Re: Question about sendmail...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Philip Prindeville wrote:

Craig White wrote:

On Thu, 2005-10-27 at 20:26 -0600, Philip Prindeville wrote:
I'm running FC3 (updated) on a handful of machines.

I have a single IP address, with a NATing router set to that
address.  I have a domain, and an MX which points through
the router at my mail server (or rather, the router is configured
to port-forward 25, 143, etc to the mail server).

I also have several mail clients on my 192.168.1.x network.

The issues are the following:

* the clients have a smart host (DS) defined as the mail relay,
  but they canonical its name and then look it up in the DNS,
  trying to contact it on the external IP address (and not its
  internal 192.168.1.x address in the /etc/hosts file).  My
  /etc/nsswitch.conf file is unmodified.

* the clients then try to relay the email with a sender's envelope
  address as user@xxxxxxxxxxxxxx, which the relay rejects
  because "host.my-domain" doesn't resolve in the DNS.

* I should probably have define(`LOCAL_RELAY', `:$S') to
  handle forwarding everything to the mail server.

I used to know all of this stuff once upon a time...

Am I missing anything?

----
I've never used 'LOCAL_RELAY' so I can't help you there. I typically run
my own DNS servers inside the LAN so that the name resolution is
completely under my control - where mail.mydomain_name.com would resolve
to an internal mail server which handles end delivery (or smart host
delivery).

If you don't want to run your own DNS, it's just simpler to use smart
host pointing directly to the ip address of your mail server directly
instead of a name which loops the connection outside of the trusted LAN.

Gah!   I thought about that, but I was hoping there was a less
heinous fix.

-Philip

Craig


Actually, if you run bind you can implement views on your DNS boxen, which allow you to serve up different zone (A,MX,etc.) records to different networks/hosts. It's a breeze to configure and essentially eliminates the issue you're (and about a million other net admins) are running into.

   Check out:
http://sysadmin.oreilly.com/news/views_0501.html

   for more info.

   David-Paul Niner


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux