More about sendmail sending to local machine
I'm beginning to think this is impossible! :-) I've been doing some Google searching about the file local-host-names, one hit suggested trying the following to see what sendmail views as local domains:- echo '$=w' | sendmail -bt ... and what does it return .... ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> > home home.isbd.net localhost [192.168.1.1] isbd.net Which certainly looks as if sendmail thinks that home.isbd.net is the local machine. However when I tried using 'mail' to send a message from root to chris@home.isbd.net (I used 'mail' to ensure little else was involved) it *still* tries to send it out to the outside world. The entries in maillog are:- Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: from=root, size=64, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, relay=root@localhost Nov 11 11:38:20 home sendmail[7884]: lABBcKac007884: from=<root@home.isbd.net>, size=354, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: to=chris@home.isbd.net, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30064, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (lABBcKac007884 Message accepted for delivery) Nov 11 11:40:20 home sendmail[7886]: lABBcKac007884: to=<chris@84-45-228-40.no-dns-yet.enta.net>, delay=00:02:00, xdelay=00:02:00, mailer=esmtp, pri=120354, relay=84-45-228-40.no-dns-yet.enta.net. [84.45.228.40], dsn=4.0.0, stat=Deferred: Connection timed out with 84-45-228-40.no-dns-yet.enta.net. -- Chris Green
On Sun, Nov 11, 2007 at 11:46:04AM +0000, Chris G wrote:
I'm beginning to think this is impossible! :-) ... Which certainly looks as if sendmail thinks that home.isbd.net is the local machine. However when I tried using 'mail' to send a message from root to chris@home.isbd.net (I used 'mail' to ensure little else was involved) it *still* tries to send it out to the outside world.
The entries in maillog are:-
Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: from=root, size=64, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, relay=root@localhost Nov 11 11:38:20 home sendmail[7884]: lABBcKac007884: from=<root@home.isbd.net>, size=354, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: to=chris@home.isbd.net, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30064, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (lABBcKac007884 Message accepted for delivery) Nov 11 11:40:20 home sendmail[7886]: lABBcKac007884: to=<chris@84-45-228-40.no-dns-yet.enta.net>, delay=00:02:00, xdelay=00:02:00, mailer=esmtp, pri=120354, relay=84-45-228-40.no-dns-yet.enta.net. [84.45.228.40], dsn=4.0.0, stat=Deferred: Connection timed out with 84-45-228-40.no-dns-yet.enta.net.
Looks like sendmail is finding the CNAME and rewriting the address. You shouldn't use a CNAME for a host that you want to receive mail. I suggest you try changing it to an A record instead. See, for example, RFC1123 Section 5.2.2 J. -- Are you happy with your wash? | .''`. Debian GNU/Linux Developer | : :' : Happy to accept PGP signed | `. `' or encrypted mail - RSA + | `- DSA keys on the keyservers.
On Sun, Nov 11, 2007 at 09:44:25AM -0800, Jonathan McDowell wrote:
On Sun, Nov 11, 2007 at 11:46:04AM +0000, Chris G wrote:
I'm beginning to think this is impossible! :-) ... Which certainly looks as if sendmail thinks that home.isbd.net is the local machine. However when I tried using 'mail' to send a message from root to chris@home.isbd.net (I used 'mail' to ensure little else was involved) it *still* tries to send it out to the outside world.
The entries in maillog are:-
Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: from=root, size=64, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, relay=root@localhost Nov 11 11:38:20 home sendmail[7884]: lABBcKac007884: from=<root@home.isbd.net>, size=354, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: to=chris@home.isbd.net, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30064, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (lABBcKac007884 Message accepted for delivery) Nov 11 11:40:20 home sendmail[7886]: lABBcKac007884: to=<chris@84-45-228-40.no-dns-yet.enta.net>, delay=00:02:00, xdelay=00:02:00, mailer=esmtp, pri=120354, relay=84-45-228-40.no-dns-yet.enta.net. [84.45.228.40], dsn=4.0.0, stat=Deferred: Connection timed out with 84-45-228-40.no-dns-yet.enta.net.
Looks like sendmail is finding the CNAME and rewriting the address. You shouldn't use a CNAME for a host that you want to receive mail. I suggest you try changing it to an A record instead. See, for example, RFC1123 Section 5.2.2
The CNAME is on the isbd.net host, somewhere in London (or wherever), the sendmail in question is running on my desktop Fedora box at home. I simply want to tell this sendmail how to send local mail, surely once sendmail knows that it's sending to 'this' machine it shouldn't even bother with what it can see elsewhere. Anyway, as I said, I now have a solution. For whatever reason sendmail thinks isbd.net is 'this' machine, so mail sent to chris@isbd.net gets directly to me here. So sendmail *can* deliver locally, I don't understand where it gets isbd.net from as the local machine though. I appreciate that A records and MX records are needed if you want to do full blown mail handling but all I wanted was to get mail for root on this machine to arrive in my local mailbox. No other mail goes in or out of this machine, I don't use it for mail at all. (By 'this' machine I mean my desktop machine, I'm sending this E-Mail using an ssh connection to a remote machine - where the 'real' isbd.net is hosted). -- Chris Green
On Sun, Nov 11, 2007 at 06:10:01PM +0000, Chris G wrote:
I appreciate that A records and MX records are needed if you want to do full blown mail handling but all I wanted was to get mail for root on this machine to arrive in my local mailbox. No other mail goes in or out of this machine, I don't use it for mail at all.
I don't actually think you managed to read and understand my message fully, but given that you've found a workaround there doesn't seem to be a lot of point trying to explain it again. J. -- Programmer, | Ok ramblers, let's get rambling. | Tel/SMS: sysadmin & | | +423-663-212343 BHMF. | | Made by HuggieTag
On Sun, Nov 11, 2007 at 10:25:41AM -0800, Jonathan McDowell wrote:
On Sun, Nov 11, 2007 at 06:10:01PM +0000, Chris G wrote:
I appreciate that A records and MX records are needed if you want to do full blown mail handling but all I wanted was to get mail for root on this machine to arrive in my local mailbox. No other mail goes in or out of this machine, I don't use it for mail at all.
I don't actually think you managed to read and understand my message fully, but given that you've found a workaround there doesn't seem to be a lot of point trying to explain it again.
I think I did understand your message though I may be wrong of course.
From where I'm looking it feels like you haven't understood what I was saying! :-)
-- Chris Green
Ive been fighting with a similar problem and on my travels I came across a setting which may point you in the right direction A cat of my sendmail.cf returns the following ##### $Id: always_add_domain.m4,v 8.11 2000/09/12 22:00:53 ca Exp $ ##### Which is what I want but you not need this Mike Eddington -----Original Message----- From: main-bounces@lists.alug.org.uk [mailto:main-bounces@lists.alug.org.uk] On Behalf Of Chris G Sent: 11 November 2007 18:10 To: main@lists.alug.org.uk Subject: Re: [ALUG] More about sendmail sending to local machine On Sun, Nov 11, 2007 at 09:44:25AM -0800, Jonathan McDowell wrote:
On Sun, Nov 11, 2007 at 11:46:04AM +0000, Chris G wrote:
I'm beginning to think this is impossible! :-) ... Which certainly looks as if sendmail thinks that home.isbd.net is the local machine. However when I tried using 'mail' to send a message from root to chris@home.isbd.net (I used 'mail' to ensure little else was involved) it *still* tries to send it out to the outside world.
The entries in maillog are:-
Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: from=root, size=64, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, relay=root@localhost Nov 11 11:38:20 home sendmail[7884]: lABBcKac007884: from=<root@home.isbd.net>, size=354, class=0, nrcpts=1, msgid=<200711111138.lABBcJ9h007883@home.isbd.net>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] Nov 11 11:38:20 home sendmail[7883]: lABBcJ9h007883: to=chris@home.isbd.net, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30064, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (lABBcKac007884 Message accepted for delivery) Nov 11 11:40:20 home sendmail[7886]: lABBcKac007884: to=<chris@84-45-228-40.no-dns-yet.enta.net>, delay=00:02:00, xdelay=00:02:00, mailer=esmtp, pri=120354, relay=84-45-228-40.no-dns-yet.enta.net. [84.45.228.40], dsn=4.0.0, stat=Deferred: Connection timed out with 84-45-228-40.no-dns-yet.enta.net.
Looks like sendmail is finding the CNAME and rewriting the address. You shouldn't use a CNAME for a host that you want to receive mail. I suggest you try changing it to an A record instead. See, for example, RFC1123 Section 5.2.2
The CNAME is on the isbd.net host, somewhere in London (or wherever), the sendmail in question is running on my desktop Fedora box at home. I simply want to tell this sendmail how to send local mail, surely once sendmail knows that it's sending to 'this' machine it shouldn't even bother with what it can see elsewhere. Anyway, as I said, I now have a solution. For whatever reason sendmail thinks isbd.net is 'this' machine, so mail sent to chris@isbd.net gets directly to me here. So sendmail *can* deliver locally, I don't understand where it gets isbd.net from as the local machine though. I appreciate that A records and MX records are needed if you want to do full blown mail handling but all I wanted was to get mail for root on this machine to arrive in my local mailbox. No other mail goes in or out of this machine, I don't use it for mail at all. (By 'this' machine I mean my desktop machine, I'm sending this E-Mail using an ssh connection to a remote machine - where the 'real' isbd.net is hosted). -- Chris Green _______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
Jonathan McDowell wrote:
You shouldn't use a CNAME for a host that you want to receive mail. I suggest you try changing it to an A record instead.
To quote RFC1123 section 5.2.2: The domain names that a Sender-SMTP sends in MAIL and RCPT commands MUST have been "canonicalized," i.e., they must be fully-qualified principal names or domain literals, not nicknames or domain abbreviations. A canonicalized name either identifies a host directly or is an MX name; it cannot be a CNAME. Can someone explain why this restriction exists (or point to a good resource)? Regards, -- Chris Lamb, UK chris@chris-lamb.co.uk GPG: 0x634F9A20
On Mon, Nov 12, 2007 at 04:19:59PM +0000, Chris Lamb wrote:
Jonathan McDowell wrote:
You shouldn't use a CNAME for a host that you want to receive mail. I suggest you try changing it to an A record instead.
To quote RFC1123 section 5.2.2:
The domain names that a Sender-SMTP sends in MAIL and RCPT commands MUST have been "canonicalized," i.e., they must be fully-qualified principal names or domain literals, not nicknames or domain abbreviations. A canonicalized name either identifies a host directly or is an MX name; it cannot be a CNAME.
Can someone explain why this restriction exists (or point to a good resource)?
Pass. However it does crop up fairly often; at one point lists.alug.org.uk was a CNAME and got bitten by several list members mail servers doing a rewrite to the CNAME. J. -- I'd love to but... I'm being deported. This .sig brought to you by the letter Z and the number 22 Product of the Republic of HuggieTag
participants (4)
-
Chris G -
Chris Lamb -
Jonathan McDowell -
mike eddington (TOC)