Question about sendmail...
David-Paul Niner
dpniner at dpniner.net
Fri Oct 28 03:52:29 UTC 2005
Philip Prindeville wrote:
> Craig White wrote:
>
>> On Thu, 2005-10-27 at 20:26 -0600, Philip Prindeville wrote:
>>
>>
>>> I'm running FC3 (updated) on a handful of machines.
>>>
>>> I have a single IP address, with a NATing router set to that
>>> address. I have a domain, and an MX which points through
>>> the router at my mail server (or rather, the router is configured
>>> to port-forward 25, 143, etc to the mail server).
>>>
>>> I also have several mail clients on my 192.168.1.x network.
>>>
>>> The issues are the following:
>>>
>>> * the clients have a smart host (DS) defined as the mail relay,
>>> but they canonical its name and then look it up in the DNS,
>>> trying to contact it on the external IP address (and not its
>>> internal 192.168.1.x address in the /etc/hosts file). My
>>> /etc/nsswitch.conf file is unmodified.
>>>
>>> * the clients then try to relay the email with a sender's envelope
>>> address as user at host.my-domain, which the relay rejects
>>> because "host.my-domain" doesn't resolve in the DNS.
>>>
>>> * I should probably have define(`LOCAL_RELAY', `:$S') to
>>> handle forwarding everything to the mail server.
>>>
>>> I used to know all of this stuff once upon a time...
>>>
>>> Am I missing anything?
>>>
>>
>> ----
>> I've never used 'LOCAL_RELAY' so I can't help you there. I typically run
>> my own DNS servers inside the LAN so that the name resolution is
>> completely under my control - where mail.mydomain_name.com would resolve
>> to an internal mail server which handles end delivery (or smart host
>> delivery).
>>
>> If you don't want to run your own DNS, it's just simpler to use smart
>> host pointing directly to the ip address of your mail server directly
>> instead of a name which loops the connection outside of the trusted LAN.
>>
>>
>
> Gah! I thought about that, but I was hoping there was a less
> heinous fix.
>
> -Philip
>
>> Craig
>>
>>
>>
>>
> Actually, if you run bind you can implement views on your DNS boxen,
> which allow you to serve up different zone (A,MX,etc.) records to
> different networks/hosts. It's a breeze to configure and essentially
> eliminates the issue you're (and about a million other net admins) are
> running into.
Check out:
http://sysadmin.oreilly.com/news/views_0501.html
for more info.
David-Paul Niner
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the fedora-list
mailing list