On Fri, 16 Feb 2001, Jerry Winegarden wrote:
> stock sendmail from RH 7.0 (sendmail-8.11.0-0), behind IPchains
> firewall with ipmasqadm portfw for port 25.
>
> watching the conversation of an attempted mail delivery from a box
> outside the firewall, I notice that the portforward is working
> (sendmail not running on the ipchains box, and the EHLO conversion
> between the boxes takes place.
>
> Goes thru IDENT: ... pleased to meet you...
> ... Sender ok
> 250-ENHANCEDSTATUSCODES and so forth on down
>
> and then
>
> >>>RCTP To:<[EMAIL PROTECTED]>
> 550 5.7.1 <[EMAIL PROTECTED]>... Relaying denied
> >>>RSET
>
> Now, the hostname of the sendmail server is NOT foo.duke.edu.
> That is the name of the firewall box.
>
I bet foo.duke.edu is what the remote mail server got when it did a
reverse DNS on the IP you were connecting from. Remember, with a
masqarading firewall, all connections to the Internet apeare to be from
the firewall.
>
> What most likely needs to be changed in sendmail.cf to satisfy it?
> Why does it think that it needs to relay? Most likey that I need to make
> some actual changes in sendmail.cf?
>
If the real hostname of your mail server doesn't resolve to the IP of
your firewall, then change the .Dj entry in sendmail.cf to
Djfoo.duke.edu
Then your mail server will identify itself as your firewall, and the
remote mail server will be happy.
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
