(Original article directly below the answer that follows now)
I haven't tried this yet, but Steven Ho tells me:
>A patch is now available for this problem.
>
>Patch-ID# 100840-01
>Keywords: bypass, mailhost, mail, security, sendmail, sometime, connect, host, outside, domain
>Synopsis: Solaris 2.1: sendmail sometimes bypasses mailhost and connects directly to host outside its domain
>Date: Jan/12/93
>
>
>Hope this helps,
>
>Steven Ho
>yjho@corp.sun.com
>415-336-3364
And that is not all. If you run DNS without NIS and you are running SunOS 4.1,
you may wind up with ping and telnet to a system resulting in "host unknown",
too. For this, a patch exists, too. It is included here, for completeness'
sake, use it at your own risk, but it works for me...
% # (First test a proper resolv.conf with nslookup!). Then:
% su
% cd /usr/lib/shlib.etc
% mkdir tmp
% cd tmp
% ar x ../libc_pic.a
% rm __.SYMDEF
% mv rpc_dtablesize. rpc_dtablesize.o
% mv rpc_commondata. rpc_commondata.o
% ar x /usr/lib/libresolv.a
% rm gethostent.o strcasecmp.o
% cd ..
% cp lorder-sparc lorder-sparc.orig
% # (Now edit lorder-sparc:
remove: gethostent.o
add: gethostnamadr.o
sethostent.o
res_query.o
res_mkquery.o
res_send.o
res_debug.o
res_comp.o
res_init.o
# so that you now have:
: :
getwd.o
getnetgrent.o
gethostnamadr.o
sethostent.o
res_query.o
res_mkquery.o
res_send.o
res_debug.o
res_comp.o
res_init.o
ypxdr.o
ttyname.o
: :
% make libc.so
% # (This should build some libc.so.x.y.z; test this library:
% setenv LD_LIBRARY_PATH `pwd`
% # Test this. (ping, or ftp, or telnet). If it works:
% cp libc.so.x.y.z /usr/lib
% ldconfig
% unsetenv LD_LIBRARY_PATH
% # Verify if it works, output should contain the new library name:
% trace date
% # Ready.
Original article:
----- Begin Included Message -----
>From sun-managers-relay@ra.mcs.anl.gov Mon Jan 11 11:51 PST 1993
From: Adri.Verhoef@rivm.nl (Adri Verhoef)
To: sun-managers@ra.mcs.anl.gov
Cc: nico@rivm.nl
Subject: Solaris 2.1 mail/DNS client configuration problem (nsswitch.conf?)
Hello Sunners,
This is my new Solaris 2.1 SparcStation 10.
My problem is that E-mail and DNS don't cooperate very well.
My hosts file is very small, containing three entries:
127.0.0.1 localhost loghost
131.224.131.63 toonder
131.224.1.20 krypton.rivm.nl krypton mailhost news
and my sendmail.cf has DR and CR set to `mailhost', and Dm set to `rivm.nl'.
In my /etc/nsswitch.conf file I have specified "hosts: files",
so that mail works. (Outbound mail gets sent to `mailhost'.)
But, in this way, I have to update my /etc/hosts file myself.
So, add "dns" to the `hosts' entry of nsswitch.conf, like this:
hosts: files dns
Alright,
Now I can ftp and telnet inside my local domain (there is a firewall).
But,
now almost all mail stays in the queue: "No route to host". Sendmail
tries to directly connect to the foreign host, but since there is a
firewall, I am not permitted to connect directly, and the mail can't
be delivered.
(In the good configuration,
All outbound mail should be sent to `mailhost' (krypton.rivm.nl).)
Output of `netstat -r' looks like this (localhost == toonder):
Routing Table:
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
localhost localhost UH 0 3175 lo0
131.224.0.0 toonder U 2 1473 le0
default 131.224.131.1 UG 0 61
So, in order to let E-mail work, I change the
`hosts' entry in nsswitch.conf back to
hosts: files
but now ftp/telnet/rlogin/finger can't find foreign hosts (those that are
not in the hosts file). (However, nslookup works, thanks to the
resolv.conf file, that looks like this:)
domain rivm.nl
nameserver 131.224.2.12
nameserver 131.224.1.20
If you know the answer, let me know. I'll summarize, if possible. Thanks,
Adri
----- End Included Message -----
Thanks to: Ying.Ho@corp.sun.com (Steven Ho)
and all others who replied.
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:23 CDT