HPE Community
Operating System - HP-UX
1832154 Members
5508 Online
110038 Solutions
New Discussion

sendmail gets wrong ip for mail server. But nslookup show right ip.

 
SOLVED
Go to solution
Steve Post
Trusted Contributor

‎10-15-2002 08:33 AM

‎10-15-2002 08:33 AM

sendmail gets wrong ip for mail server. But nslookup show right ip.

I have a server abc.xyz.com. It is on a DMZ, in a firewall.

I have a mail server mail.xyz.com.
From out in the real world mail.xyz.com has one ip address192.192.1.2.
From inside abc.xyz.com is has a different ip address 1.1.1.2. This is because the firewall changes the address.
(by the way I am making up these ip's for the Question).

So I run nslookup from my box on mail.xyz.com and I get 1.1.1.2. Good. I have mail.xyz.com in the hosts file. And the firewall knows to let me out to this 1.1.1.2 server for mail.

I update /etc/mail/sendmail.cf DS line to use mail.myz.com.
I reset sendmail.
Sendmail starts. In /var/adm/syslog/mail.log it says it is connecting to mail server mail.xyz.com at [192.192.1.2]. (Hey! That's the outside address).

So my question is......
nslookup gets me the correct ip address for mail.xyz.com. Why can't sendmail?

Steve
0 Kudos
Reply
10 REPLIES 10
Ted Ellis_2
Honored Contributor

‎10-15-2002 08:40 AM

‎10-15-2002 08:40 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

try this.... in the sendmail.cf file, look in RuleSet 0 for a line that says:
"# See if we are supposed to deliver to hosts in the local domain"

uncomment the next line:
R$* < @ $* > $* $: $>check_local <$m> $1 < @ $2 > $3 Local Domain?

also check tht you server knows its local domain... resolv.conf (top line should be domain xxxxx.com)

restart sendmail and see if you get anywhere...
0 Kudos
Reply
Jordan Bean
Honored Contributor

‎10-15-2002 08:44 AM

‎10-15-2002 08:44 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.


You may have a conflicting entry in /etc/hosts.

Look for /etc/mail/service.switch which governs sendmails resolver and ensure it agrees with /ec/nsswitch.conf.

0 Kudos
Reply
Steve Post
Trusted Contributor

‎10-15-2002 08:57 AM

‎10-15-2002 08:57 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

Ted,
"uncomment the next line:
R$* < @ $* > $* $: $>check_local <$m> $1 < @ $2 > $3 Local Domain? "
This didn't work. It tried to use mail.xyz.com and timed out. But it is still trying to get to 192.192.1.2.

"also check tht you server knows its local domain... resolv.conf (top line should be domain xxxxx.com) "
Yep. That's in there too.


Jordan,
"You may have a conflicting entry in /etc/hosts. "
/etc/hosts is very small. I don't have a conflict.

I did not know about the /etc/mail/service.switch though.
There ARE slightly different. But I don't see the problem.

/etc/mail/service.switch
hosts files dns
aliases files

/etc/nsswitch.conf
hosts: files [NOTFOUND=continue UNAVAIL=continue] dne [NOTFOUND=return]
aliases: files

When these two conf files talk about "files" are they just talking about /etc/hosts? I know the outside dns would bring up 192.192.1.2, and the /etc/hosts file gives me 1.1.1.2 (that's what I want). But is there some OTHER file out there that sendmail looks at instead of /etc/hosts?
0 Kudos
Reply
Kellogg Unix Team
Trusted Contributor

‎10-15-2002 08:58 AM

‎10-15-2002 08:58 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

Steve,

You may want to change the DS entry to IP address (1.1.1.2) and see if your problem goes away.

...Manjeet
work is fun ! (my manager is standing behind me!!)
Reply
Kellogg Unix Team
Trusted Contributor

‎10-15-2002 09:03 AM

‎10-15-2002 09:03 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

Another thing to check would be your MX record for this domain to see if it returns 192.192.1.2 address

nslookup
> set type mx
> xyz.com
work is fun ! (my manager is standing behind me!!)
Reply
Steve Post
Trusted Contributor

‎10-15-2002 09:11 AM

‎10-15-2002 09:11 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

Actually you hit my work around.

I have changed the DS entry to a different mail server outside of the firewall. Because this other mailserver is outside the firewall, there is no change to the ip address. But this other guy won't last more than 2 months.
Then I'm stuck again. So I still have my question.

on "nslookup
> set type mx
> xyz.com"
The "set type mx" does not work on the HP.
any idea on the syntax?
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

‎10-15-2002 09:32 AM

‎10-15-2002 09:32 AM

Solution

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

The syntax is

set type=mx

BTW, with most of these setups - you should expect different DNS views from the inside network and the outside network.

From the outside, the MX of the publically available domain for mail services should point to the outside address of the mail server.

This address gets translated to the inside address of the mail server. For inside customers, you can
1) add sendmail.cw/mailertable rules to correctly route mail
or
2) allow the mail to be relayed to the outside server, then relayed back into the inside server.
Reply
Steve Post
Trusted Contributor

‎10-15-2002 09:42 AM

‎10-15-2002 09:42 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

I ran nslookup -query=MX (set typ=MX from the nslookup prompt did NOT work)
> mail.xyz.com
> I got "users /etc/hosts on: abc.xyz.com
> But that's all there is.

I ran
> xyz.com
xyz.com nameserver = blah blah blah....
mail.xyz.com internet address 192.192.1.2.
blahblahblah internet address = 1.2.3.4

So NSLOOKUP sees the host address for mail.xyz.com properly as an outside address.
You're right Chris. It is the outside address.

On your options. I have a sendmail.cw file. I don't know any fancy rules. So that's not an option. At least for now.

Option 2. I have an outside server for now, that is under the DS line in sendmail.cf. So, I need to keep an outside mail router.

thanks. Steve



0 Kudos
Reply
Steve Post
Trusted Contributor

‎10-21-2002 06:04 AM

‎10-21-2002 06:04 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

mailertable? No. It never uses it because it is considered "local". Because of this local issue, HP's doc on this did not work.

mail server outside the firewall? Yep. That would work. But I can't get it. No money. No server. No set up.

The question: How can I get this sendmail to use the DMZ ip address for the internal mail server instead of the outside DMS address? HOW cam I get it to go there?

The reason why it fails: I uses DNS first. And DNS gives it the OUTSIDE IP address (and rightly so).

The SOLUTION: Put this in sendmail.cf
DS[intmail.xyz.com]
NOTE THE SQUARE BRACKETS. THAT OVERRIDES DNS.

Add this line to /etc/hosts
1.1.1.2 intmail.xyz.com

I update /etc/nsswitch.conf to make sure it uses files before DNS for hosts.

THAT is the solution.
0 Kudos
Reply
Kellogg Unix Team
Trusted Contributor

‎10-21-2002 07:23 AM

‎10-21-2002 07:23 AM

Re: sendmail gets wrong ip for mail server. But nslookup show right ip.

Steve,

Thanks for sharing the solution! I knew it wasn't /etc/mail/service.switch file as sendmail now looks at /etc/nsswitch.conf instead!

Any particular reason why your internal DNS resolves outside address for your mail server and not inside address?

Also, for MX records - if you have in your DNS, two entries like -

xyz.com. MX 5 mail.xyz.com.
mail.xyz.com. IN A 1.1.1.2

then you can forgo putting DS entry in sendmail.cf file. But if your DNS needs to resolve mail.xyz.com to its outer address (192.192.1.2), then the solution you found is the suitable one.

You check MX records as follows -

nslookup
>server *
>set type=mx
>xyz.com
and look for mail exchanger record.
* If nslookup is looking for /etc/hosts file, the command "set type=mx" will fail.

Thanks
...Manjeet
work is fun ! (my manager is standing behind me!!)
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.