Just wanted to post what was actually going on in case someone else experiences the same issue... We had a local company implement a FreeBSD firewall system for us ages ago. The problem that I was experiencing with sendmail from virtual to virtual is due to ipfw / ipnat and how it handles connections from the internal interface. If a connection is initiated from an internal host destined for a different internal host (but the request is actually for an EXTERNAL address) ipfw will not pass through the data. The name servers on our network in this case are on the outside of the firewall and have no idea that the internal network even exists so when an nslookup on the inside or even a gethostbyname() system call is issued, the external IP is returned. The only solution I could come up with without moving the nameservers inside and doing split view dns was implementing an internal dns server with only information about hosts that are on the inside as the primary dns server for the vsd servers, secondary dns on both the internal dns and the vsd servers is the primary on the outside. Fun fun. Kludgy, cumbersome solution, but it works.
Rob On Fri, 2002-03-01 at 12:16, Rob Secrist wrote: > > I hadn't tried using sendmail test mode ( and at first wasn't sure to > how to get out of it either ;) When I'm on recipientdomain.com, and > invoke sendmail with the -bt switch it finds the mx for senderdomain.com > almost instantaneously. I can also /parse [EMAIL PROTECTED] > without error as well. But recipientdomain.com still returns mail from > the other vs with the message 451 4.1.8 Domain of sender address > [EMAIL PROTECTED] does not resolve > > > In regard to Decio's suggestions: > > > What messages? > > How much interfaces? > > Seems this problem is due to probing of network interfaces. Try an > > > option to disable loading of the extra network interfaces. > > Are you using sendmail? > > If so, try to put the parameters "O DontProbeInterfaces=true" in your > > /etc/sendmail.cf file. > > If cannot, try tcpdump, to see what interfaces are being used, and try > > route > > it in iptables/ipchains. > > > > My two cents, > > > > Decio A. Alves > > [EMAIL PROTECTED] > > The message that is pasted below in my initial e-mail is the exact > message that is in maillog on senderdomain.com > > There is one active interface in this machine. > > Yes, using sendmail (skel that was included with 1.4.10 cd-rom) > "0 DontProbeInterfaces=true" is listed in sendmail.cf > > > > On Fri, 2002-03-01 at 04:08, Tim Sellar wrote: > > You could try carrying out the lookup through sendmail itself as follows: > > > > # sendmail -bt > > ... > > > /mx servername > > > > You should see: > > > > getmxrr(servername) returns 1 value(s) > > mx.blah.blah > > > > If you don't get a response, it is failing to resolve. The problem may lie > > in the order Sendmail is looking things up - governed by ResolverOptions and > > ServiceSwitchFile... > > > > Tim > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]]On Behalf Of Rob Secrist > > > Sent: 28 February 2002 19:49 > > > To: [EMAIL PROTECTED] > > > Subject: Re: Mail issue > > > > > > > > > > > > Anyone have any ideas on this? I'm stuck =( > > > > > > Thanks, > > > Rob > > > > > > On Wed, 2002-02-27 at 16:58, Rob Secrist wrote: > > > > It seems that I'm having a mail problem when trying to send mail from a > > > > user on one virtual server to a user on a different virtual server. The > > > > exact error that pops up in the maillog is: > > > > > > > > > > > > Feb 27 17:15:04 senderdomain sendmail[27401]: RAA27399: > > > > to=<[EMAIL PROTECTED]>, ctladdr=<[EMAIL PROTECTED]> > > > > (1100/1100), delay=00:00:01, xdelay=00:00:00, mailer=esmtp, > > > > relay=recipientdomain.com. [xxx.xxx.xx.xxx], stat=Deferred: 451 4.1.8 > > > > Domain of sender address [EMAIL PROTECTED] does not resolve > > > > > > > > If I do an nslookup from either virtual server to the other, information > > > > is returned almost instantaneously. I can also do a dig mx domain.com > > > > from either to resolve the mx's for each domain. > > > > > > > > In looking at the sendmail.cf files, it looks like the > > > > feature(`accept_unresolvable_domains') was added in the .mc! I'm very > > > > confused at the moment.. I have no idea how long this issue has been in > > > > effect so don't know of anything that could have been done to make it > > > > happen. > > > > > > > > This is using a cd-rom installation of 1.4.10 > > > > > > > > One thing about our current setup. The hosting server / virtuals are > > > > inside a firewall. DNS is outside the firewall so could that be the > > > > issue? ie: inside the virtual server that is sending mail is > > > > 172.16.0.156 while the public address is xxx.xxx.xx.156 and is going > > > > through ipf / ipnat on a bsd firewall. The recipient server is > > > > 172.16.0.165 while public is xxx.xxx.xx.165... If this is indeed the > > > > problem, what might I do to resolve it? > > > > > > > > Upon considering that to be the issue, I added 172.16.0.156 > > > > senderdomain.com to the recipientdomain.com's hosts file to no avail... > > > > > > > > *at a loss* > > > > > > > > HELP! > > > > > > > > Thanks > > > > ^_^ > > > > Rob > > > > > > > > ------------------------- The freeVSD Support List > > > -------------------------- > > > > Subscribe: > > > mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support > > > > Unsubscribe: > > > mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support > > > > Archives: http://freevsd.org/support/mail-archives/freevsd-support > > > > > > > ------------------------------------------------------------------ > > > ----------- > > > > > > > > > > > > > ------------------------- The freeVSD Support List > > > -------------------------- > > > Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support > > > Unsubscribe: > > > mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support > > > Archives: http://freevsd.org/support/mail-archives/freevsd-support > > > ------------------------------------------------------------------ > > > ----------- > > > > ------------------------- The freeVSD Support List -------------------------- > > Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support > > Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support > > Archives: http://freevsd.org/support/mail-archives/freevsd-support > > ----------------------------------------------------------------------------- > > > > > ------------------------- The freeVSD Support List -------------------------- > Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support > Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support > Archives: http://freevsd.org/support/mail-archives/freevsd-support > ----------------------------------------------------------------------------- > ------------------------- The freeVSD Support List -------------------------- Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support Archives: http://freevsd.org/support/mail-archives/freevsd-support -----------------------------------------------------------------------------
