[CentOS] Centos 6 Sendmail backup MX Config

Sun Feb 15 21:18:04 UTC 2015
James B. Byrne <byrnejb at harte-lyne.ca>

On Fri, February 13, 2015 10:57, Ken Smith wrote:
> Hi All,
>
> I'm just wanting to check that my understanding of the settings is
> correct as my web searches are finding a lot of dated information.
>
> If I want a Centos 6 sendmail system act as the secondary MX for
> domain
> bbbbb.co.uk do I just add a
>
> Connect:bbbbb.co.uk               RELAY
>
> statement into /etc/mail/access and restart sendmail
>
> Obviously I have the DNS MX records for the domain are already
> established.
>
> I've been getting "/config error/: /mail loops back to me/ " errors.
>
> I think I may be stumbling into a variant of cname problem where the
> hostname as far as the sendmail machine is concerned is aaaaa.com but
> the DNS setting for the secondary MX is smtp1.bbbbb.co.uk.
>
> They both resolve to the same IP but when sendmail looks up the MX
> records for bbbbb.co.uk it will find smtp.bbbbb.co.uk and
> smtp1.bbbbb.co.uk listed and it may relay the mail off to
> smtp1.bbbbb.co.uk without recognising that aaaaa.com =
> smtp1.bbbbb.co.uk. Am I on the right track here, as I then just need
> to
> change the secondary MX setting in DNS to aaaaa.com?

When I set up secondary MX services in Sendmail (and Postfix) then I
always use the direct address feature of the domain routing table and
avoid looking up MX RRs altogether.  After all, if the mail arrived
here it is a good bet that the main MX is off-line (or this is
SPAM/UCEM but that is another issue).

So assuming that the primary MX host is mx10.example.com and the
secondary is mx40.something.else then with Sendmail the file
/etc/mail/mailertable on mx40.something.else should contain something
like this:

example.com.	esmtp:[mx10.example.com]
.example.com.	esmtp:[mx10.example.com]

The [] brackets prevent MX lookups and just routes the message traffic
directly to mx10.example.com as soon as a connection can be made.

This prevents the most common source of mail loops where the primary
is off-line and so any mail is bounced back to the backup MX, which
just happens to be the host that just sent it, thus causing the loop.

-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3