Patch 102066-08 (Sendmail) summary

From: John M. Turner (jturner@zeus.aetc.af.mil)
Date: Mon Jun 10 1996 - 14:16:26 CDT


Thanks for all the support! The solution turned out to be a major
rewrite of the sendmail configuration file (which now matches the
standards), and a couple of additions to the MX rules.
I think one of the other problems was that the system used to be
SunOS 4.1.3U1.

Thanks to go to the following:

Lusty Wench <lusty@aimnet.com>
John Justin Hough <john@oncology.uthscsa.edu>
davem@cp.tybrin.com (Dave McFerren)
Kerry Jones <k.jones@pearl.aims.gov.AU>
Claus Assmann <ca@informatik.uni-kiel.de>
Stephen Campbell <steve@avalon.dartmouth.edu>
Marcelo Maraboli <maraboli@itata.disca.utfsm.cl>
==========================================================
(Original text follows)
I've run into a problem that I can't resolve. The system
architecture is a Sparc 10 running Solaris 2.4 (lanman). The system
acts as a DNS and mail gateway. Everything was working well
until.......

I was applying patches to the system, with one of the important ones
being the sendmail patch 101066-08, which replaces the Version 5
sendmail with Version 8.6 sendmail. When I tried the new sendmail, It
complains about MX records pointing back to the local host, lanman.
On top of that, mail bounces back to users :-(

I don't know what's wrong... and I can't patch the system until this
problem is fixed so I'm "vulnerable"...

(config files, etc. deleted for brevity)

Here are the solutions sent in:
====================================================
From: Lusty Wench <lusty@aimnet.com>

Your Cm line has lanman, but it should also have sclan and mhs3.
This line tells sendmail that mail addressed to the specified hosts
should be accepted as "local" mail. Since you don't have that, it
looks up in the MX list where mail to sclan and mhs3 should be
delivered. Since the MX list says it should be delivered to lanman,
you've got an infinite loop.

Incidentally, your secondary and tertiary MX hosts for sclan and mhs3
also need a similar configuration in order to deliver mail
successfully if lanman is unavailable.

Lusty
====================================================
From: John Justin Hough <john@oncology.uthscsa.edu>

I think:

 Dmlanman.aetc.af.mil
 Cm lanman lanman.aetc.af.mil

should be:

 Dmaetc.af.mil
 Cm lanman lanman.aetc.af.mil

But I think that Cm line needs to go too.
===================================================
From: davem@cp.tybrin.com (Dave McFerren)

AHA! I had the exact same error. My problem came from the fact that
I didn't KILL the deamon. I mean kill it dead and restart it. Do NOT
do a HUP on this puppy. It will do no good. Once it is properly
restarted, it should work just fine. I spent over a day and a half
figuring this one out.

Or you could reboot your machine.

Hope this helps...
===================================================
From: Kerry Jones <k.jones@pearl.aims.gov.AU>

1. I had the same problem when I upgraded from Solaris 2.4 to Solaris
2.5. The problems were solved by changing some entries in my DNS.

In my mail DNS file I have:
                IN MX 0 email.aims.gov.AU.
                IN MX 100 ibm.aims.gov.AU.
                IN MX 200 swordfish.jcu.edu.AU.

Any PC's or the like do not have any MX records associated with
them... Unix workstations all have the MX records:
                IN MX 10 workstation.aims.gov.AU.
                IN MX 20 email.aims.gov.AU.

And sendmail on these workstations is configured to use
email.aims.gov.AU. as their major relay host.

I also have the following to capture any mail sent to the aims
domain... aims.gov.au. IN MX 10 email.aims.gov.AU.
                IN MX 100 ibm.aims.gov.au.
                IN MX 200 swordfish.jcu.edu.au.

2. Also, the following should be your domain name... NOT your machine
name.. This may be all that is causing the problem..

>Dmlanman.aetc.af.mil
>Cm lanman lanman.aetc.af.mil
Dmaetc.af.mil

#Cm... Cm will default to the same as Dm if you leave it commented
#out..
(Probably best unless you have some other subdomains that this mail
relay control)

Let me know how it goes..
===================================================
From: Claus Assmann <ca@informatik.uni-kiel.de>

> It complains about MX records pointing back to the local host,
> lanman.

2) mail loops back to myself/"Local configuration error" messages

This is answered in the FAQ:
  * I'm getting "Local configuration error" messages, such as:
 553 relay.domain.net config error: mail loops back to myself
 554 <user@domain.net>... Local configuration error
    How can I solve this problem?
 You have asked mail to the domain (e.g., domain.net) to be
 forwarded to a specific host (in this case, relay.domain.net)
 by using an MX record, but the relay machine doesn't
 recognize itself as domain.net. Add domain.net to
 /etc/sendmail.cw (if you are using FEATURE(use_cw_file)) or
 add "Cw domain.net" to your configuration file.

Another possibility is that relay.domain.net should send this to the
host mail.domain.net which really handles the mail for domain.net. If
this host is reachable by SMTP you should create an MX record with the
best (lowest) priority pointing to mail.domain.net. If it is
reachable by some other mail transport protocol (UUCP) you have to
find another solution, e.g., take a look at the feature mailertable.

 IMPORTANT: Be sure you kill and restart the sendmail daemon
 after you change the configuration file.

One more hint: An MX record shouldn't point to a CNAME, it will most
probably cause you a lot of trouble. (And currently it violates RFC
974).

If you have any corrections/additions/suggestions, please let me know.
These questions and answers are also available on
http://www.informatik.uni-kiel.de/~ca/email/english.html which
contains some more hints about sendmail.
===================================================
From: Stephen Campbell <steve@avalon.dartmouth.edu>

John,

You've probably gotten answers on this already, so I'll be brief. If
you need more help, let me know.

I'll talk about sclan; the same things apply to mhs3. The "MX list
points back" message happens when lanman gets a message addressed to
sclan (because lanman is the preferred MX host), and the sclan address
resolves to the SMTP mailer, which tries to send the message by
looking up the address's MX info, and finds that the preferred host is
itself.

An important question is whether or not sclan is ultimately going to
accept email itself via SMTP. If it is, then you should have an
additional MX RR for sclan that points to itself with the lowest
precedence of all. For example:

sclan IN MX 5 sclan

If sclan is not ever going to accept email, ie if one of the other
hosts is somehow going to deliver the email that is addressed to
sclan, then the sendmail.cf on that other host, lanman, needs to have
statements in ruleset 0 that resolve addresses to sclan to some local
mailer. Exactly how that's done depends on how you want the mail
delivered.

I hope this helps.
      Steve Campbell
      Dartmouth College

PS: If you need to generate your own sendmail.cf, use the m4(1) based
mechanism that comes with sendmail version 8. (I hope Sun ships it!)
It makes generating sendmail.cf files *much* easier than it used to
be. Good luck.

> Greetings, sun-managers!
>
> I've run into a problem that I can't resolve. The system
> architecture is a Sparc 10 running Solaris 2.4 (lanman). The system
> acts as a DNS and mail gateway. Everything was working well
> until.......
>
> I was applying patches to the system, with one of the important ones
> being the sendmail patch 101066-08, which replaces the Version 5
> sendmail with Version 8.6 sendmail. When I tried the new sendmail,
> It complains about MX records pointing back to the local host,
> lanman. On top of that, mail bounces back to users :-(
>
> I don't know what's wrong... and I can't patch the system until this
> problem is fixed so I'm "vulnerable"...
>
> I'll summarize what I find out.
>
>
> Here are my MX records:
>
> sclan IN MX 10 lanman.aetc.af.mil.
> sclan IN MX 20 zeus.aetc.af.mil.
> sclan IN MX 30 pa-sun.aetc.af.mil.
> mhs3 IN MX 10 lanman.aetc.af.mil.
> mhs3 IN MX 20 zeus.aetc.af.mil.
> mhs3 IN MX 30 ps-sun.aetc.af.mil.
>
> The following is an error listing from the Console window; after
> that is my sendmail.cf file:
>
> May 8 17:27:54 lanman sendmail[20745]: RAA20745: SYSERR(root): MX
> list for mhs3.aetc.af.mil points back to lanman May 8 17:27:54
> lanman sendmail[20743]: AA19615: SYSERR(root): MX list for
> sclan.aetc.af.mil points back to lanman
===================================================
From: Marcelo Maraboli <maraboli@itata.disca.utfsm.cl>

hi there.

yes, sendmail gives a lot of pain...you now where. :)

please install Berkeley sendmail 8.7.5

and for now..

> Here are my MX records:
>
> sclan IN MX 10 lanman.aetc.af.mil.
> sclan IN MX 20 zeus.aetc.af.mil.
> sclan IN MX 30 pa-sun.aetc.af.mil.
> mhs3 IN MX 10 lanman.aetc.af.mil.
> mhs3 IN MX 20 zeus.aetc.af.mil.
> mhs3 IN MX 30 ps-sun.aetc.af.mil.
>
> The following is an error listing from the Console window; after
> that is my sendmail.cf file:
>
> May 8 17:27:54 lanman sendmail[20745]: RAA20745: SYSERR(root): MX
> list for mhs3.aetc.af.mil points back to lanman May 8 17:27:54
> lanman sendmail[20743]: AA19615: SYSERR(root): MX list for
> sclan.aetc.af.mil points back to lanman May 8 17:27:55 lanman
> sendmail[20743]: AA19615: SYSERR(root): MX list for sclan.aetc
> points back to lanman May 8 17:27:55 lanman sendmail[20743]:
> AA19615: SYSERR(root): MX list for sclan points back to lanman May
> 8 17:27:55 lanman sendmail[20743]: AA19615: SYSERR(root): MX list
> for sclan.aetc.af.mil points back to lanman

in your /etc/nsswitch.conf put on hosts entry.. files dns

also...in /etc/sendmail.cf in Class w, i.e., "Cw"

put:
Cw localhost local-hostname local-hostname.your.domain
host2.your.domain

the first 3 are mandatory...the other ones are hosts for which you
will be their Mail host or/and Mail server.

> May 8 17:27:56 lanman sendmail[20748]: RAA20743: SYSERR(root):
> Cannot exec /usr/lib/mail.local: No such file or directory May 8
> 17:27:56 lanman sendmail[20749]: RAB20743: SYSERR(root): Cannot exec
> /usr/lib/mail.local: No such file or directory

seems that you didn't install sendmail correctly... :(

> May 8 17:27:57 lanman sendmail[20743]: AA19691: SYSERR(root): MX
> list for MHS3.AETC.AF.MIL points back to lanman May 8 17:27:57
> lanman sendmail[20743]: AA19691: SYSERR(root): MX list for MHS3.AETC
> points back to lanman May 8 17:27:57 lanman sendmail[20743]:
> AA19691: SYSERR(root): MX list for MHS3 points back to lanman May 8
> 17:27:57 lanman sendmail[20743]: AA19691: SYSERR(root): MX list for
> mhs3.aetc.af.mil points back to lanman May 8 17:28:11 lanman
> sendmail[20752]: RAC20743: SYSERR(root): Cannot exec
> /usr/lib/mail.local: No such file or directory May 8 17:28:11
> lanman sendmail[20753]: RAD20743: SYSERR(root): Cannot exec
> /usr/lib/mail.local: No such file or directory May 8 17:28:11
> lanman sendmail[20743]: AA19616: SYSERR(root): MX list for
> SCLAN.AETC.AF.MIL points back to lanman May 8 17:28:12 lanman
> sendmail[20743]: AA19616: SYSERR(root): MX list for SCLAN.AETC
> points back to lanman May 8 17:28:12 lanman sendmail[20743]:
> AA19616: SYSERR(root): MX list for SCLAN points back to lanman May
> 8 17:28:13 lanman sendmail[20755]: RAE20743: SYSERR(root): Cannot
> exec /usr/lib/mail.local: No such file or directory May 8 17:28:14
> lanman sendmail[20757]: RAF20743: SYSERR(root): Cannot exec
> /usr/lib/mail.local: No such file or directory May 8 17:28:14
> lanman sendmail[20743]: AA19634: SYSERR(root): MX list for
> SCLAN.AETC.AF.MIL points back to lanman May 8 17:28:18 lanman
> sendmail[20743]: AA19634: SYSERR(root): MX list for SCLAN.AETC
> points back to lanman May 8 17:28:18 lanman sendmail[20743]:
> AA19634: SYSERR(root): MX list for SCLAN points back to lanman May
> 8 17:28:19 lanman sendmail[20759]: RAG20743: SYSERR(root): Cannot
> exec /usr/lib/mail.local: No such file or directory May 8 17:28:19
> lanman sendmail[20761]: RAH20743: SYSERR(root): Cannot exec
> /usr/lib/mail.local: No such file or directory May 8 17:28:20
> lanman sendmail[20743]: AA19497: SYSERR(root): MX list for
> sclan.aetc.af.mil points back to lanman May 8 17:28:21 lanman
> sendmail[20743]: AA19497: SYSERR(root): MX list for sclan.aetc
> points back to lanman May 8 17:28:21 lanman sendmail[20743]:
> AA19497: SYSERR(root): MX list for sclan points back to lanman May
> 8 17:28:22 lanman sendmail[20764]: RAI20743: SYSERR(root): Cannot
> exec /usr/lib/mail.local: No such file or directory May 8 17:28:22
> lanman sendmail[20765]: RAJ20743: SYSERR(root): Cannot exec
> /usr/lib/mail.local: No such file or directory May 8 17:28:22
> lanman sendmail[20743]: AA19500: SYSERR(root): MX list for
> sclan.aetc.af.mil points back to lanman May 8 17:28:27 lanman
> sendmail[20743]: AA19500: SYSERR(root): MX list for sclan.aetc
> points back to lanman May 8 17:28:27 lanman sendmail[20743]:
> AA19500: SYSERR(root): MX list for sclan points back to lanman May
> 8 17:40:10 lanman sendmail[22622]: AA19021: SYSERR: Cannot open
> xfAA19021: Too many open files May 8 17:40:10 lanman
> sendmail[22622]: AD22622: SYSERR: queueup: cannot create temp file
> tfAD22622: Too many open files May 8 17:40:10 lanman
> sendmail[22782]: AD22622: SYSERR: network read error: Bad file
> number

is your conection slow?
xf* files are temporary files of INCOMING mail..
if you get too many conections and few DATA sent...you'll get too many
files open.. or maybe your sendmail is blooped and dizzled because of
the faulty installation ??

John M. Turner - jturner@zeus.aetc.af.mil
DSN 487-2188 COM (210) 652-2188
HQ AETC/SCTS - Information Protect
61 Main Circle, Ste 02
Randolph AFB TX 78150-4545



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:01 CDT