Mike Gerber writes:
> I have the following problem:
>
> A LAN is connected to a qmail-Server which is connected to Cisco
> Router. Now, when a local client (WinNT, Outlook97/98) gets mail
> via POP3 from the qmail-Server, the Cisco dials up. I would like to
> stop these unnecessary Dial-Ups.
>
> Am I right that qmail-pop3d gets the hostnames of the clients
> (which do not have any)? And that because of this, the line goes
> up? (Can't get the host that actually causes the dialup (via
> tcpdump), because the clients are masqueraded behind the server)
> How can this be solved?
DNS Lookups
Qmail accesses the DNS at only two points in its operation. First,
under tcpserver, and second, in qmail-remote. This may be contrasted
to sendmail, which does DNS lookups whenever it turns around. I'm
going to presume that you're running tcpserver, since use of inetd and
tcp_wrappers by qmail is deprecated.
Whenever you access a server hosted by tcpserver, tcpserver attempts
to set several environment variables. Two of these, TCPREMOTEHOST and
TCPLOCALHOST, are set to the reverse DNS entry for the remote and
local IP address. Another, TCPREMOTEINFO is set to the informatino
that an ident query returns. Both of these queries can be turned off
using -llocal, -H, and -R respectively. If you do this, then
qmail-smtpd cannot report the hostname in the Received: headers it
inserts.
Of course, if the server you're running doesn't bother to examine
these variables, then there's no point in setting them, eh? So you
may as well run qmail-popup/qmail-pop3d with all of ``-llocalhost -H
-R', since the information they retrieve is never used (grep for TCP
in qmail-pop*.c to verify this).
The other place where qmail accesses the DNS is in qmail-remote.
qmail-remote accesses the DNS to get the CNAME of the remote host (if
any), and the appropriate IP of the remote host. This latter would be
the IP address unless there's an MX record. The MX records are lined
up and attempted in priority order. Priorities at the same level are
randomized.
If you want qmail-remote to not access the DNS, you have to give it
delivery instructions through control/smtproutes entries. Obviously
this doesn't scale; it's only usable for overriding all or small
subsets of the DNS. If you want qmail to use a smarthost, you can
override the entire DNS (and thereby causing qmail not to issue any
DNS queries for remote deliveries) with a wildcard smtproutes entry:
:smarthost.example.com
Or, if you are trying to send mail to someone with a squirrelly SMTP
server (e.g. avian.org's highest-priority MX), you might want to
override the DNS with an smtproute:
avian.org:thinkbank.com
This causes the DNS to be ignored, and thinkbank.com tried first.
While we're on the subject of smtproutes, I'll mention that you can
give another colon-separated parameter in an smtproute, the port
number to connect to. If you want to direct your SMTP client to a
port other than 25, the SMTP port, you can insert an smtproute which
points to that port. You might need to do this if you're using a
smarthost, and you need to connect to a special port on the smarthost
to enable it to relay. Such a line might look like this:
:smarthost.example.com:25252
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
