lists-centos wrote:
What IPnumbers did you give the two new machines? What does your DNS look like.
From the outside, mail will be delivered to the MX- (or if that
doesn't exist A-) record machine (based on the IPnumber in the DNS record) for the FQDN on the message.
- Rick
------------ Original Message ------------
Date: Friday, January 01, 2010 02:27:12 PM -0500 From: Jerry Geis geisj@pagestation.com To: CentOS ML centos@centos.org Subject: [CentOS] one server handled sendmail added two more
servers messes things up
Hi all,
I had one server running centos 4.7 i686 everything was fine with incoming mail.
I now added two more servers centos 5.4 x86_64 and gave them machine names all part of the same domain as machine 1. I noticed that incoming emails are being round robined to all three machines. At this time I really just want the one original machine to handle my incoming email... The other two new machines are for other purposes.
How do I tell the two new machines that all incoming email send to machine 1. Is there an easy way to do that? At this point I just turned off the two new machines and all mail is coming into the original machine just like before.
Thanks,
Jerry
All three machines have the same FQDN. something like A.mydomain.com, B.mydomain.com, C.mydomain.com
The IP numbers are X.Y.Z.170, .171 and .172
All three machines have MX records. they all have the same domain name.
It is a big deal to request changes from the provider so I was hoping there was a way to just tell the two new machines that incoming email to them just send on over to the the first machine.
Is there a way to do that - or am I going about this the wrong way?
Jerry
Hi,
All three machines have the same FQDN. something like A.mydomain.com, B.mydomain.com, C.mydomain.com
No, they don't have the same fqdn, the fqdn includes the hostname.
The IP numbers are X.Y.Z.170, .171 and .172
All three machines have MX records. they all have the same domain name.
There's your error, the new one shouldn't have mx records for the domain if they are not designed to accept mail for that domain.
It is a big deal to request changes from the provider so I was hoping there was a way to just tell the two new machines that incoming email to them just send on over to the the first machine.
Is there a way to do that - or am I going about this the wrong way?
There is a way but maybe there's a quicker (and dirtier) way. Just reconfigure sendmail on the two new machines to *not* listen on the public ip on the smtp port. Otherwise block port tcp/25 with iptables (iptables -I INPUT -j REJECT -p tcp --dport 25) But you should really get your DNS fixed.
regards,
Michel
MAIL_HUB does the trick - thanks that was what I was looking for.
jerry
Jerry Geis wrote:
All three machines have the same FQDN. something like A.mydomain.com, B.mydomain.com, C.mydomain.com
The IP numbers are X.Y.Z.170, .171 and .172
All three machines have MX records. they all have the same domain name.
It is a big deal to request changes from the provider so I was hoping there was a way to just tell the two new machines that incoming email to them just send on over to the the first machine.
Is there a way to do that - or am I going about this the wrong way?
You can forward by setting MAIL_HUB but it may cause problems where you accept mail at the rely, then reject at the delivery host because the user name is wrong or from spam checkes. In that case, the intermediate host is required to construct a bounce message and try to deliver it - and for spam it probably won't be deliverable.
If you have some reasonably small number of users, you can make an alias file that forwards each user to the fqdn of the delivery server. Or you can use a virtuser table for the same purpose with a default reject rule.
Or, as someone else suggested, just stop sendmail or block port 25 on the one's you don't want to work. Outside deliveries will retry each MX until one succeeds, but it is slightly antisocial to knowingly make them do this extra work.
Jerry Geis wrote on Fri, 01 Jan 2010 15:05:35 -0500:
All three machines have MX records. they all have the same domain name.
"machines" do not have MX records, domains have MX records. I think you told your provider some wrong information and that's why they set it up wrong.
It is a big deal to request changes from the provider so I was hoping there was a way to just tell the two new machines that incoming email to them just send on over to the the first machine.
Is there a way to do that - or am I going about this the wrong way?
What you attempt to do is just stupid (no offense intended) if you do not want these machines to handle mail from external. You will just attract a lot of spam and bounce a lot of spam for non-existent addresses to innocent victims. As a first thing stop sendmail on them or firewall port 25 on them. Then have your provider set up the correct records. Or use one of the many free or cheap DNS providers. Anyone of them is surely better than RoadRunner.
Kai
"machines" do not have MX records, domains have MX records.
MX records are associated with the domain but point to machines with IP addresses running a MTA.
If you don't assign a IP address of a machine with a MTA to the MX record, then your MX record is useless.
It's essential for fault tolerance to have more than path for your mailer if you consider your email to be mission critical.
Are you sure you read the OP's message(s)?
Kai
-
Agile Aspect -
Jerry Geis -
John R Pierce -
Kai Schaetzl -
Les Mikesell -
Michel van Deventer