> -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Les Mikesell > Sent: Thursday, December 23, 2010 10:57 > To: centos at centos.org > Subject: Re: [CentOS] sendmail / logwatch relaying issue - > driving me crazy > > On 12/23/2010 8:01 AM, Jason Pyeron wrote: > > >> > >> On 12/23/10 3:44 AM, Götz Reinicke - IT-Koordinator wrote: > >>> Hallo, *<:-) > >>> > >>> may be I'm to tired to see the solution, maybe someone can > >> give me a hint? > >>> > >>> I do have a couple of servers, sending the daily logwatch > >> report to a > >>> central support email account. > >>> > >>> Some servers do have DNS A and CNAME records. On my mailserver > >>> relaying for the servers is allowed. > >>> > >>> Only one server drives me crazy, getting user unknown or > releaying > >>> denied messages. > >>> > >>> Any idea, how to debug this issue? I'd be glad to fix this as a > >>> christmas gift. I could provide logmessages of course. > >>> > >> > >> If there is an MX record for the target address, it will go there > >> instead of to > >> the A record for that name. The receiving server will > >> usually try to resolve > >> the From: host address and reject if it can't, so the sender must > >> have a valid hostname in your DNS (or turn off that > feature). If the > >> receiving server doesn't accept for the target domain/host address > >> you'd get the relaying denyed error. If it does accept for the > >> domain but does not have the user in the address you'd get > the user > >> unknown error. > >> > > > > In your /etc/mail/sendmail.mc: > > > > dnl # Uncomment and edit the following line if your outgoing mail > > needs to dnl # be sent out through an external mail server: > > dnl # > > define(`SMART_HOST',`mail.pdinc.us')dnl > > > > * the mail.pdinc.us resolves to a different ip inside as > compared to > > the public dns entry > > > > Each box in your network should send the mail to a central > smtp server > > which allows relaying from your network. We have 2-5 new virtual > > machines every day, they usually don’t last more than a few > days. If > > we had to admin that centrally either by dns or mail server > config we > > would go bonkers. This way every new machine is responsible > for its self. > > This is good advice and will let you relay to outside > addresses as well, but not necessary if all of your mail is > internal. If you have an MX or A record in your DNS for the The first time you try to send non-local mail the house of cards will fall apart unless you centrally admin the mail. > destination address the sender will find it directly, and if In this situation, only one machine needs to make correct decisions. On that machine here we have a list of domains which get delivered locally and all others are tried to be delivered by DNS lookups, etc. > the recipient is a local user or alias at that machine it > isn't considered a relay. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.