relaying denied

olga at urbantimes.net olga at urbantimes.net
Thu Jun 24 20:47:36 UTC 2004


Ok, so here's what I understood. Please bear with me... I am new to this..

> Obscurity in posts = <Groan!>
>
> Olga,
>
> If you indeed have two MX records for a single domain like...
>
> mydomain.com        1d      IN      MX 1    hosty.mydomain.com.
> mydomain.com        1d      IN      MX 2    hostx.mydomain.com.

This is indeed what I have right now.
>
> Then...
>
> Hosty:
> 1) Should have the physical mailboxes for all users in mydomain.com
> 2) The domain name "mydomain.com" should be listed in
> /etc/mail/local-host-names.
>
Yes, all of the domains on Y are listed in /etc/mail/local-host-names and
the mailboxes are there.

> Hostx:
> 1) Should not have any physical mailboxes for mydomain.com.
> 2) Should have mydomain.com listed in /etc/mail/relay-domains
> 3) Should have the following entry in /etc/mail/mailertable:
>      mydomain.com   esmtp:[hosty.mydomain.com]
>
> NOTE: The brackets are required to stop sendmail from using DNS to look up
> the MX records for final delivery. This would cause an MX loop without the
> brackets.
>

1. - no physical mailboxes are present on X for domains on Y.
2 & 3 -- Will need to setup /etc/mail/relay-domains and
/etc/mail/mailertable.

> 4) Should have a complete list of valid mailboxes for hosty so that if an
> e-mail does come in for mydomain.com on hostsx, it can reject it instead
> of
> sending a DSN back to a forged address. Thus clogging up your mail queue.
> I
> do this using LDAP queries, but you could create a list of virtual users
> to
> compensate.
>

Are these valid mailboxes set up in /var/spool/mail ?

> Repeat the above for each domain that you moved.
>
> The above is just the minimum that is required to implement a backup MX
> server. You would also need to configure both the primary/backup sendmails
> to reject/accept/rbl inbound e-mail identically.
>
This part I will have to learn as well.
Thank you for detailed explanations. This helps a lot.
Olga

> Steve Cowles
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>





More information about the fedora-list mailing list