215.xxnet [2XX.1XX.212.215] (may be forged)

While the email would be sent out. IP name possibly forged

  • by Published on 16/04/2018 22:44:38
  • Repost please keep this link: https://www.dbcloudsvc.com/blogs/linux/ip-name-possibly-forged/


Anonymous Write

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: