Re: masquerading domain name
- From: "Liam" <news@xxxxxxxxxxxxxx>
- Date: 17 Apr 2006 13:51:03 -0700
OK, this is going to be interesting...
Dances With Crows wrote:
["Followup-To:" header set to comp.os.linux.misc.]
On 17 Apr 2006 12:27:31 -0700, Liam staggered into the Black Sun and
said:
Gawd, sendmail is so above my understanding.
Postfix and Exim are just a tiny bit easier to configure and understand,
IMHO.
I've heard that, esp. about Postfix. I'll look into it!
In the meantime, since as you indicate later, this doesn't appear to be
a mail server issue, I'm going to backburner that for the time being.
No sense having 12 irons in the fire instead of 11. =)
Linux fileserver that has to send mail out. But it doesn't have an
actual domain name, just an IP address. Our domain name is pointed to
our remote server.
What does that mean? Specifics, please. Did you mean "mail.example.com
has IP 1.2.3.4, but 1.2.3.4 is the firewall, and the firewall forwards
1.2.3.4:25 to 192.168.1.5"? It's usually considered bad form to have a
machine without a name. People usually have an easier time dealing with
"fuzzball.example.com just fell over!" than "192.168.1.5 just fell
over!".
OK. Our domain name is pointed to and resolves to a hosted server way
off-site.
But we have processes on a fileserver here at the office that needs to
send e-mails as well.
It's a fileserver that is indeed behind a firewall/NAT.
This fileserver I have in /etc/hosts:
127.0.0.1 localhost localhost.localdomain localhost
(server's IP) fileserve fileserve.(ourdomain name).com
which allows it to be refered to as "fileserve.domain_name.com".
But when you do a "host (ip address)" it resolves to the ISP's name for
our connection. Not the domain name, obviously.
Which indeed makes sense that if the recipient mail receiver is doing a
resolution on the sending IP it's not going to make sense as coming
from a domain (because...it's not.)
mail sends fine in general, except to a couple of specific recipients
that refuses the main because:
<< 550 <apache@fileserve.(our domain name).com>: Sender address
rejected: Domain not found
This sounds like a bad rDNS record. The routable IP your mail appears
to be coming from *must* have a valid rDNS record, or a number of large
places like AOL will reject all mail from that IP. (rDNS lets you do
"host 1.2.3.4" and get "somewhere.example.com". Go to a machine outside
your LAN and make sure you can do a host on your routable IP(s) and get
a valid response.) Note, if you send all your traffic through one
gateway/firewall, and that gateway/firewall has multiple routable IPs
assigned to one interface, the *first* IP is typically where all the
traffic appears to originate from. Make sure that IP has a valid rDNS.
If you run your own DNS, all you have to do is add a valid PTR record
and restart named/whatever. If not, you have to call your ISP and
either ask them to add a valid PTR record, or ask them to set up an
RFC2317-style delegation. The former is generally easier for you and
them, but less flexible.
Well, we don't run our own DNS.
Since the actual domain name we have has to point to the IP of the
hosted server way out there somewhere, it looks like what we'll need to
do to allow mail from this fileserver to be resolved acceptably, is to
get another domain name and point it to this IP?
Sound about right?
So I tried to change the /etc/hosts
Wrong thing to do.
Yep, figured that one out the hard way. =) Lesson learned.
I use Webmin to manage Sendmail, because I looked into using M4 and
whatnot, and oh my god! I am WAY too dense to manage Sendmail without
a GUI!
Er, from what you told me, the problem isn't with the MTA configuration,
but with remote users' ISPs policies and the lack of a good rDNS.
BTDTGTTS. HTH anyway,
Yep, it does help! Thanks for helping me really understand what's going
on.
To repeat myself, does it sound to you with how I (hopefully clarified
things) the only way to allow e-mail from this fileserver to be
received by some mail servers is to register its own domain name to
have pointed to it, so the IP properly resolves to a domain name?
Or, your mentioning of having the ISP do a PTR or delegation... is that
something that could still work in this case?
That is, (I don't know much about DNS (duh!) ) so, when the receiving
mail server tries to do a rDNS on the sending IP address, the
responding message from the ISP would be something acceptable, even
though our domain name is actually pointed to a server on a host with a
different ISP?
THANKS!
-Liam
.
- Prev by Date: Re: Getting rid of usenet spam attacks using leafnode.
- Next by Date: Re: OT -- USB Enclosures with HOT SWAPPABLE IDE disks
- Previous by thread: Installing Suse on Penguine Altus 1300 without Floppy Drive
- Next by thread: A Working Media player
- Index(es):
Relevant Pages
|
Loading
