Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Sendmail and DNS catch 22

3 views
Skip to first unread message

John Chajecki

unread,
Jun 28, 2005, 7:17:42 PM6/28/05
to
Dear all,

I am hoping that someone can help with a problem I have setting up a Solaris and sendmail based mail relay server.

The server has been built and I have been able to exchange messages between it and the mail hub. However I am having difficulty getting it to work properly now its in the DMZ.

In order to get rsolution of external mail servers I have added my ISPs two DNS addresses into the resolv.conf. This allows it to resolve externam MX addresses but it also means that sendmail is trying to send inbound mail to our external MX address. If I remove the ISP dns ip addresses from resolv.conf then sendmail will deliver to the mailhub, but external mail delivery is broken due to the inability to resolve external addresses.

So it seems I am in a catch 22.

I have the following in my mailertable which I thought would do the trick:

company.co.uk esmtp:mailhub.company.co.uk
.company.co.uk esmtp:mailhub.company.co.uk

I also have the following in my hosts table:

aa.bb.cc.dd mailhub company.co.uk

None of this seems to make any difference.

I have thought of running BIND on the mail relay. This would allow me to configure an appropriate internal MX while redirecting all other queries to the ISPs dns servers. I'm not sure about the security implications of this however. I'm told that you shouldn't use DNS in the DMZ.

Can anyone tell me what the appropriate solution for this is please and whether its OK to use BIND?

Neil W Rickert

unread,
Jun 28, 2005, 11:04:03 PM6/28/05
to
"John Chajecki" <jc...@dsl.pipex.com> writes:

>In order to get rsolution of external mail servers I have added my ISPs two DNS addresses into the resolv.conf. This allows it to resolve externam MX addresses but it also means that sendmail is trying to send inbound mail to our external MX address. If I remove the ISP dns ip addresses from resolv.conf then sendmail will deliver to the mailhub, but external mail delivery is broken due to the inability to resolve external addresses.

>So it seems I am in a catch 22.

>I have the following in my mailertable which I thought would do the trick:

>company.co.uk esmtp:mailhub.company.co.uk
>.company.co.uk esmtp:mailhub.company.co.uk

Maybe you need

company.co.uk esmtp:[mailhub.company.co.uk]
.company.co.uk esmtp:[mailhub.company.co.uk]

The [brackets] suppress the MX lookup.

>I also have the following in my hosts table:

>aa.bb.cc.dd mailhub company.co.uk

Is that a typo for "mailhub.company.co.uk". If not, you
might need different mailertable entries.

John Chajecki

unread,
Jun 29, 2005, 3:58:02 PM6/29/05
to
Neil,

You wrote:

> Maybe you need

> company.co.uk esmtp:[mailhub.company.co.uk]
> .company.co.uk esmtp:[mailhub.company.co.uk]

I did try the square bracketed version but that made no difference.

Also,

>> I also have the following in my hosts table:

>> aa.bb.cc.dd mailhub company.co.uk

No its not a typo. I found when I added company.co.uk a ping test resolved to the internal mailhub, but sendmail persists in resolving to the outside MX.

Andrzej Adam Filip

unread,
Jun 29, 2005, 4:10:00 PM6/29/05
to

Try the following mailertable entries (use the ip address directly):
company.co.uk esmtp:[aa.bb.cc.dd]
.company.co.uk esmtp:[aa.bb.cc.dd]

Use the following test/debug command:
sendmail -d60.5 -bv postm...@company.co.uk


--
Andrzej [en:Andrew] Adam Filip an...@priv.onet.pl an...@xl.wp.pl
"All that is necessary for the triumph of evil is that good men do
nothing" -- Edmund Burke (18th century)

0 new messages