SUMMARY: Urgent Sendmail Config

From: Andrew Lamb (sm@mis.mua.go.th)
Date: Sat Dec 21 1996 - 03:16:40 CST


        1 Abbreviated Original Posting
        2 Advice Received From:
        3 Suggestions
        4 Solution
        5 Thanks
        6 Paul Pome's Cranky Sun Sendmail Guidesheet

1 Abbreviated Original Posting:

> Outbound email to local hosts and Internet hosts is fine. Inbound mail to
> user@mis.mua.go.th is fine but inbound mail to user@mua.go.th is
> generating error emails from the Sendmail Daemon.
>
> 554 MX list for mua.go.th points back to mis.
> 550 <peter@mua.go.th>... Host unknown (Name server: mua.go.th: no data known)

2 Advice Received From:

                        <andy_gay@VNET.IBM.COM>
Pierre Padovani <padovani@aaec.com>
Claus Assmann <ca@informatik.uni-kiel.de>
Anthony Worrall <Anthony.Worrall@reading.ac.uk>
Chil - Chihli Lu <luchihli@schiaparelli.rutgers.edu>
Douglas Vanderlip <dvande01@pdc.trsv.eds.com>
Karl E. Vogel <vogelke@c17.wpafb.af.mil>

3 Suggestions:

You probably need to have your domain name in class w:
Cwmua.go.th
in your sendmail.cf, to tell sendmail it should accept mail for the domain
name.
        ==============================

I recently tackled a similar error with sendmail. I discovered that if you
have an MX record that points to the sendmail host itself, that you must
also set the Cahost in the sendmail.cf file. Here is an example.

                IN MX 10 Fu.Bar.Com

Fu.Bar.Com is the main mail server, and in his sendmail.cf file there is a
line that looks like:

CaFu.Bar.Com

This tells sendmail to IGNORE the MX record for Fu.Bar.Com.

Also, if your MX record is point to a CNAME for the same host, or an alias
for the same host, you can generate the first line of your sendmail error.
> Dj$m
> #Dj$w.$m
> #Dj$w

First: you machine doesn't use its full name:
mis.
instead of
mis.mua.go.th
(see first line). So you should try:
Dj$w.$m
or
Dj$w

check it with
sendmail -d0.5 -bv root
It must give its full name then. The setting depends on your
name configuration (DNS, /etc/hosts, ...).
        ================================

Try turning off the DNS lookup in /etc/mail/sendmail.cf

# Remote mode - send through server if mailbox directory is mounted
OR
# Turn on the DNS name look up
#OI
# location of alias file
OA/etc/mail/aliases
        ================================

Check /etc/nsswitch.conf to make sure the host line has

        hosts: dns nis files

if you do not have "dns", your /etc/resolv.conf is useless as the system will
not try to consult the remote servers.
        ================================

   Your best bet is to throw out Sun's named and sendmail binaries, and install
   bind-4.9.5 and sendmail-8.8.4.

   Try adding the line "search mua.go.th" under the domain line. That helped
   us once, and I never figured out why.
        ==================================

4 Solution:
        
        I think it was adding the line
                Cwmua.go.th
        to /etc/mail/sendmail.cf that fixed it, but I'm not absolutely
        certain because I was mixing all sorts of changes simultaneously
        and wasn't testing thoroughly.

5 Thanks:

        To Sun Managers for solving within an hour and a half a problem
        which I had worked on for half a day without success.

        To Andy Gay for explaining the way to use nslookup.

6 Paul Pomes <paul@uxc.cso.uiuc.edu> Guidesheet

! How to Fix a Cranky SUN Mail System.
!
!
! 1) Kill the existing sendmail daemon process.
!
! ps waux | grep sendmail
! kill <pid> where <pid> is the process id of the daemon.
!
[This step is only required prior to SunOS 5.5 (aka Solaris 2.5)]
! 2) Replace the default sendmail executable with the SUN-supplied version
! that understands use of the DNS. Zap any frozen config file present.
!
! cd /usr/lib
! cp sendmail sendmail.nomx
! chmod 755 sendmail.nomx
! cp sendmail.mx sendmail
! chmod 4511 sendmail
! rm -f /usr/lib/sendmail.fc /etc/sendmail.fc /etc/mail/sendmail.fc
!
! 3) Establish a /etc/resolv.conf file to direct DNS queries to a server.
! The values of "domain" and the "nameserver" lines depends critically
! on where you are. At the University of Illinois the value of domain
! is typically your department or office name combined with "uiuc.edu".
! Long names, e.g., Personnel Services Office, are typically abbreviated
! (pso.uiuc.edu). Examples: math.uiuc.edu, life.uiuc.edu, ncsa.uiuc.edu.
!
! Some institutions have a one domain fits all name. An example of
! this is the US Army Corps of Engineers, Construction Engineering
! Research Lab locally known as US Army CERL. Army policy specifies
! that domain names must use their official acronym with the "army.mil"
! domain. So CERL's domain name is "cecer.army.mil". Adding a fourth
! domain to distinguish internal departments and divisions would have
! made the names overly long. Thus all CERL hosts are named
! foo.cecer.army.mil.
!
! Selecting nameservers must be done in consultation with your local
! network expert. At the University of Illinois (and ONLY here please)
! the following values can be used. Let's repeat that - only University
! of Illinois hosts should be using our nameservers.
!
! domain foo.uiuc.edu (replace foo with your official domain)
! nameserver 128.174.5.59
! nameserver 128.174.5.50
! nameserver 128.174.5.58
!
! At US Army CERL, use the following:
!
! domain cecer.army.mil
! nameserver 129.229.20.254
! nameserver 129.229.1.5
!
! N.B., SUN's resolver code is based on BIND v4.8.1 and suffers from several
! problems. Chief among those is zero fault tolerance. If the first listed
! nameserver is unreachable or dead, the resolver won't try any of the
! subsequently listed servers. Re-compiling both sendmail and libresolv.a
! from modern sources is the only fix for this.

[SunOS 5.x: make sure you have dns in the hosts line in /etc/nsswitch.conf]

! 4) Copy the "main" sendmail.cf base file to sendmail.cf.
! Under SUN-OS 4.X use
!
! cp /usr/lib/sendmail.main.cf /etc/sendmail.cf
!
! Under SUN-OS 5.X use
!
! cd /etc/mail
! cp main.cf sendmail.cf
!
!
! Now that the base work has been done you have a choice: death or chi-chi.
! No, that's another sick joke. Let's stick to SUNs and retain what shreds
! of dignity we can. Onward.
!
! The next set of steps involve changes to the sendmail.cf file. Invoke the
! editor of your choice on /etc/sendmail.cf or /etc/mail/sendmail.cf.
!
! 5) Change the value of the $j greeting macro. Macros are defined with
! lines beginning with 'D'. Thus the $j macro is defined on a line
! beginning with 'Dj'. Change sendmail.cf (nee main.cf) to look like
!
! # my official hostname
! # You have two choices here. If you want the gateway machine to identify
! # itself as the DOMAIN, use this line:
! #Dj$m
! # If you want the gateway machine to appear to be INSIDE the domain, use:
! #Dj$w.$m
! # Unless you are using sendmail.mx (or have a fully-qualified hostname), use:
! Dj$w
!
! (Comment out the Dj$m entry and enable the Dj$w entry.)
!
! 6) Select the proper mailer for forwarding to a smarter relay. In the
! case of a site connected to the Internet, this is the "ddn" mailer.
! Change to:
!
! # major relay mailer - typical choice is "ddn" if you are on the
! # Defense Data Network (e.g. Arpanet or Milnet)
! #DMsmartuucp
! DMddn
!
! 7) Select the smarter relay to handle messages to unknown destinations.
! This MUST be selected on a per-site basis.
!
! At the University of Illinois *ONLY*
!
! # major relay host: use the $M mailer to send mail to other domains
! DRux1.cso.uiuc.edu
! CRux1.cso.uiuc.edu
!
! At the US Army CERL *ONLY*
!
! # major relay host: use the $M mailer to send mail to other domains
! DRmax.cecer.army.mil
! CRmax.cecer.army.mil
!
! 8) Configure your domain names. Replace the foo.bar.uiuc.edu names below
! with your host's FQDN.
!
! #################################################
! #
! # General configuration information
! ...
! # Example: (bogus examples, ignore)
! # DmCS.Podunk.EDU
! # Cm cs cs.Podunk.EDU
! Dwfoo.bar.uiuc.edu
! Dmfoo.bar.uiuc.edu
!
! 9) Change the ddn mailer rules in ruleset 0 according to the comments there.
! Ruleset 0 is labelled by a line containing only "S0". About 40 lines
! further down are the following rulesets.
!
! # Pass other valid names up the ladder to our forwarder
! #R$*<@$*.$=T>$* $#$M $@$R $:$1<@$2.$3>$4 user@domain.known
!
! # Replace following with above to only forward "known" top-level domains
! #R$*<@$*.$+>$* $#$M $@$R $:$1<@$2.$3>$4 user@any.domain
!
! # if you are on the DDN, then comment-out both of the the lines above
! # and use the following instead:
! R$*<@$*.$+>$* $#ddn $@ $2.$3 $:$1<@$2.$3>$4 user@any.domain
!
! Follow the comments and comment out the second rule that forwards
! only "known" domains and enable the following rule that uses the "ddn"
! mailer.
!
! Write the sendmail.cf file back out and leave the editor. Now test the
! changes by using sendmail in test mode.
!
! 10) Test address recognition. Invoke sendmail in address test mode:
!
! /usr/lib/sendmail -bt
!
! Run the following address forms through one at a time. The leading 0
! is the starting ruleset. Each address should resolve to "user" using
! the "local" mailer. Replace "foo" and "bar.uiuc.edu" with the name
! of your host and domain.
!
! 0 user
! 0 user@foo
! 0 user@foo.bar.uiuc.edu
!
! 11) Verify out-going addresses are correct. Use the -v option to Berkeley
! mail to check that the return addresses are correct. If -v doesn't
! work with your mailer, use sendmail direct.
!
! Mail -v nobody@ucbvax.berkeley.edu < /dev/null
! or
! /usr/lib/sendmail -v nobody@ucbvax.berkeley.edu < /dev/null
[ucbvax.berkeley.edu does no longer exist, try something else,
e.g., nobody@informatik.uni-kiel.de]
!
! 12) Fire up sendmail in daemon mode.
!
! /usr/lib/sendmail -bd -q1h
!
! 13) Test in-bound mail. From another host, verify that mail sent to a
! user that has no forwarding set up, either via /etc/aliases or
! .forward file, actually arrives. Telnet to the SMTP port and verify
! that the greeting message uses the fully qualified domain name.
!
! telnet foo.bar.uiuc.edu 25
!
! quit
! --



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:18 CDT