Sendmail mystery

[David Bandel]

On 2/20/07, Stuart Biggerstaff <biggers at lindahall.org> wrote:
> We just moved our mail from a server in our DMZ to a new one which is
> internal with some NAT rules.  Mostly everything is working, but we have
> some automated e-mail (a couple of web forms, and sending copies of
> logs) being sent from two web servers to accounts on the mail server,
> and that sort of fails.
>
> The old mail server was providing DNS for things in our DMZ, and we have
> moved that to our main web server.  After a lot of editing of
> configuration files and changing rules on our firewall, sending mail
> from the web servers works, after a fashion.  That is, it queues to be
> sent, and when we flush the queue they go.  Maillog shows the messages
> deferred because Sendmail was receiving a host name lookup failure--when
> accessing the new mail server for DNS.
>
> Our initial configuration used the old mail server for DNS, while the
> new one is supposed to use the web server itself.  The only place I have
> entered the name or IP of the new mail server is in /etc/hosts and in
> the configs for BIND, but nowhere as a name server.
>
> Anyone have a suggestion where to start looking?
>

Stuart,

Your problem is that mail servers query DNS for an MX address.  In
case you hadn't noticed, /etc/hosts only provides the equivalent of an
A RR (or AAAA RR in case of IPv6), but not an MX RR.  You need to
provide a DNS entry with an appropriate (prioritized) MX RR.  Until
then, you will have problems.

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
            - Nemesis Air Racing Team motto