T. Horsnell wrote:
[Charset ISO-8859-1 unsupported, filtering to ASCII...]
Bob Brennan wrote:
I am of course open to suggestions but am at the moment waiting for
Demon to correct the hacked entries on their nameservers, if that
doesn't work - I'll be back for more help!
This issue is probably only affecting Demon's customers at the moment
(assuming the same problem has not manifested itself on other providers'
nameservers).
The main issue for you is that your own server is rewriting addresses
due to the bogus CNAME records. You can avoid this easily by installing
a caching nameserver on your own mail server. This will insulate you
from your ISP's DNS issues and may actually result in improved
performance for your mail server overall. This could be as simple as:
yum install caching-nameserver
chkconfig named on
service named start
Then edit /etc/resolv.conf, remove the existing nameserver entries and
add a "nameserver 127.0.0.1" entry. Your system should then be doing its
own DNS lookups and shouldn't see the bogus CNAME records.
You may need to add PEERDNS=no to /etc/sysconfig/network to prevent your
/etc/resolv.conf getting clobbered by a DHCP client.
Couldnt similar be achieved by making temporary entries in /etc/hosts
without having to install anything?
No, because sendmail can't lookup MX records using the hosts file and
will always try DNS first, regardless of nsswitch.conf settings.
Paul.
