relaying denied

Cowles, Steve steve at
Thu Jun 24 20:28:49 UTC 2004

olga at wrote:
> So for those entries (with higher and lower MX) in the DNS setup to
> work correctly, I would need to configure /etc/mail/relay-domains and
> /etc/mail/mailertable and setup mailboxes for the users on Y to allow
> mail to be picked up by the lower priority MX in case something is
> wrong with the primary MX, otherwise the lower priority entry of the
> MX record does not do anything -- is this correct?

Obscurity in posts = <Groan!>


If you indeed have two MX records for a single domain like...        1d      IN      MX 1        1d      IN      MX 2


1) Should have the physical mailboxes for all users in
2) The domain name "" should be listed in

1) Should not have any physical mailboxes for
2) Should have listed in /etc/mail/relay-domains
3) Should have the following entry in /etc/mail/mailertable:   esmtp:[]

NOTE: The brackets are required to stop sendmail from using DNS to look up
the MX records for final delivery. This would cause an MX loop without the

4) Should have a complete list of valid mailboxes for hosty so that if an
e-mail does come in for on hostsx, it can reject it instead of
sending a DSN back to a forged address. Thus clogging up your mail queue. I
do this using LDAP queries, but you could create a list of virtual users to

Repeat the above for each domain that you moved.

The above is just the minimum that is required to implement a backup MX
server. You would also need to configure both the primary/backup sendmails
to reject/accept/rbl inbound e-mail identically.

Steve Cowles

More information about the fedora-list mailing list