Solved

RH6.2 and sendmail wierdness.

Posted on 2000-04-28
17
229 Views
Last Modified: 2010-03-18
Friend of mine is trying to get a RH6.2 up and running as a mailserver. owever, when trying to config senmail, it only shows

[ ] Accept email for (null)

Instead of showing the domain the system is in, so what might be up here?
0
Comment
Question by:j2
  • 11
  • 6
17 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2762402
It sound like the classic RH wierdness when the network gets configured at install time. I suspect that the hosts file might look something like:

127.0.0.1  some-node.some-dom.dom some-node localhost.localdomain localhost

when it should be:

127.0.0.1    localhost.localdomain localhost
123.1.2.3    some-name.some-dom.dom some-node

Also I'd should check to see that resolv.conf looks like:

domain some-dom.dom
nameserver 1.2.3.4

RH likes to not put the "domain" keyword in and use "search" instead, which isn't exactly the same thing.
0
 
LVL 12

Author Comment

by:j2
ID: 2762423
[root@gatekeeper /root]# cat /etc/hosts
127.0.0.1       localhost.localdomain   localhost
212.181.63.22   gatekeeper.harrydaslap.se        gatekeeper
192.168.0.254   gw0.harrydaslap.se      gw0
192.168.1.254   gw1.harrydaslap.se      gw1
192.168.2.254   gw2.harrydaslap.se      gw2
[root@gatekeeper /root]#

[root@gatekeeper /root]# cat /etc/resolv.conf
search harrydaslap.se
nameserver 212.181.63.22
nameserver 10.0.0.2
[root@gatekeeper /root]#

[root@gatekeeper /root]# cat /var/named/harrydaslap.se
@               IN      SOA     gatekeeper.harrydaslap.se.      hostmaster.gatekeeper.harrydaslap.se. (
                        2000042801 ; serial
                        3600 ; refresh
                        900 ; retry
                        1209600 ; expire
                        43200 ; default_ttl
                        )
mail            IN      CNAME   gatekeeper.harrydaslap.se.
@               IN      MX      5       gatekeeper.harrydaslap.se.
@               IN      NS      gatekeeper.harrydaslap.se.
gatekeeper              IN      A       212.181.63.22
gw0             IN      A       192.168.0.254
gw1             IN      A       192.168.1.254
gw2             IN      A       192.168.2.254
www             IN      CNAME   gatekeeper.harrydaslap.se.
[root@gatekeeper /root]#


Anything else, feel free to ask. :)

0
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 2762498
Okay, so it's not going to be that simple, I should have known given who posed the question...

One problem that's not necessarily connected is that your nameserver isn't yet registered in the root servers. I see:

levie> nslookup -query=ns harrydaslap.se.
Server:  merlin.dynetics.com
Address:  192.168.0.1

Non-authoritative answer:
harrydaslap.se  nameserver = web1.millenicumweb.com
harrydaslap.se  nameserver = web2.millenicumweb.com

Authoritative answers can be found from:
web1.millenicumweb.com  internet address = 207.235.5.125
web2.millenicumweb.com  internet address = 207.235.5.190

The DNS seems to be working correctly if I explictly point to your server I get vaild responses for both forward & reverse lookups.

Also, sendmail has correctly figured out what the FQDN of the system is as evidenced by:

levie> telnet 212.181.63.22 25
Trying 212.181.63.22...
Connected to 212.181.63.22.
Escape character is '^]'.
220 gatekeeper.harrydaslap.se ESMTP Sendmail 8.9.3/8.9.3; Sat, 29 Apr 2000 20:40:48 +0200

Unfortunately I can't send an email to the system to see what would happen because of the nameserver registration issue.

What does either the Cw line in sendmail.cf or the sendmail.cw have in it?
0
 
LVL 12

Author Comment

by:j2
ID: 2762536
[root@gatekeeper /root]# grep Cw /etc/sendmail.*
/etc/sendmail.cf:Cwlocalhost
[root@gatekeeper /root]#

But you know, something is wrong with the DNS pointers, never thought to check that. I will have to do that ASAP, i just assumed it was "set up right" and that, as we all know, is plain dumb.
0
 
LVL 12

Author Comment

by:j2
ID: 2762548
Here is something

[root@gatekeeper /root]# nslookup 212.181.63.20
Server:  gatekeeper.harrydaslap.se
Address:  212.181.63.22

*** gatekeeper.harrydaslap.se can't find 212.181.63.20: Non-existent host/domain
[root@gatekeeper /root]# ls /var/named/
192.168.0  192.168.2   harrydaslap.se      named.ca     vmtrailer.se
192.168.1  212.181.63  junekarosserier.se  named.local
[root@gatekeeper /root]#

The reverse doesnt seem to work locally. Why might that be? It works on "my" system, which seems to be the same (but with other zonefiles of cource)
0
 
LVL 12

Author Comment

by:j2
ID: 2762550
GAH! because i queried the net-number and not the IP. stupid me :) Sorry
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2762553
I think you want Cw to read:

Cwharrydaslap.se

so that sendmail knows that it's the MTA for the domain.
0
 
LVL 12

Author Comment

by:j2
ID: 2762556
I really hate you cannot edit a comment. But, even if the systems arent known to the root DNS correctly (yet) shoudltn still a reverse work "externally"?

warwick:/var/named> nslookup 212.181.63.22
Server:  darkface.pp.se
Address:  195.54.96.76

*** darkface.pp.se can't find 212.181.63.22: Non-existent host/domain

Or does that require proper DNS registration?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 12

Author Comment

by:j2
ID: 2762559
Yes, I know it should read that, But linuxconf will not regenerate the cf with the error still there. And i really would like to find the reason for the error before putting the system in production.

Ill just put this on the "backburner" until the DNS issue is resolved, "it just might be...." so to speak.

Have a nice weekend!
0
 
LVL 12

Author Comment

by:j2
ID: 2762569
Aha, the DNS mystery resolved. Here is what happened.

Customer and I agreed i should register the domains (they have 4) for them, and park them until their server was up.

The person i talked to forgot to bring that up at a IT/IS meeting.

Their admin registered the domains, since he wanted to make sure "they had them" when their 512kbit line was installed.

I was told this and checked and the domains werent "active" yet. So i sent a change request to the "parking house" :)

The domains went active on the change request before the original request was processed. The another tech and the parking house got the original request, and sicne the domains were "up" treated it as a "change request". So thats why the DNS is "misspointed" now. And monday is a holliday over here, so ill have to straighten it out tuesday.

Cheers!
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2762708
Okay, so now we know why the DNS root is wrong. As to the reverse not working... it won't until there's a server to supply it and there isn't one at present. Well, except to the server you set up but nobody knows to use it unless specifically told to do so.

I guess I'm a bit confused about what you meant by "But linuxconf will not regenerate the cf with the error still there". Do you mean that linuxconf is only putting localhost into Cw, regardless of what you do?

On that system it should be able to figure out what the domain is from the hostname as that's an FQDN. Note that since there isn't a "domain harrydaslap.se" line in resolv.conf, the resolver must must figure it out from the hostname.
0
 
LVL 12

Author Comment

by:j2
ID: 2763712
""But linuxconf will not regenerate the cf with the error still there". "

As long as linuxconf displays "null" in that "accept mail for" box, it will write localhost as Cw.

Ahwell, ill try it on tuesday
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2763925
Okay, that sounds like linuxconf can't figure out what domain the system is in. I believe that it's trying to do a gethostbyaddr() and failing. I just tried connecting directly to your nameserver (212.181.63.20) and I find that it can't do forward or reverse lookups of it's own data. That sounds to me like there might a problem with the DNS setup on the box. It seems to me that the system ought to know that it is authoritative for the domain (after all it is configured to be the primary) and shouldn't therefore need to contact the root servers.

Okay, I believe that I've just proved that a properly configured primary will resolve locally, even if the root servers point to a different pri/sec nameserver. I set up one of my "play" boxes with a valid domain name that's currently parked at the registrar. It had no problems recognizing that it was authoritative for the zone and tcpdump showed that it never made an attempt to contact anybody else.

Therefore, I believe that you have a local problem on that system that needs to be found and fixed, even before the registrar data is corrected.

If you don't already know about it, there's an excellent lint checker for DNS data at ftp://ftp.ee.lbl.gov/nslint.tar.Z. It's easy to install and pretty through in its examination.
0
 
LVL 12

Author Comment

by:j2
ID: 2807100
The problem WAS indeed that the DNS had got screwed up.
0
 
LVL 12

Author Comment

by:j2
ID: 2807102
Guess it goes to show the old "TRIPPLE check _everything_ , then check it again" ;)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2807365
Yep, and it sometimes helps to check things from some outside system. They can sometimes reveal a problem that can't be seen by boxes on the local network... (you can probably figure out how I know that).
0
 
LVL 12

Author Comment

by:j2
ID: 2807398
Hear hear ;)
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now