I have an office LAN with a linux server acting as the domain mail server for spam and virus filtering, and then forwarding messages to a Windows Exchange smart host for delivery to domain workstations. The Windows host is also the LAN DHCP server and DNS server.
The Linux host has 2 NICs, one connected to the local LAN and one connected to the Internet. The local LAN is a Windows domain: hprs.local. The public domain is ohprs.org. The Linux hostname is webserver. Therefore, it can be reached from the internet as webserver.ohprs.org and from the LAN as webserver.hprs.local.
This setup has all worked fine for some time.
The Problem: I have added another linux host to the LAN whose hostname is ohprsstorage. I want to set up its email to only send messages to webserver.hprs.local. That is, I don't want it to have to do any DNS lookups outside the hprs.local domain. It will never send email directly to the Internet and, in fact, will never receive any email.
Even though this seems like a simple idea, I've done something wrong. Delivery to the recipient takes 20 or so minutes, even hours. The sendmail.mc on ohprsstorage is:
2 VERSIONID(`default setup for Slackware Linux')dnl
4 define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
6 define(`confTO_IDENT', `0')dnl
9 FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
11 FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
(I probably don't need lines 7-10) Doing nothing other than setting up the /etc/sendmail.cf on ohprsstorage and sending a message from root@ohprsstorage to mfoley@webserver gives me a relaying denied message on webserver; probably because it thinks it is being asked to relay to some strange host: webserver.hprs.local.
To attempt to fix this, I've tried adding the following line to the webserver host's /etc/mail/local-host-names
This gives the following in /etc/log/maillog:
Jun 3 01:15:02 webserver sm-mta: r535F2QZ026512: from=<root@OHPRSstorage.hprs.local>, size=702, class=0, nrcpts=1, msgid=<201306030514.r535EtfY017338@OHPRSstorage.hprs.local>, proto=ESMTP, daemon=MTA, relay=ohprsstorage.hprs.local [192.168.0.50]
Jun 3 01:15:02 webserver sm-mta: r535F2QZ026512: Milter add: rcpt: firstname.lastname@example.org
Jun 3 01:17:02 webserver sm-mta: r535F2QZ026512: timeout waiting for input from local during Draining Input
Jun 3 01:22:22 webserver sm-mta: r535F2QZ026512: to=<email@example.com>, delay=00:07:20, xdelay=00:07:20, mailer=local, pri=60991, dsn=2.0.0, stat=Sent
Jun 3 01:22:22 webserver sm-mta: r535F2QZ026512: to=/var/spool/mail/allmail, firstname.lastname@example.org (2/0), delay=00:07:20, xdelay=00:00:00, mailer=*file*, pri=60991, dsn=2.0.0, stat=Sent
The mail does get delivered, but as you can see there is a 7 minute delay from the time the message was sent until it was received in the user's mailbox, even though it is supposed to be delivering on the local LAN and the boxes are 10 feet apart! This was the most recent test. Many messages take 20 minutes or more and some have taken hours to deliver.
Some minutes after the above (and after local user delivery) I saw the following in the maillog:
Jun 3 01:26:21 webserver sm-mta: STARTTLS=server, relay=mail.ohprs.org [192.168.0.2], version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jun 3 01:26:21 webserver sm-mta: r535QL7e027423: from=<root@OHPRSstorage.hprs.local>, size=3292, class=0, nrcpts=1, msgid=<201306030510.r535A4qt017320@OHPRSstorage.hprs.local>, bodytype=7BIT, proto=ESMTP, daemon=MTA, relay=mail.ohprs.org [192.168.0.2]
I'm not 100% sure this is related, but I didn't send a subsequent message from ohprsstorage. This pair of messages appears to indicate that the from ohprsstorage message is being forwarded to webserver's smart host (188.8.131.52). Perhaps that has something to do with the delay?
The following are the headers for this message:
From root@OHPRSstorage.hprs.local Mon Jun 3 01:15:02 2013
Received: from OHPRSstorage.hprs.local (ohprsstorage.hprs.local [192.168.0.50])
by webserver.ohprs.org (8.14.4/8.14.4) with ESMTP id r535F2QZ026512
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <email@example.com>; Mon, 3 Jun 2013 01:15:02 -0400
Received: from OHPRSstorage.hprs.local (localhost [127.0.0.1])
by OHPRSstorage.hprs.local (8.14.4/8.14.4) with ESMTP id r535EtCm017339
for <firstname.lastname@example.org>; Mon, 3 Jun 2013 01:14:55 -0400
Received: (from root@localhost)
by OHPRSstorage.hprs.local (8.14.4/8.14.4/Submit) id r535EtfY017338
for mfoley@webserver; Mon, 3 Jun 2013 01:14:55 -0400
Date: Mon, 03 Jun 2013 01:14:55 -0400
Subject: test E
User-Agent: Heirloom mailx 12.4 7/29/08
Content-Type: text/plain; charset=us-ascii
As an added wrinkle, with the "webserver.hprs.local" line in /etc/local-host-names, mail from the Internet to email@example.com doesn't get delivered. Adding "webserver.ohprs.org" to /etc/local-host-names doesn't help.
I'm very confused. I thought this would be simple. Can anyone tell me what I'm doing wrong?