Solved

email and dns

Posted on 2001-07-11
7
253 Views
Last Modified: 2013-12-15
I am back again trying to solve an email/dns problem.  I run a mail server on my small lan ,and have a quasi-permanent connection to the internet.  This means that although my isp is supposed to be providing 24/7 uptime, their service has these strange 60-90 second blackouts every 15-20 minutes they cannot solve.

This affects me because when someone tries to check their email at the same time one of the blackouts are occuring, it causes the response to be really slow.  jlevie pointed out a way to cure the other problem I was having by suggesting I correctly maintain an /etc/hosts file.  But with the blackouts, my pop server has a delay because I think that it is trying to do a reverse lookup of itself.  Here is a sample tcpdump output. 192.168.1.3 is the machine running qmail.  192.168.1.20 is my machine checking for email. 209.161.160.19 is my isp's dns server.

20:14:41.731133 eth0 < 192.168.1.20.1363 > 192.168.1.3.pop3: . 1:1(0) ack 1 win 17520 (DF)
20:14:41.732146 eth0 > 192.168.1.3.15093 > 209.161.160.19.domain: 61116+ PTR? 3.1.168.192.in-addr.arpa. (42)
20:14:41.748817 eth0 < 209.161.160.19.domain > 192.168.1.3.15093: 61116 NXDomain 0/1/0 (104)

So my basic question is what entry, if any, can I place in my /etc/hosts file that will prevent the reverse lookup? (or give the correct response?) I have tried various combinations to little avail.  I would rather not set up a dns server on my lan.  I have only 12 nodes and the changes here are very infrequent at best.

MB
0
Comment
Question by:mattbrice
  • 3
  • 3
7 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 6279221
Check /etc/nsswitch.conf and make sure that files occurs before dns. It should look like:

hosts:      files nisplus nis dns

The important bits are that files is listed before dns. It doesn't matter about nisplus or nis in this case.

Have you considered that the "blackouts" might be a local problem rather than at your ISP? Is the Linux box the Internet gateway or does something else do that (if so what?)? If it is the gateway what version of Linux is it running and what kind of Internet link do you have (cable modem, SDSL, dialup, T1, etc)?
0
 

Author Comment

by:mattbrice
ID: 6281371
The file /etc/nsswitch already has files ahead of dns.  Any other ideas with respect to /etc/hosts or other files?  What should  my hosts file look like given the information in my original comment?

As far as the blackouts are concerned, they are caused by my isp's system.  I don't use dsl, cable, or dial-up. Because of my location, the only service that I could get (other than a basic dial-up account) was their microwave wireless system. (Which is also very inexpensive) When it works, it is very quick. They have a lot of their wireless customers complaining about the same thing and are aware of the problem.  They just don't know of a solution.

Thanks for the help,

MB
0
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 6282051
Okay, so the hostname search order is correct. So either something isn't quite right with the hosts file or there's something in the POP daemon that insists on using DNS. Your hosts file should look like:

127.0.0.1     localhost.localdomain localhost
192.168.1.1     host1.domain.tld host1
192.168.1.2     host2.domain.tld host2
...

replacing "domain.tld" with your domain name. The hostname that the email server is set to needs to point to one of those entries in the hosts file.

If you still have problems during the outages with the hosts file set up correctly, then the only recourse that I know of will be to set up a local DNS. That's not at all difficult for a small LAN and you would gain a small reduction in link traffic since the local DNS will cache answers. If you don't know how to set up a local DNS I'd be willing to build the configuration for you.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 1

Expert Comment

by:auther_bin
ID: 6283671
 If you not be sure about the name resolves, do like:

1, run "linuxconf" by root, and find out the domain name server config, and make a right turn between the hosts and systemdns.

2, edit your /etc/hosts file, add a line like:
    192.168.1.123 emailerver.yourdomain.com
    ~~~~~~~~~~~~~
     192.168.1.123 is Your email server's IP.

3, check whether the system worked well:
   first, "ping" the domain name about your email server, If the IP address been given is correct, it's OK. Second, run "nslookup" and fill your email server's domain name "emailserver.yourdomain.com" after the prompt ">", get the result, if it also worked, That's OK.

Good Luck :)
0
 

Author Comment

by:mattbrice
ID: 6291401
I have tried the adding the ip of the email server, but it does not seem to make a difference.  I am running qmail + vpopmail.  I do not have the time right this moment to install the dns, but I will be thinking about it.  I have read that djbdns is a good choice, and also authored by the same man who wrote qmail.  

I really appreciate the comments so far.

MB
0
 

Author Comment

by:mattbrice
ID: 6303500
Thanks for all the help.  I decided to follow your advise and set up a local DNS server.  It turned out to be a fairly simple task.  I used djbdns and although I don't have a the features working, it has made checking email lightning fast without sacrificing browsing speed.  

MB
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6303933
Cool...
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now