Solved

smtp smart host

Posted on 2004-09-07
14
192 Views
Last Modified: 2010-03-18
I am using RedHat 8.0 and would like to have one server receive all mail in and out for 3 servers that will have the mail accounts.  Eash o the 3 servers are handling mail for the same domain.  Is this possible?

smtp central server -  smtp.mydomain.com

mail server - server1.mydomain.com
mail server - server2.mydomain.com
mail server - server3.mydomain.com


0
Comment
Question by:bdd
  • 7
  • 7
14 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 11998227
Yes, you can do that and it very common to set up a mail system like that for load/reliability reasons.

What will be required is to give the "smtp central server" (hereafter referred to as the mail gateway) the knowedge of what email accounts exist on each of the mail servers. And you have to tell each of the mail servers what to do with local addressed that aren't accounts on the local mail server.

With respect to the mail servers you have to make a policy decision as to whether mail servers will forward mail amoung themselves or whether they will relay through the mail gateway. Relaying everything through the mail gate way is preferred when you are running anti-spam/anti-virus on the mail gateway and not on the mail servers since it limits the spread of a virus.

The mail routing information can be done with:

1) aliases file records

2) virtusertable records

3) LDAP routing

Which to use depends on whether more than one domain is being hosted and whether the policy will be to route all mail through the mail gateway.

What I've done at several sites that need this sort of mail topology is to build virtusertable maps on each of the components from data extracted from LDAP.
0
 

Author Comment

by:bdd
ID: 11999297
I would like to setup as above - with a mail gateway and all mail forwarding to it.  There will be only one domain, so which method would be best.  Also, would I only need MX record for the mail gateway?  
0
 
LVL 40

Accepted Solution

by:
jlevie earned 500 total points
ID: 12012577
I like virtusertable maps for this because I can use a catchall run on the mail servers to forward all non-local accounts to the mail relay. On a mail server the virtusertable file would look somenting like:

user1@domain.com        user1
user2@domain.com        user2
...
@domain.com                  %1@mail-relay.domain.com

where user1-userN are email accounts local to the mail server. On each mail server you also need a SMART_HOST definition in the sendmail.mc, like:

define(`SMART_HOST',  `mail-relay.domain.com') to cause all other mail to be sent through the mail relay.

The mail relay box needs a virtusertable map the looks something like:

user1@domain.com      user1@mail1.domain.com
user2@domain.com      user2@mail1.domain.com
...
user21@domain.com      user21@mail2.domain.com
user22@domain.com      user22@mail2.domain.com
...
@domain.com                  error:nouser No such user here

That last line forces Sendmail to reject non-existant users. See http://sendmail.org/virtual-hosting.html for more information.

Since all email for the domain will flow through the mail relay it must be the only host mentioned in the MX records for the domain.
0
 

Author Comment

by:bdd
ID: 12019349
I have done the above...  seem to be almost there, now when attempting to mail a message I get an error User unkown for a user account that does exist, however if I attempt to send a message to a user that does not exist it responds with No such user here.  I have been viewing the maillog for info above.  thoughts?

0
 
LVL 40

Expert Comment

by:jlevie
ID: 12019699
After the edits to virtusertable have you re-made the maps with:

cd /etc/mail
make

After that an 'ls -l should show a virtusertable.db with a later timestamp than the virtusertable file.
0
 

Author Comment

by:bdd
ID: 12019781
yes, i did the following makemap hash /etc/mail/virtuusertable < /etc/mail/virtusertable

did notice a timestamp that corresponded with the command, also guessed it had looked at the table because when attempting a user that does not exist it gave the No such user here  error msessage.

does something need be in the mailertable?

0
 
LVL 40

Expert Comment

by:jlevie
ID: 12020110
What server are we on here? The mail relay or one of the mail servers?

Could I see a sample of what you have in the virtusertable file on the mail relay and the corresponding users sample from the mail server?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:bdd
ID: 12020228
mail relay virtusertable:

user1@mydomain.com    user1@server1.mydomain.com
user2@mydomain.com    user2@server1.mydomain.com
@mydomain.com            error:nouser No such user here

mail server virtusertable:
user1@mydomain.com    user1
user2@mydomain.com    user2
@mydomain.com            %1@mail-relay.mydomain.com

when attempting to send a message i see it reach the mail-relay, if it is for user1@mydomain.com  it issue's user unkown,  if it is for user5@mydomain.com it issue's  No such user here  (user5 does not exist)

is see the info in the maillog of the mail gateway(mail-relay)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12020350
On the mail realy what does hostname return and what's in /etc/mail/local-host-names?
0
 

Author Comment

by:bdd
ID: 12020500
on the mail relay:

hostname returns mail-reley.mydomain.com

in the local-host-names file on the mail-relay are the following entries:

mydomain.com
mail-relay.mydomain.com
server1.mydomain.com
server2.mydomain.com

0
 

Author Comment

by:bdd
ID: 12020512
aslso in the local-host-names on the mail-relay is
localhost.localdomain
localhost

0
 
LVL 40

Expert Comment

by:jlevie
ID: 12020646
You don't need or want server1.mydomain.com & server2.mydomain.com in local-host-names on the mail relay server. If you are worried about people replying to a message and it trying to go to user@server1.mydomain.com instead of user@mydomain.com (and that is a possibility) you should configure all servers to masquerade as mydomain.com. That's done with:

MASQUERADE_AS(`mydomain.com')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl

in each machine's sendmail.mc

Can I see the snippet from the maillog on the mail server and mail relay server for one of these failing messages?
0
 

Author Comment

by:bdd
ID: 12020735
I took out all the entries in the local-hosts-names file on the mail-relay - - that seemed to do it!

can send and receive mail now!!
Thank you!
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12020948
To be strictly correct local-host-names on the relay server should contain:

localhost.localdomain
localdomain
mail-relay.mydomain.com
mydomain.com

But it should work even if the file is empty. This presumes that the network config of the server is correct. Which in turn means that /etc/sysconfig/network includes:

HOSTNAME=mail-relay.mydomain.com

and that /etc/hosts looks like:

127.0.0.1      localhost.localdoamin localhost
192.168.0.1 mail-relay.mydomain.com mail-relay
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now