Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

回复: Internal DNS and Sendmail

0 views

Skip to first unread message

Zeng Zhaorong

unread,

Dec 31, 1998, 3:00:00 AM12/31/98

Hi, Happy Holidays and New Year!

>>Our company has an internal DNS server which cannot resolve outside
>>hosts. We also run sendmails(8.9.1a) on several internal Linux boxes. I
>>want local mails targeting at local hosts directly sent to those hosts,
>>and outside mails targeting at outside hosts sent to a smart host which
>>is connected directly to the Internet.
>
>>I have add the following into the conf.mc
>
>> define(`SMART_HOST', smtp:our.smart.host)
>> LOCAL_NET_CONFIG
>> R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3
>
>That should have done the trick.
>
>>Either you have wildcard MX records, causing you to recognize
>everything, or your DNS server is also giving answers for external
>domains (probably by using your firewall machine as a forwarder).
>

But We have no wildcard MX records(In fact, we havenot any MX records in
internal DNS server), and our DNS server isnot giving answers for
external domains. Moreover, if I have the firewall work as the DNS
forwarder, outside mail will be delivered correctly(Because sendmail
can resolve the domain name now)!

The result running nslookup:
# nslookup
Default Server: asti.asti-beijing
Address: 159.226.5.60
> 163.net
Server: asti.asti-beijing
Address: 159.226.5.60
*** asti.asti-beijing can't find 163.net: Non-existent host/domain

Here is the result when running sendmail with command line, where
163.net is an external address.

#sendmail -v z...@163.net < test.txt
z...@163.net... 163.net: Name server timeout
z...@163.net... Transient parse error -- message queued for future
delivery
z...@163.net... queued

According to the output of sendmail, it seems that because the z...@163.net
cannot
be resolved, the mail is queued. Is it possible to continue the rule
rewriting in case
of the DNS failure?

>> FEATURE(nocanonify)
>> LOCAL_CONFIG
>> CHall.our.internal.host.names
>> define(`SMART_HOST', smtp:winos2.asti-beijing)
>> LOCAL_NET_CONFIG
>> R$* < @ $=H > $* $#smtp $@ $[ $2 $] $: $1 < @ $2 > $3
>
>If your internal systems are recognized by domainname (they all end
>in 'mycompany.com' for example), then you could try:
>
> R$*<@$* $=H >$* $#smtp $@$2$3 $: $1<@$2$3>$4
>
>you might need a '.' after the $=H. Used this way, the $=H class
>only need include the valid ending parts of names (mycompany.com).

But the problem is that because I specified the FEATURE(nocanonify),
there maybe some uncanonified addresses passing through these rules,
and they will not match the LOCAL_NET_CONFIG rules, if I only specify
$=H as the ending part of the domain name.

>
>If you can't do it this way, I suggest you use a mailertable for
>the exceptions to the SMART_HOST forwarding.

0 new messages