Sendmail behind firewall
I have just upgraded from storm linux (slink) to debian stable (potato).
Most things went shockingly well. There was an occasional oddity. After
reading through all error messages, I was able to figure most things out.
Kudos to the debian team!
Shortly before upgrading, I put server behind a NAT (like masquerade)
sonicwall firewall. Things appeared to work fine. About the time I
upgraded to new sendmail, I started getting mail authentication errors from
external inbound mail. I then received domain validation errors. The
result was a lot of deferred mail. The error reported was the MX record
didn't match the private IP of my server.
What is the best resolution for this? It would be nice if sendmail could IP
masquerade for authentication purposes by responding with the MX record IP.
I added my domains to my caching DNS server so the LAN could see the local
web sites. I have read the apache.org FAQ and didn't see a handy solution
which will resolve authentication problems. My DNS doesn't server my
domains externally. How do I fake the authentication? Here is my
customizations to the .mc file:
FEATURE(nocanonify) dnl
FEATURE(accept_unqualified_senders)dnl
FEATURE(accept_unresolvable_domains)dnl
FEATURE(`access_db', `hash -o /etc/mail/access') dnl
Any ideas for changes/additions ?
I disabled NAT for the temporary solution but want to reduce the
requirements to one static IP. If anyone has any ideas, I would appreciate
it.
Many Thanks,
Paul
--
Paul McHale
Work: 937-320-5495 Double E Solutions
Mobile: 937-371-2828 1435 Edenwood Dr
Fax: 413-215-3232 Beavercreek, Ohio 45434
--
Reply to: