On 21/06/06, Bart Schaefer <barton.schaefer at gmail.com> wrote: > On 6/21/06, Will McDonald <wmcdonald at gmail.com> wrote: > > > > I thought mailertable entries bypassed DNS? > > Are you sure there's not some other DNS-based check involved, such as > (not that it would be this specific one) the > sender-domain-must-resolve check for spam prevention? Just because > sendmail doesn't use DNS to reach the destination MTA doesn't mean it > isn't attempting to validate the message via DNS lookups. I couldn't say for sure but I don't think this is the case. DNS *is* actually working for everything bar one domain. 'accept_unresolvable_domains' wasn't defined but the hosts all mail for the non-existent domain originates from would be listed in /etc/mail/access. The sendmail.mc is as follows... define(`confDEF_USER_ID',``8:12'')dnl define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST',true)dnl define(`confDONT_PROBE_INTERFACES',true)dnl define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/mail/statistics')dnl define(`UUCP_MAILER_MAX', `2000000')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl define(`confAUTH_OPTIONS', `A')dnl define(`confTO_IDENT', `0')dnl FEATURE(`no_default_msa',`dnl')dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl EXPOSED_USER(`root')dnl FEATURE(`greet_pause', `5000')dnl 5 seconds DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl LOCAL_DOMAIN(`mailscanner1')dnl MAILER(smtp)dnl MAILER(procmail)dnl I wonder, the other domain we routed mail for via mailertable is also included in /etc/mail/relay-domains, the domain we couldn't route for isn't. Will.