ALINK="#FF0000">

"Linux Gazette...making Linux just a little more fun!"


The Answer Guy


By James T. Dennis, tag@lists.linuxgazette.net
Starshine Technical Services, http://www.starshine.org/


(?)'sendmail' requires DNS ... won't use /etc/hosts

From Carlos Javier Castro Pe\qa on Fri, 03 Jul 1998 Hi,

I have been looking for an answer for my question for a long time, but I could find no useful solution. I am building a Linux LAN and I cannot send mail with sendmail ! I do not have a DNS server. I have found a lot of people with the same problem and no answer.

I am using Red Hat 5 with the version of sendmail distributed by them. My kernel 2.0.33 and networking enabled. The mails don't get delivered because a 'hostname lookup failure'. The manual of Red Hat 5 says how to configure sendmail, but that does not work if you don't have a DNS server. I was also suggested to change the /etc/nsswitch.conf file, but it didn't work. Can you help me, please?

Regards, javier

(!) I understand your problem and feel your pain.

The problem is that 'sendmail' is conforming to the SMTP standards --- which require that it look up the MX record for any host prior to sending mail to it.

This sort of record (MX) can only be served over DNS (there isn't any way that I know of to mark an /etc/hosts entry as an "MX" record) (There might be some weird NIS or NIS+ way to do it -- but I don't know much about those protocols).

I've worked around that here at my house (I don't run DNS internally --- I just point to a caching DNS server on my gateway router (a Linux box doing masquerading for external references).

Internally I just use a mailertable that relays all mail from my systems to the mail router (which then spools them out over uucp). That mailertable refers to the gateway system using its IP address (which forces sendmail to skip the DNS MX query). On another system I just use uucp over TCP (for outgoing mail) and POP (for incoming).

It would be much easier for me to set up DNS and leave it at that -- but I can be incredibly stubborn sometimes and my main mail feed is over uucp in any event --- so it's just as easy to use that internally.

The reason modifying your /etc/nsswitch.conf (or /etc/host.conf --- as it's usually done under the Linux resolvers) doesn't work for sendmail --- but does work for normal programs using other protocols is that other protocols are normally only interested in address and reverse address records (using the gethostbyname() and gethostbyadd() library calls). 'sendmail' is looking for MX records since it is common to require special routing for mail.

As I said --- the easiest solution is to create a local DNS domain or subdomain for yourself. For example I'd create the lan.starshine.org domain and name my local systems things like antares.lan.starshine.org etc. This would allow me to set up an "authoritive" set of records on my internal LAN and still defer to my ISP for the virtually hosted www.starshine.org ftp.starshine.org, and mail.starshine.org (I'd list myself as an "unregistered secondary" to my ISP's nameservers for the starshine.org zone).

(I could also just copy his records into my own db and essentially lie to my system about being authoritative for the whole zone. This would break any time my ISP changed any of my publicly accessible address records --- but that would probably only be a minor issue. It would only affect my systems while they were resolving my virtual hosts. My ISP would never refer to my name servers as authorities or secondaries --- and I could use IPFW (now IPChains) to prevent any such requests from getting through to my internal nameserver in any event).

The point is that SMTP (the mail transport protocol to which sendmail defaults) relies on DNS --- and it is not trivial to get SMTP working with DNS disabled. You can use a different transport protocol (such as I do with uucp) or you can configure your systems to use direct IP addresses rather than names in their configuration files. This last option isn't so bad if your plan is to set up masquerading and null clients (a sort of sendmail client that forward all of its mail to a hub, even the local addressed items -- and lets the hub deal with it).

Naturally I'm glossing over the details here. I have the O'Reilly 'sendmail' and 'DNS & BIND' books here at my side --- and I have the notes from a week long seminar I took on these topics (Robert Harker --- http://www.harker.com) --- which are also about 1000 pages. It is basically impossible to comprehensively explain DNS and sendmail in this column, or on the newsgroups and mailing lists.

I hope though that this helps. If you like I'll post (sanitized) copies of my sendmail.mc files and my uucp configuration files to show a couple of examples of how I do it --- with the warning that my configuration is uniquely atypical!


(?)More on: 'sendmail' requires DNS ... won't use /etc/hosts

From Carlos Javier Castro Pe\qa on Thu, 09 Jul 1998
Also posted in Newsgroups:
comp.unix.questions

Dennis,

Thank you for your answer. Maybe the most important thing is that you let me know that I cannot use sendmail for my purpouses wihthout a DNS server. If I knew that from the beginning, I would have spared a lot of time trying different configurations. If you don't mind, I'll post your answer in some Linux mailing lists, because a lot of people has the same question, and there is no usefull answer.

(!) Like the rest of the Linux Gazette all of my articles are covered by the LDP GPL (the variation of the GNU General Public License that is applied to the Linux Documentation Project). Please feel free to post, copy, modify, publish, sell, spindle, mutilate, cite it to your heart's content.
I hope it helps. I don't get into the newsgroups as much as I'd like (and I spend a bit more of my time in the comp.text.tex and comp.unix.security and comp.unix.admin groups when I do make it out there).
Over the years I've always drifted from one newsgroup and mailing list to another (except for the security stuff --- I always stay up on that, though mostly as a "lurker"). For awhile I was the most frequent poster on the comp.lang.awk (formerly the alt.lang.awk) newsgroup. About 5 years ago I was in the top 5 or 10 posted on Compuserve's "UNIXFORUM"
I start by reading and lurking. When I've read for a few weeks (and usually done some experimentation and other research) I start to recognize the common questions, and start to piece things together. After about a month I start answering questions. For a few months I'll answer questions in the NG or ML. Eventually, I move on.
That turns out to have been good experience for answering questions in LG --- since the run the gamut of Unix, Linux, and PC related questions.

(?) You can use a different transport protocol (such as I do with uucp) or you can configure your systems to use direct IP addresses rather than names in their configuration files. This last option isn't so bad if your plan is to set up masquerading and null clients (a sort of sendmail client that forward all of its mail to a hub, even the local addressed items -- and lets the hub deal with it).

Is it possible to make that sendmail uses IP addresses. I need to forward the mail of the Linux host, to the Linux gateway. The users of the Linux host can download the mail from the gateway with POP and IMAP.

(!) I think the one time I did this was with a slight variant of the "clientproto.mc" file that ships with 'sendmail'
It looks like this:
divert(-1)
divert(0)dnl
VERSIONID(`@(#)clientproto.mc	8.7 (Berkeley) 3/23/96')

OSTYPE(linux)
FEATURE(nullclient, `[192.168.1.1]')
... replacing the IP address with the one for your smart hub or gateway. You use the m4 package (also include with all recent versions of sendmail) to generate a cf file from this using a command like:
m4 ../m4/cf.m4 betel.mc > /etc/sendmail.cf
(after making backups of your existing cf file, of course).
The important thing is that is will define a line like:
DM[192.168.64.1.1]
... which should prevent 'sendmail' from using DNS to do any resolution.
Try that and see if it works. I really can't set up a test environment for that at the moment. If that doesn't work, try changing the address to an arbitrary name, adding the "mailertable" FEATURE and creating a small mailertable that points the name at the IP address using the syntax:
myhub: smtp:[192.168.1.1]
Please let me know how it goes.


Copyright © 1998, James T. Dennis
Published in Linux Gazette Issue 31 August 1998


[ Answer Guy Index ] backup uidgid connect 95slow badblock trident sound
kernel solprint idescsi distrib modem NDS rpm
guy maildns memleak multihead cdr


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]