SEO

#1 (**permalink**) 02-16-2008, 05:22 AM

Hi folks,
I hope this one is easy for any one of you, its got me stumped.
I've been collapsing most of my DMZ into a multihomed server.
I still have separate servers for mail relay and mail hub, but I am
finding that for mail originating internally, and destined to another
internal recipient with a generic email address, the relay sendmail is
not translating the generic emails into the hub email address, and the
mails get stuck in the relay's spool directory with a "hostname lookup
failure" from the hub.
The multihomed server is also using split-horizon dns for routable
external and non-routable internal domain addresses; could it be that
that's the cause of the problem?

MK

#2 (**permalink**) 02-16-2008, 05:22 AM

MK wrote:

> Hi folks,
> I hope this one is easy for any one of you, its got me stumped.
> I've been collapsing most of my DMZ into a multihomed server.
> I still have separate servers for mail relay and mail hub, but I am
> finding that for mail originating internally, and destined to another
> internal recipient with a generic email address, the relay sendmail is
> not translating the generic emails into the hub email address, and the
> mails get stuck in the relay's spool directory with a "hostname lookup
> failure" from the hub.
> The multihomed server is also using split-horizon dns for routable
> external and non-routable internal domain addresses; could it be that
> that's the cause of the problem?

To me that is a likely cause of errors. How would the relay know that
these users are internal recipients?

EJ
--
Remove the obvious part (including the dot) for my email address.
http://www.vanwesten.net for examples of ipf and pf.

#3 (**permalink**) 02-16-2008, 05:22 AM

erik wrote:

> MK wrote:
>
> > Hi folks,
> > I hope this one is easy for any one of you, its got me stumped.
> > I've been collapsing most of my DMZ into a multihomed server.
> > I still have separate servers for mail relay and mail hub, but I am
> > finding that for mail originating internally, and destined to another
> > internal recipient with a generic email address, the relay sendmail is
> > not translating the generic emails into the hub email address, and the
> > mails get stuck in the relay's spool directory with a "hostname lookup
> > failure" from the hub.
> > The multihomed server is also using split-horizon dns for routable
> > external and non-routable internal domain addresses; could it be that
> > that's the cause of the problem?
>
> To me that is a likely cause of errors. How would the relay know that
> these users are internal recipients?
>

Could have been the case. I stopped natting outbounds through the principal
interface and the symptom has improved from 'chronic' to 'endemic', instead
of all failing and I having to retouch q-files, now they fail only
sometimes, and the spool clears by itself when I reset sendmail. I suspect
if I upgrade to the latest version and arp patch the problem could go away
altogether.

But 3.5's round the corner. I better report my 3.4 SCSI 'symptoms' B4 end
of March.

MK

#4 (**permalink**) 02-16-2008, 05:22 AM

mkhomo wrote:

> erik wrote:
>
> > MK wrote:
> >
> > > Hi folks,
> > > I hope this one is easy for any one of you, its got me stumped.
> > > I've been collapsing most of my DMZ into a multihomed server.
> > > I still have separate servers for mail relay and mail hub, but I am
> > > finding that for mail originating internally, and destined to another
> > > internal recipient with a generic email address, the relay sendmail is
> > > not translating the generic emails into the hub email address, and the
> > > mails get stuck in the relay's spool directory with a "hostname lookup
> > > failure" from the hub.
> > > The multihomed server is also using split-horizon dns for routable
> > > external and non-routable internal domain addresses; could it be that
> > > that's the cause of the problem?
> >
> > To me that is a likely cause of errors. How would the relay know that
> > these users are internal recipients?
> >
>
> Could have been the case. I stopped natting outbounds through the principal
> interface and the symptom has improved from 'chronic' to 'endemic', instead
> of all failing and I having to retouch q-files, now they fail only
> sometimes, and the spool clears by itself when I reset sendmail. I suspect
> if I upgrade to the latest version and arp patch the problem could go away
> altogether.
>

I take back this arp theory (see my arp warnings thread). But my jury is still
out on my concurrence with eric, it'll take some time to verify the apparent
work-around. Moreover my ng spammers are awfully quiet; makes me nervous...
Where are you guys? Work with me

>
> But 3.5's round the corner. I better report my 3.4 SCSI 'symptoms' B4 end
> of March.

I better get on with this. The Onstream SCSI tape behaves much better in
386/3.4 than 386/3.3, but still generates errors.

>
>
> MK

#5 (**permalink**) 02-16-2008, 05:22 AM

mkhomo wrote:

> ...Moreover my ng spammers are awfully quiet; makes me nervous...
> Where are you guys? Work with me

>

Only 13 new spam sources from this whole wild web?
I wanna buy all your stuff(s) Come on agents, (as he palm flaps a menacing
invitation).

Sell me your enlargers, invigorators, herbs & spices, medicines, lotto numbers,
....I want to buy it all, Now!

MK
PS Sorry folks this is a live test.

#6 (**permalink**) 02-16-2008, 05:23 AM

mkhomo wrote:

> mkhomo wrote:
>
>> ...Moreover my ng spammers are awfully quiet; makes me nervous...
>> Where are you guys? Work with me

>>
>
> Only 13 new spam sources from this whole wild web?
> I wanna buy all your stuff(s) Come on agents, (as he palm flaps a
> menacing invitation).
>
> Sell me your enlargers, invigorators, herbs & spices, medicines,
> lotto numbers, ...I want to buy it all, Now!
>
> MK
> PS Sorry folks this is a live test.

I have some 3100 spammails on stock for feeding spamassassin.
Interested? :-)

EJ
--
Remove the obvious part (including the dot) for my email address.
http://www.vanwesten.net for examples of ipf and pf.

#7 (**permalink**) 02-16-2008, 05:23 AM

erik wrote:
....

> I have some 3100 spammails on stock for feeding spamassassin.
> Interested? :-)
>
> EJ

Guess Not.
More interesting from fresh open relays and 'mules', but I already have
8700 private access entries and counting....

Turning back to the subject, I'm finding all sorts of failed wiring
(which may have started my 'arp' symptoms). I wish I knew the lifespan
of twisted pair or of its corrosion of contacts. I have wiring that's a
good 10yrs in service, and am finding new surprises every day as I
restructure the network.

MK

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

SEO

Sendmail Masquerading on Multihomed mail Relay