The Wednesday 2004-09-08 at 10:33 +0200, remote wrote:
I posted it to SuSE-security because it´s the only SuSE forum I subscribe to, also I believed that my problem might be the result of either an over-eager anti-spam software or my firewall.
But you would get more answers at other list. I'm the only one answering (at list on-list), and I'm not an expert on sendmail.
Your mx records show 0 router.leat.ruhr-uni-bochum.de 20 mi.ruhr-uni-bochum.de
router.leat.ruhr-uni-bochum.de points to two A records 134.147.162.39 and 134.147.55.1, both of which accept connections on port 25, but just timeout, no error message or anything.
134.147.162.39 is my external NIC, 134.147.55.1 my internal NIC. Communication from outside my domain to 134.147.55.1 is blocked by the firewall, this is intended.
Then you should remove 134.147.55.1 from the DNS - at least, the one reachable from outside. If you want to receive mail at 'leat.ruhr-uni-bochum.de', the IPs listed there should all respond. As your correspondent did not post to the list, I don't know what he said, and I'm probably repeating info. Look: cer@nimrodel:~> host -t MX leat.ruhr-uni-bochum.de leat.ruhr-uni-bochum.de mail is handled by 20 mi.ruhr-uni-bochum.de. leat.ruhr-uni-bochum.de mail is handled by 0 router.leat.ruhr-uni-bochum.de. Ie, both 'mi.ruhr-uni-bochum.de' and 'router.leat.ruhr-uni-bochum.de' are reported to handle your incoming mail, with different priorities: the router is the primary server, 'mi' is the secondary (I assume 0 is a valid priority). Lets find the IPs: cer@nimrodel:~> host -t MX mi.ruhr-uni-bochum.de. cer@nimrodel:~> host -t MX router.leat.ruhr-uni-bochum.de router.leat.ruhr-uni-bochum.de mail is handled by 20 mi.ruhr-uni-bochum.de. router.leat.ruhr-uni-bochum.de mail is handled by 0 router.leat.ruhr-uni-bochum.de. cer@nimrodel:~> host mi.ruhr-uni-bochum.de. mi.ruhr-uni-bochum.de has address 134.147.64.30 mi.ruhr-uni-bochum.de has address 134.147.32.86 cer@nimrodel:~> host router.leat.ruhr-uni-bochum.de router.leat.ruhr-uni-bochum.de has address 134.147.162.39 router.leat.ruhr-uni-bochum.de has address 134.147.55.1 In my opinion, all those four IP addresses should be able to handle mail requests (SMTP) to your domain, although with different priorities - ie, both your router addresses should answer (primary mail server). If any one fails, you may have problems. If any one is not intended to handle mail, you have to remove it from the name chain. I'm not a DNS expert, I can not recommend how you should define your DNS entries. But I don't think they are correct.
So, how come I sometimes have mail communications from and to that specific site, and sometimes don´t ? Also, this mail server has been running continuously for two years now, and I never missed any mail that I know of.
Probably because it works if they get the first IP listed for your primary mail server, they get your external router address. But some times they might prefer the second address listed, ie, the internal.
One other quick question, what does this problem have to do with Suse Security???
See above :)
He is right. If you want more answers, this is not the correct place. We are disturbing others. -- Cheers, Carlos Robinson