Solved

Sendmail - Can't receive.

Posted on 2000-02-19
9
161 Views
Last Modified: 2013-12-15
I have RH 6.1 with Sendmail, and using linuxconf. I have a permanent connection to the internet.  I can send mail out to any domain.  My domain is host.domain.name, I can send mail from the mail server at domain.name, and it works.  When I send a message from an outside domain it kicks back an error saying "Host name lookup failure".  This is the weird part, the smtp server from an outside domain will try and send the message for five days.  I will receive the message on about the second day.  Thank you in advance.
0
Comment
Question by:matt51
  • 5
  • 4
9 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2538328
Sounds like your system isn't in the dns tables for your domain (or there is no dns server for the domain). External systems that want to send mail are doing a lookup on the hostname and not finding an authoritative dns server that will return the IP of your system. Wanna tell us what the real FQDN for your machine is so we can see where the actual problem lies?
0
 

Author Comment

by:matt51
ID: 2538546
The main DNS server is msad71.net, which is an NT server.  My machine is minime.msad71.net.  I know DNS on msad71.net is working correctly because there is another linux box (slackware), redalert.msad71.net, that can send/receive mail, and it is set up the same way that my machine is set up on the main DNS server(msad71.net).  I hope this helps.  If you want to send a test message, there is a user: test@minime.msad71.net.
0
 

Author Comment

by:matt51
ID: 2538575
redalert.msad71.net is not currently working.  The owner is reinstalling linux on it.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2538611
It's not your box, it's the nameserver. I'm trying now to figure out what it's actually doing.
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 40

Expert Comment

by:jlevie
ID: 2538729
Well, one problem I can see off the bat is that inverse lookups don't work for the nameservers. Consider:

levie> nslookup NS2.msad71.NET
Server:  merlin.dynetics.com
Address:  192.168.0.1

Non-authoritative answer:
Name:    NS2.msad71.NET
Address:  169.244.150.3

levie> nslookup 169.244.150.3
Server:  merlin.dynetics.com
Address:  192.168.0.1

*** merlin.dynetics.com can't find 169.244.150.3: Non-existent host/domain
levie>

So a paranoid mail server won't be able to verify the servers via inverse lookup.

But that's not the problem. I've got a sniffer trace that shows the DNS query from sendmail going to 169.244.150.4, which returns an ICMP Port unreachable. That's clearly the wrong server IP as a check with the root servers shows:

levie> dig @d.root-servers.net msad71.net

; <<>> DiG 8.2 <<>> @d.root-servers.net msad71.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      msad71.net, type = A, class = IN

;; AUTHORITY SECTION:
msad71.net.             2D IN NS        NS1.msad71.net.
msad71.net.             2D IN NS        NS2.msad71.net.

;; ADDITIONAL SECTION:
NS1.msad71.net.         2D IN A         169.244.150.6
NS2.msad71.net.         2D IN A         169.244.150.3

;; Total query time: 164 msec
;; FROM: wilowisp.r1.dynetics.com to SERVER: d.root-servers.net  128.8.10.90
;; WHEN: Sat Feb 19 14:45:53 2000
;; MSG SIZE  sent: 28  rcvd: 96

Now since 169.244.150.4 is the IP of your system (minime.msad71.net) my suspicion is that it has advertized itself as being an authoritative nameserver for the domain. Either that or the NT domain servers are screwed up (which wouldn't be much of a surprise).
0
 

Author Comment

by:matt51
ID: 2538801
ns1.msad71.net is the primary DNS server for msad71.net, minime.msad71.net is a subdomain of msad71.net.  I am running DNS on my machine, which is most likely messed up I can post any config files to the internet if that would help.  Minime is a SOA.  I am almost certain that NT is working correctly because there were two linux machines running sendmail (one mine, the other was redalert), email for redalert worked correctly.  And the DNS settings on the NT machine are identical (obviously, except hostnames and IP’s).  Again, I thank you for helping.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 2538863
Okay, now it makes sense. From the question and comments it sounded like minime was a node withing the msad17.net domain, not a subdomain. So your FGDN for 169.244.150.4 is what? minime.minime.msad71.net? I don't think that "minime.msad71.net" can't be a node (that's what ns1.msad71.net says it is) and a subdomain (also what ns1.msad71.net says it is) at the same time. That's what makes me wonder if it's been properly delegated.

At any rate, the big problem is that there isn't a named running at 169.244.150.4 that will respond to querys on TCP port 53 from the outside. That's the reason I get the ICMP port unreachable.
0
 

Author Comment

by:matt51
ID: 2538971
jlevie,

Thank you for all your help.  I appreciate the time you took to answer my question.  With the combination of your thoughts, and my tinkering with the settings, I finally was able to receive email.  Thank you again.  
0
 

Author Comment

by:matt51
ID: 2538972
See my last comment.  Thank you again.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this tutorial I will explain how to make squid prevent malwares in five easy steps: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now