relaying denied

Cowles, Steve steve at stevecowles.com
Wed Jun 23 22:15:34 UTC 2004


olga at urbantimes.net wrote:
> Alexander,
> 
> It's not that I was complaining (which I am NOT); I just wanted to
> understand why it is going on and whether Sendmail on both servers
> works like it is supposed to.
> Thank you for your explanation. I would prefer not to send the real
> ips/domain names if I could. What was strange to me is that I do not
> get such 'relaying denied' messages for other domains -- only for
> those that are on Y as far as I can tell.
> 
> Olga

Are you sure that server X (your backup MX as I understand your post) is
configured to allow relaying for all your domains listed on server Y? In
other words - if server Y has 3 domains listed for local delivery
(/etc/mail/local-host-names), then server X (your backup MX) would not list
these domains as local, but rather list them as domains accepted for
relaying to the primary MX when spammers deliberately connect to the backup
MX first. 

Example: On server X (your backup MX)

# cat /etc/mail/local-host-names

# cat /etc/mail/relay-domains
Domain1.com
Domain2.com
Domain3.com

# cat /etc/mail/mailertable
Domain1.com	esmtp:[primary_mx.mydomain1.com]
Domain2.com	esmtp:[primary_mx.mydomain2.com]
Domain3.com	esmtp:[primary_mx.mydomain3.com]

FWIW: Running a backup MX introduces a whole set of new problems. The main
one being keeping the backup MX's configuration regarding what is
accetped/rejected/relayed/rbl's identical to that of the primary MX. In
addition, the backup MX must be bale to lookup (like with LDAP) or contain a
list of valid mailboxes on the primary MX so that, it too, can reject
attempts to deliver e-mail to unknown accounts instead of generating a DSN
back to a non-existant account. Thus clogging up your queues.

Steve Cowles





More information about the fedora-list mailing list