Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 177
  • Last Modified:

Sendmail - Can't receive.

I have RH 6.1 with Sendmail, and using linuxconf. I have a permanent connection to the internet.  I can send mail out to any domain.  My domain is host.domain.name, I can send mail from the mail server at domain.name, and it works.  When I send a message from an outside domain it kicks back an error saying "Host name lookup failure".  This is the weird part, the smtp server from an outside domain will try and send the message for five days.  I will receive the message on about the second day.  Thank you in advance.
0
matt51
Asked:
matt51
  • 5
  • 4
1 Solution
 
jlevieCommented:
Sounds like your system isn't in the dns tables for your domain (or there is no dns server for the domain). External systems that want to send mail are doing a lookup on the hostname and not finding an authoritative dns server that will return the IP of your system. Wanna tell us what the real FQDN for your machine is so we can see where the actual problem lies?
0
 
matt51Author Commented:
The main DNS server is msad71.net, which is an NT server.  My machine is minime.msad71.net.  I know DNS on msad71.net is working correctly because there is another linux box (slackware), redalert.msad71.net, that can send/receive mail, and it is set up the same way that my machine is set up on the main DNS server(msad71.net).  I hope this helps.  If you want to send a test message, there is a user: test@minime.msad71.net.
0
 
matt51Author Commented:
redalert.msad71.net is not currently working.  The owner is reinstalling linux on it.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jlevieCommented:
It's not your box, it's the nameserver. I'm trying now to figure out what it's actually doing.
0
 
jlevieCommented:
Well, one problem I can see off the bat is that inverse lookups don't work for the nameservers. Consider:

levie> nslookup NS2.msad71.NET
Server:  merlin.dynetics.com
Address:  192.168.0.1

Non-authoritative answer:
Name:    NS2.msad71.NET
Address:  169.244.150.3

levie> nslookup 169.244.150.3
Server:  merlin.dynetics.com
Address:  192.168.0.1

*** merlin.dynetics.com can't find 169.244.150.3: Non-existent host/domain
levie>

So a paranoid mail server won't be able to verify the servers via inverse lookup.

But that's not the problem. I've got a sniffer trace that shows the DNS query from sendmail going to 169.244.150.4, which returns an ICMP Port unreachable. That's clearly the wrong server IP as a check with the root servers shows:

levie> dig @d.root-servers.net msad71.net

; <<>> DiG 8.2 <<>> @d.root-servers.net msad71.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      msad71.net, type = A, class = IN

;; AUTHORITY SECTION:
msad71.net.             2D IN NS        NS1.msad71.net.
msad71.net.             2D IN NS        NS2.msad71.net.

;; ADDITIONAL SECTION:
NS1.msad71.net.         2D IN A         169.244.150.6
NS2.msad71.net.         2D IN A         169.244.150.3

;; Total query time: 164 msec
;; FROM: wilowisp.r1.dynetics.com to SERVER: d.root-servers.net  128.8.10.90
;; WHEN: Sat Feb 19 14:45:53 2000
;; MSG SIZE  sent: 28  rcvd: 96

Now since 169.244.150.4 is the IP of your system (minime.msad71.net) my suspicion is that it has advertized itself as being an authoritative nameserver for the domain. Either that or the NT domain servers are screwed up (which wouldn't be much of a surprise).
0
 
matt51Author Commented:
ns1.msad71.net is the primary DNS server for msad71.net, minime.msad71.net is a subdomain of msad71.net.  I am running DNS on my machine, which is most likely messed up I can post any config files to the internet if that would help.  Minime is a SOA.  I am almost certain that NT is working correctly because there were two linux machines running sendmail (one mine, the other was redalert), email for redalert worked correctly.  And the DNS settings on the NT machine are identical (obviously, except hostnames and IP’s).  Again, I thank you for helping.
0
 
jlevieCommented:
Okay, now it makes sense. From the question and comments it sounded like minime was a node withing the msad17.net domain, not a subdomain. So your FGDN for 169.244.150.4 is what? minime.minime.msad71.net? I don't think that "minime.msad71.net" can't be a node (that's what ns1.msad71.net says it is) and a subdomain (also what ns1.msad71.net says it is) at the same time. That's what makes me wonder if it's been properly delegated.

At any rate, the big problem is that there isn't a named running at 169.244.150.4 that will respond to querys on TCP port 53 from the outside. That's the reason I get the ICMP port unreachable.
0
 
matt51Author Commented:
jlevie,

Thank you for all your help.  I appreciate the time you took to answer my question.  With the combination of your thoughts, and my tinkering with the settings, I finally was able to receive email.  Thank you again.  
0
 
matt51Author Commented:
See my last comment.  Thank you again.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now