Sendmail/DNS problem and questions

[ponetguy2]

It seems that mail from our servers are going through a third party security mail scanner (offsite),
due the the mx records specified on our internal and external DNS servers.
However, our internal user to user email does not go through the third party security mail scanner.

I discovered that our internal user to user email does not go through the third party security scanner because,
it does not need to. Email clients (outlook, eudora, and etc...) are automatically directed to our
email server, which does not require them to go through DNS and look for an
email server through the MX records.

Our Servers in the other hand, go through the third party security mail scanner.
Our servers still needs to look for an email server through DNS (MX).

I have this error messages every time I try to mailx to myself:

# mailx -v -s 'test mail from server' xnightcrawl@mydomain.com < /tmp/testmail.xnightcrawl.log
# mydomain.com: Name server timeout
xnightcrawl@mydomain.com... Transient parse error -- message queued for future delivery
xnightcrawl@mydomain.com... queued

I think this error is telling me that sendmail is having problems resolving with our DNS setup.
However, I quadruple checked our DNS configuration on the server and it looks okay. nslookup is able
to resolve our mail server, dns server, its own name and IP.

The only discrepancy I found was our external DNS. It does not have the server in question entered in
the database file or an "A" record (zone file), but the internal DNS does.

Please forgive me. I'm new to sendmail and email administration. Any suggestions or ideas will truly be appreciated.

 

[daFranze]

run the command
# nslookup -type=MX mydomain.com
is this your MX you want to deliver your emails?

If you haven't setup your DNS or MX in DNS you can configure sendmail without DNS Lookups. Search this Forum, some time ago I posted a howto from Sun/sendmail.org on how this works (m4 macro?)


Best Regards, Franz
--
Solaris System Manager from Munich, Germany
I used to work for Sun Microsystems Support (EMEA) for 5 years in the domain of the OS, Backup and Storage

 

[elgrandeperro]

There are 2 ways to subvert the dns lookup.

The "relay" options would forward ALL your mail to
a certain server. If you have a specific outbound MTA, this might work, but beware that forwarding to an inbound configured MTA will create relay problems for outbound mail.

A better option is to turn on mailertables. This will allow you to control by the email's destination. And
remember to use the brackets( []s) which disable the
DNS lookup and instead forwards to the configured hostname.

gene

 

[ponetguy2]

I ran # nslookup -type=MX mydomain.com

# nslookup -type=MX mydomain.com
Server: source.mydomain.com
Address: xx.xx.xx.xx

Non-authoritative answer:
mydomain.com preference = 40, mail exchanger = mydomain.com.s5b2.psmtp.com
mydomain.com preference = 10, mail exchanger = mydomain.com.s5a1.psmtp.com
mydomain.com preference = 20, mail exchanger = mydomain.com.s5a2.psmtp.com
mydomain.com preference = 30, mail exchanger = mydomain.com.s5b1.psmtp.com

Authoritative answers can be found from:
mydomain.com.s5a1.psmtp.com internet address = xx.xx.xx.xx


Output indicates that mail is going to our third party mail security scanner.

 

[elgrandeperro]

I believe the transient occurs because sendmail can't figure out the system's domainname. Add the fully qualified name to the entry in /etc/hosts or set the domainname in /etc/mail/sendmail.cf and stop/start sendmail. I believe then the error will go away.

gene