-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Les Mikesell Sent: Thursday, December 23, 2010 10:57 To: centos@centos.org Subject: Re: [CentOS] sendmail / logwatch relaying issue - driving me crazy
On 12/23/2010 8:01 AM, Jason Pyeron wrote:
On 12/23/10 3:44 AM, Götz Reinicke - IT-Koordinator wrote:
Hallo, *<:-)
may be I'm to tired to see the solution, maybe someone can
give me a hint?
I do have a couple of servers, sending the daily logwatch
report to a
central support email account.
Some servers do have DNS A and CNAME records. On my mailserver relaying for the servers is allowed.
Only one server drives me crazy, getting user unknown or
releaying
denied messages.
Any idea, how to debug this issue? I'd be glad to fix this as a christmas gift. I could provide logmessages of course.
If there is an MX record for the target address, it will go there instead of to the A record for that name. The receiving server will usually try to resolve the From: host address and reject if it can't, so the sender must have a valid hostname in your DNS (or turn off that
feature). If the
receiving server doesn't accept for the target domain/host address you'd get the relaying denyed error. If it does accept for the domain but does not have the user in the address you'd get
the user
unknown error.
In your /etc/mail/sendmail.mc:
dnl # Uncomment and edit the following line if your outgoing mail needs to dnl # be sent out through an external mail server: dnl # define(`SMART_HOST',`mail.pdinc.us')dnl
- the mail.pdinc.us resolves to a different ip inside as
compared to
the public dns entry
Each box in your network should send the mail to a central
smtp server
which allows relaying from your network. We have 2-5 new virtual machines every day, they usually dont last more than a few
days. If
we had to admin that centrally either by dns or mail server
config we
would go bonkers. This way every new machine is responsible
for its self.
This is good advice and will let you relay to outside addresses as well, but not necessary if all of your mail is internal. If you have an MX or A record in your DNS for the
The first time you try to send non-local mail the house of cards will fall apart unless you centrally admin the mail.
destination address the sender will find it directly, and if
In this situation, only one machine needs to make correct decisions. On that machine here we have a list of domains which get delivered locally and all others are tried to be delivered by DNS lookups, etc.
the recipient is a local user or alias at that machine it isn't considered a relay.
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.