PHWinfo - Afficher un message - Problem with sendmail when using microsoft DNS forwarders

19/09/2006, 18h55

PoDd wrote:
> Hi all,
>
> I've been searching the net for days now trying to get an answer/fix to
> this problem.
> I have several FreeBSD servers running different versions from 4.11 to
> 6.1 with different versions of sendmail. (i have upgraded a couple to
> 8.13.8 to test the latest version hasnt fixed anything) They all have
> the following problem:
>
> Our LAN is on a private subnet, behind a NAT enabled firewall. the DNS
> servers on this subnet are MS Windows 2000 domain controllers, that are
> configured as forwarders to our public DNS servers (not on the local
> subnet). All servers on the LAN subnet use these servers without
> problem for name resolution.
>

Drop the forwarders. It gains you nothing but exposure to
vulnerabilities and external dependencies.

> However, I have root's messages aliases to my email account, and when
> the FreeBSD servers try and send mail to it, i get a "host name lookup
> failure" error message. AFTER it lists all the correct mailservers
> listed in the MX records of the domain my account is on.

use debugging flags to see what dns queries sendmail makes and what the
answers are.

>
> If i configure the boxes to query the public servers in resolv.conf and
> not the local ones, it works fine!
>

Drop the forwarders and see what happens.

> The public dns servers are authorititive for the domain my email
> account is on.
>
> Microsoft domain = domain.local
> BSD servers hostnames = bsd1.domain.net
> My email address = me@doamin.net

19/09/2006, 18h55	#2
jmaimon@ttec.com Messages: n/a Hébergeur:	Re: Problem with sendmail when using microsoft DNS forwarders PoDd wrote: > Hi all, > > I've been searching the net for days now trying to get an answer/fix to > this problem. > I have several FreeBSD servers running different versions from 4.11 to > 6.1 with different versions of sendmail. (i have upgraded a couple to > 8.13.8 to test the latest version hasnt fixed anything) They all have > the following problem: > > Our LAN is on a private subnet, behind a NAT enabled firewall. the DNS > servers on this subnet are MS Windows 2000 domain controllers, that are > configured as forwarders to our public DNS servers (not on the local > subnet). All servers on the LAN subnet use these servers without > problem for name resolution. > Drop the forwarders. It gains you nothing but exposure to vulnerabilities and external dependencies. > However, I have root's messages aliases to my email account, and when > the FreeBSD servers try and send mail to it, i get a "host name lookup > failure" error message. AFTER it lists all the correct mailservers > listed in the MX records of the domain my account is on. use debugging flags to see what dns queries sendmail makes and what the answers are. > > If i configure the boxes to query the public servers in resolv.conf and > not the local ones, it works fine! > Drop the forwarders and see what happens. > The public dns servers are authorititive for the domain my email > account is on. > > Microsoft domain = domain.local > BSD servers hostnames = bsd1.domain.net > My email address = me@doamin.net