Can DNS & POP3 on the same server?
Rookie
as title
If my DNS & POP3 is the same machine,then
how to setup the MX record?
thanks...:)
Paul Jacobs
This is a current problem with Send mail, you will need to have bind and
send mail on a different server, unless you use send mail for "internal
only" email.
Best regards,
Paul Jacobs /Senior Network Eng.
Commerce Service Provider (CSP)
Internet Presence Provider (IPP)
http://www.netpacq.com
mailto:pa...@netpacq.com
Picture : http://netpacq.com/nis_about.htm
Jim Reid
>> At 03:09 AM 7/1/2000, Rookie wrote:
>> as title If my DNS & POP3 is the same machine,then how to setup
>> the MX record?
Paul> This is a current problem with Send mail, you will need to
Paul> have bind and send mail on a different server, unless you
Paul> use send mail for "internal only" email.
Your reply barely makes sense. And the only sense I can make of it is
nonsense. You seem to be saying that the name server and sendmail
can't run on the same machine. This is just wrong. Or did you mean
that someone can't send mail from a machine running a name server?
That's wrong too. What your advice has to do with the original
question about POP servers and MX record's is anyone's guess, but let
that rest. And on most UNIX systems, sendmail (not "send mail") is
involved in the delivery of every piece of mail: internal and
external. If it's not sendmail, some other MHS/MTA like qmail or
Postfix will perform that role. Just about every UNIX mail front-end
or User Agent (elm, pine, mh, Mail, Eudora, etc) will call sendmail to
figure out how to deliver the message that's being sent, whether it's
for a local or an external address.
Mark R. Nathan
On 7/1/00, Paul Jacobs wanted to tell me:
>This is a current problem with Send mail, you will need to have bind and
>send mail on a different server, unless you use send mail for "internal
>only" email.
well that explains my problem immediatly as well.
So, what are my options with NetBSD on a single 68k mac? I have BIND
running my DNS. I have imap-uw as my POP server (currently working
correctly) and Sendmail running.. but giving me some headaces.. based
on this particular issue apparently.
Is there really no hack to fixing this? I am currently running
version 8.8.8 which came compiled for my NetBSD OS Install.
Any hints or tricks are appreciated.
--
=======================================================================
-----------------------------------------------------------------------
Mark R. Nathan http://www.miraboomusic.com
Miraboo Group mailto:pres...@miraboomusic.com
President mailto:ma...@nathan.net
Chris Sweeney
Why is that a problem, I am running sendmail and Bind on multiple machines
with no problem at all. Is this just a NetBSD problem then?
Chris
____________________________________________________________________________
_____________________________
I found a great new Internet company. They pay you to surf the web. They
even pay you when your friends are surfing the Web.
(Which is why I have my ID# AQB-322 as the last six digits in this hot
link.)
Hit the link now. Sign up (less than a minute - NO SURVEY) and then go tell
your friends.
http://alladvantage.com/go.asp?refid=AQB322
Let me know when you sign up.
Regards,
Chris
Member ID#: AQB-322
Mark R. Nathan
On 7/1/00, Chris Sweeney wanted to tell me:
>Why is that a problem, I am running sendmail and Bind on multiple machines
>with no problem at all. Is this just a NetBSD problem then?
>
>Chris
Chris -
Not at all. I am just in the growing pains phase of sendmail and will
soon have it running the way I want.
Sorry to have even responded to the original post. A thread that
will now hit my kill file.
Sorry to bother the list with this and sorry to bother you Chris with this.
Mark Nathan
Paul Jacobs
I am running bind 8.2.2 P5, and send mail 8.10.1... and I can not send to
the same domain..
It tell's me "can not send to it self."
You must turn "open relay" on for it to work, then restrict to certain I.P.
ranges...
Another thing about send mail is it can not do POP3 auth to allow posting
through SMTP.
Best regards,
Mark R. Nathan
Thanks DanO for the clearification.
One question I have is if the alaises you setup below are configured
and actually written in your DNS Master zone database.
How and why did you come up with the local IP class of 111.111.111.x?
Anything necessary to get sendmail to recognize these aliases using
Sendmail 8.8.8?
thanks in advance!
Mark Nathan
On 7/2/00, DanO wanted to tell me:
> Have 1 for DNS, 1 for the pop3d connection, and 1 for the machines
>hostname.
>
> Here is how mine is setup;
>@ IN MX 10 mail.mydomain.com
>pop3 IN A 111.111.111.2
>mail IN A 111.111.111.3
>host IN A 111.111.111.4
>
>I dont have a ref to smtp cause I dont sent outgoing mail from my servers, I
>send it through my dial-up.
> I hope that answers the original posters question. As for your problem
>of not being able to send your self mail, the answer is in your aliases @
>vitusaertable file for sendmail. My guess is you have the machine configured
>for both Mail Hub & client.
David R. Conrad
> I would use bind 8.2.1 and send mail 8.9.3 they seem to be stable.
NO! DO NOT USE BIND 8.2.1.
There is a well known root (if you are running named as root) exploit with
scripts my grandmother could use to get root on your machine on just about
every hacker site around.
Use 8.2.2-P5. If, for some reason, you can't use 8.2.2-P5, then use 8.1.2.
-drc
Executive Director, ISC
VP Engineering, Nominum, Inc.
DanO
> Thanks DanO for the clearification.
>
> One question I have is if the alaises you setup below are configured
> and actually written in your DNS Master zone database.
The A & MX records I used are setup in the primary FQDN zone file. So if
your servers name in dns1.hello.com, then all the A & MX records go in to
"hello.com" zone file. the only thing you need to add to any other zone
files is the MX record. DNS will do the internel lookups for the machine
that is hosting the mail server. One more point, I should make- " a little
off the NG's topic"
Be careful of your configuring sendmail. if you are only using a couple
of machines for a handfull of domains, then setup the machine as a Hub-only.
A good ref for doing this is at http://www.linuxdoc.org/guides.html.
Get the
Securing and Optimizing Linux: Red Hat Edition guide. even if you dont have
redhat, it clarifys alot in the configuring of any server.
> How and why did you come up with the local IP class of 111.111.111.x?
The IP's were for example only, as I didnt want to use my own in the post.
> Anything necessary to get sendmail to recognize these aliases using
> Sendmail 8.8.8?
The IP aliases arent important to sendmail, the domain names, & the
redirection to user-names on the machine is where alot off mistakes get
made. Sendmail has what is call LHR-left-hand-rules, RHR-right-hand-rules.
Make sure you follow them closely.
Reguards
DanO
Jim Reid
Paul> I am running bind 8.2.2 P5, and send mail 8.10.1... and I
Paul> can not send to the same domain..
Just because *you* can't make these work together doesn't mean that
they can't work together. I'd guess that well over half the mail that
crosses the Internet will go through sendmail. The chances are that
those mail systems will be talking to a BIND name server. [ISTR a
survey saying 75% of the email servers on the Internet ran sendmail.
An even higher proportion of the world's name servers run BIND.] So to
say - as you did - that the most ubiquitous by far mail server and
name server on the Internet "can't talk to each other" is just
ludicrous. NB the versions of sendmail and DNS don't matter here
because they use the same DNS wire protocol to talk to each other. In
fact neither party can tell if the query came from sendmail or the
reply came from a BIND name server.
Paul> It tell's me "can not send to it self."
This is a well documented problem with sendmail with numerous
solutions. Have you consulted the sendmail FAQ or looked at the
sendmail.{com,net,org} web sites? An explanation for this problem is
also given in pretty much every book on sendmail (and the DNS?). Have
you consulted any of them? The problem usually comes about because
someone has either misconfigured the DNS or sendmail. Or both.
Paul> You must turn "open relay" on for it to work, then restrict
Paul> to certain I.P. ranges...
NO! NEVER EVER USE 'open relay', even with a range of permitted IP
addresses. The sendmail docs specifically warn against doing this. Did
you read them? Spammers love open mail relays. And if spammers find
your mail server, they'll wipe it out by getting it to relay millions
of spam messages. That will get your server on to a variety of anti-spam
databases including the realtime blackhole list (RBL). If you're on
the RBL, large chunks of the Internet won't carry your packets until
you close the open-relay and adopt sensible anti-spam policies. See
http://www.mail-abuse.org and http://maps.vix.com/rbl/rationale.html.
Paul> Another thing about send mail is it can not do POP3 auth to
Paul> allow posting through SMTP.
As I have said before it's "sendmail", not "send mail". IIUC, the
current version of sendmail provides a number of authentication
schemes for submitting mail via SMTP. If by "POP3 auth" you mean
prompting for a username and password before accepting outbound mail
from local users, this is one of the schemes that is available. Full
details are in the sendmail documentation and on their web site. I
think that http://www.sendmail.org contains the FAQ and a step-by-step
guide to configuring sendmail.
Mathias Koerber
On Sun, 2 Jul 2000, Paul Jacobs wrote:
| Date: Sun, 02 Jul 2000 18:01:41 -0700
| From: Paul Jacobs <pa...@netpacq.com>
| To: Jim Reid <j...@rfc1035.com>
| Cc: comp-protoc...@uunet.uu.net
| Subject: Re: Can DNS & POP3 on the same server?
|
| I mean... if a pop3 user log's in and collect's his mail from an outside
| network, the user should be able to send smtp mail with out giving a
| password to the smtp for a specified time period.
|
| All most every windows based mail server will allow you to do this!,
| (except sendmail for NT)!.
|
| Why is it that send mail can not catch up?
Maybe because sendmail is *not* a POP3 (or IMAP etc) client and thus does not
know how to get at he authentication data of th4e numerous POP3 clients
out there for UNIX?
That saus, there *are* tools that do just what you want, inspect a POP3 log and
modify a sendmail table allowing posting. But these are all thirdparty
based on the exact POP3 client...
|
| Also I know you can set up a cron event to scan your drive for viruses but
| I do not know of any REAL-TIME virus scanners for sendmail.....but, yet
| again there are plenty for the windows environment!.
Check out AmaVIs (I hope I goty the capitalization correct). It's the framework
only requiring the actual virus checking engine, which there are a number
to choose of..
Mathias Koerber | Tel: +65 / 471 9820 | mat...@staff.singnet.com.sg
SingNet NOC | Fax: +65 / 475 3273 | mat...@koerber.org
Q'town Tel. Exch. | PGP: Keyid: 768/25E082BD, finger mat...@singnet.com.sg
2 Stirling Rd | 1A 8B FC D4 93 F1 9A FC BD 98 A3 1A 0E 73 01 65
S'pore 148943 | Disclaimer: I speak only for myself
* Eifersucht ist eine Leidenschaft, die mit Eifer sucht, was Leiden schafft *
Jim Reid
Paul> I mean... if a pop3 user log's in and collect's his mail
Paul> from an outside network, the user should be able to send
Paul> smtp mail with out giving a password to the smtp for a
Paul> specified time period.
This is do-able with sendmail. Just about anything is do-able with
sendmail. [Write a ruleset that implements a Turing machine and take
it from there...]
Paul> All most every windows based mail server will allow you to
Paul> do this!, (except sendmail for NT)!.
Paul> Why is it that send mail can not catch up?
Gosh, you really are misinformed. sendmail's been routing mail on the
internet for around 20 years now. The software is at the forefront of
new standards and functionality. Because of its installed base, a mail
standard won't happen on the Internet unless it gets implemented by
sendmail.
Paul> Also I know you can set up a cron event to scan your drive
Paul> for viruses but I do not know of any REAL-TIME virus
Paul> scanners for sendmail.....but, yet again there are plenty
Paul> for the windows environment!.
That's because the protection model on UNIX systems makes it much
harder to write and deploy a virus.
Paul> Could this be the problem the government's is having with
Paul> email virus? (exchange & outlook aside).
I doubt it. AFAIK there have been no documented instances of a UNIX
virus. [Well the folk at Bell Labs played with them ~10 years ago and
then there was the Internet worm in 1998, but that wan't a virus.]
This doesn't mean these things couldn't exist. It's just nobody's come
across a real example of one yet.
Paul> Does it still ring true " You get what you pay for"????.
I have no idea what you mean by this or what you're getting at. Are
you saying that the only worthwhile software is the stuff you pay for?
FYI, most of the critical networking software on the internet is Open
Source and free: BIND (DNS), sendmail (mail), Apache (www). The
internet wouldn't be what it is without those things.