LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 08-27-2008, 01:57 AM   #1
the_gripmaster
Member
 
Registered: Jul 2004
Location: VIC, Australia
Distribution: RHEL, CentOS, Ubuntu Server, Ubuntu
Posts: 362

Rep: Reputation: 38
Sendmail forcing to use a particular MX


My clients are trying to send email to a domain such as example.com

example.com has 2 MXs (found by executing 'host -t mx example.com' in the email server):
Code:
50 mx2.example.com
10 mx1.example.com
mx1.example.com is up and connections can be established on port 25 to it from my server, but mx2.example.com is down.

Now, whenever my clients send email to example.com, it does not get delivered and when i run 'mailq', this is what I see:

Code:
m7R5jlEx028096     2987 Wed Aug 27 11:45 <me@mydomain.com>
               (Deferred: Connection refused by mx2.example.com.)
                                         <postmaster@example.com>
It looks like sendmail is trying to connect to mx2.example.com which is down. How do I force sendmail to send the emails to example.com using mx1.example.com?
 
Old 08-27-2008, 02:13 AM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
This may be a form of greylisting.

Unless you control the MX's, or have permission, you should not try to override the MX's for the domain. Allow your server to retry which is normal operating behavior.

Attempting to bypass the normal MX precedence could get you perm rejected from the site.

Last edited by Mr. C.; 08-27-2008 at 02:31 AM.
 
Old 08-27-2008, 02:26 AM   #3
the_gripmaster
Member
 
Registered: Jul 2004
Location: VIC, Australia
Distribution: RHEL, CentOS, Ubuntu Server, Ubuntu
Posts: 362

Original Poster
Rep: Reputation: 38
I can telnet to port 25 of mx1.example.com from my server and can successfully send emails. Why is sendmail trying to use mx2.example.com instead of mx1.example.com?
 
Old 08-27-2008, 02:32 AM   #4
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Do the logs show that sendmail tried the primary first, failed, and fell back to the secondary?
 
Old 08-27-2008, 02:36 AM   #5
the_gripmaster
Member
 
Registered: Jul 2004
Location: VIC, Australia
Distribution: RHEL, CentOS, Ubuntu Server, Ubuntu
Posts: 362

Original Poster
Rep: Reputation: 38
Sendmail logs show it never tried to connect to mx1.example.com
 
Old 08-27-2008, 02:50 AM   #6
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
Sendmail will try a secondary MX if there was a problem during the SMTP greeting. If Sendmail has never tried the primary MX, this would tend to indicate DNS problems not returning the primary MX record.

Can you describe your DNS server?
 
Old 08-27-2008, 03:18 AM   #7
the_gripmaster
Member
 
Registered: Jul 2004
Location: VIC, Australia
Distribution: RHEL, CentOS, Ubuntu Server, Ubuntu
Posts: 362

Original Poster
Rep: Reputation: 38
Here is a dig output from my server (telnet-bd.com is the server I am trying to send the emails to)

Code:
[root@mx1 ~]# dig -t mx telnet-bd.com

; <<>> DiG 9.3.3rc2 <<>> -t mx telnet-bd.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60299
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 4

;; QUESTION SECTION:
;telnet-bd.com.                 IN      MX

;; ANSWER SECTION:
telnet-bd.com.          4705    IN      MX      10 mx-in-01.telnet-bd.com.
telnet-bd.com.          4705    IN      MX      50 mx-in-02.telnet-bd.com.

;; AUTHORITY SECTION:
telnet-bd.com.          1694    IN      NS      ns1.telnet-bd.com.
telnet-bd.com.          1694    IN      NS      ns2.telnet-bd.com.

;; ADDITIONAL SECTION:
mx-in-01.telnet-bd.com. 1694    IN      A       116.212.104.91
mx-in-02.telnet-bd.com. 1694    IN      A       116.212.105.113
ns1.telnet-bd.com.      10704   IN      A       116.212.104.71
ns2.telnet-bd.com.      34754   IN      A       116.212.105.115

;; Query time: 0 msec
;; SERVER: 192.168.100.41#53(192.168.100.41)
;; WHEN: Wed Aug 27 13:17:39 2008
;; MSG SIZE  rcvd: 181
 
Old 08-27-2008, 11:30 PM   #8
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 59
I get DNS failures on this domain.

Code:
$ dig -t mx telnet-bd.com

; <<>> DiG 9.5.0-P2 <<>> -t mx telnet-bd.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 7590
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;telnet-bd.com.                 IN      MX

;; Query time: 3221 msec
;; WHEN: Wed Aug 27 20:28:45 2008
That's enough to convince me.
 
Old 08-28-2008, 04:59 AM   #9
the_gripmaster
Member
 
Registered: Jul 2004
Location: VIC, Australia
Distribution: RHEL, CentOS, Ubuntu Server, Ubuntu
Posts: 362

Original Poster
Rep: Reputation: 38
Well...thanks
 
  


Reply

Tags
force, mx, sendmail


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
forcing traffic through certain route(forcing source ip) taltman Linux - Networking 1 12-26-2007 02:07 PM
forcing to use SSL micro_xii Linux - Newbie 4 11-11-2006 12:29 AM
Forcing sendmail to always use a relay ericcarlson Linux - Software 2 07-26-2004 06:00 PM
Sendmail question! Forcing FROM lines from local users? Bungo2000 Linux - Networking 5 12-15-2003 11:37 PM
Forcing Vesa Magician Linux - Hardware 1 11-23-2003 10:18 PM


All times are GMT -5. The time now is 11:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration