LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Sendmail, DNS, portsentry problem (https://www.linuxquestions.org/questions/linux-software-2/sendmail-dns-portsentry-problem-144105/)

peppiv 02-09-2004 12:33 PM

Sendmail, DNS, portsentry problem
 
We're running RH 7.3, updated sendmail (through the RHN) and the last known version of Portsentry (2.0b1). We've been running Portsentry successfully since we enabled our server 1 1/2 years ago. The DNS comes through Sprint (that's another problem not ready to be discussed here).

On occasion, Portsentry puts the Sprint DNS server's IP address in the host.deny file. When it does this, sometimes - not always - we can't resolve DNS (using dig or nslookup to check). Obviously, when we can't resolve DNS the mail in the spool doesn't send. It only recently started doing this and we can't figure out why. We've not changed any configuration files.

We get DNS from Sprint through three different servers (I'm not the network guy, so please excuse a little ignorance in terminology). We believed one of the servers was having intermittent problems so we put it at the bottom of the rotation. That seemed to help for a while.

We're still having two main issues. Sometimes DNS doesn't resolve, and sendmail doesn't send. We're not sure why DNS doesn't resolve occasionally. And the sendmail problem is driving us nuts. Currently, DNS is resolving but the mail in mqueue isn't getting sent. I've even tried /usr/sbin/sendmail -q (as root - through su root only).

Has anyone experienced anything like this before? Does anyone have any ideas of things we can try to help troubleshoot?

Thanks for any help!

peppiv

stirling 02-09-2004 01:54 PM

add whatever ip's you want ignored (like dns servers, gateways...) to portsentry.ignore.

depending on how portsentry is configured, you may have to do a network restart.
i think, by default, it's set up to respond by dropping the route.

as for troubleshooting, does everything work fine without portsentry and a network restart?

peppiv 02-09-2004 02:25 PM

I just added the ip's into portsentry.ignore. It's puzzling because I never had anything but the default 127... listed in there before and never had a problem.

Since we only have 7.3's firewall enabled and not an actual hardware firewall in front of the server, we've been a little hesitant to run without portsentry for too long.

I will try a restart. Currently, the ip's of the dns server are in the host.deny file, yet we are resolving dns (checked through dig and nslookup) and the mail recently went through.

I'll repost any changes after reboot. Thanks for the .ignore reminder.

peppiv 02-11-2004 11:29 AM

Still very odd. Before I put the DNS server ip addresses into the portsentry.ignore file, they were already in the host.deny file. Yet the DNS resolves and sendmail does it's thing. Everything works. Then at the end of the day the mail starts accumulating in the mqueue again. Rebooting seems to flush them out, but sometimes you have to reboot two or three times. Still makes me think it's an external problem, especially since we haven't made any config changes to the server.

Now I've rebooted after putting the ip's in the .ignore file and removing them from the host.deny file. But I still believe we are going to have issues. Has anyone ever had anything like this happen to them?

Ever had a problem with Sprint's DNS servers?


All times are GMT -5. The time now is 07:55 AM.