From owner-freebsd-questions  Sat Jun 13 08:02:31 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA27533
          for freebsd-questions-outgoing; Sat, 13 Jun 1998 08:02:31 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from aphrodite.harbor.ab.ca (aphrodite.harbor.ab.ca [198.161.82.75])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA27516
          for <questions@FreeBSD.ORG>; Sat, 13 Jun 1998 08:02:14 -0700 (PDT)
          (envelope-from mathezer@harbor.ab.ca)
Received: from gemini100.harbor.ab.ca by aphrodite.harbor.ab.ca with SMTP (Microsoft Exchange Internet Mail Service Version 5.0.1458.49)
	id MCMJPP1G; Sat, 13 Jun 1998 09:02:11 -0600
Date: Sat, 13 Jun 1998 09:02:13 -0600 (MDT)
From: Stephen Mathezer <mathezer@harbor.ab.ca>
X-Sender: mathezer@gemini
To: malte@webmore.com
cc: questions@FreeBSD.ORG
Subject: RE: sendmail/dns/relaying question
In-Reply-To: <XFMail.980613122504.malte@webmore.com>
Message-ID: <Pine.SOL.3.96.980613085906.21002A-100000@gemini>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


You're probably right, a RAR on 123.123.123.123 gives fw.domain1.com.
Which should be OK because that is what the machine thinks that it is.

The problem I think is that when sending email to user@domain2.com, the MX
lookup for domain2.com will return fw.domain2.com as an MX but the
firewall doesn't know that it is also in domain2 since I don't know of any
way to make a machine know it is part of two domains. So the firewall
thinks something like:  I am called fw.domain1.com  the MXs for
domain2.com are fw.domain2.com and real_mail_server.domain2.com, I am not
an MX for domain2.com therefore I cannot relay.....

-Steve

On Sat, 13 Jun 1998 malte@webmore.com wrote:

> Everything looks fine with your config, BUT the big question is:
>   What does a RAR on 123.123.123.123 give ?
> 
> It seems here is your problem.
> 
> Malte.
> 
> On 12-Jun-98 Stephen Mathezer wrote:
> > 
> > This isn't really FreeBSD specific but I'm hoping someone out there can
> > help me with this.   
> > 
> > Suppose I have two domain names which cover the same set of IP addresses.
> > 
> > eg: fw.domain1.com = 123.123.123.123
> >     fw.domain2.com = 123.123.123.123
> > 
> > Now, I have a firewall which is relaying mail from the Internet to an
> > internal mail server.
> > 
> > I am trying to use the relay_based_on_MX feature in Sendmail 8.9.0
> > Neither domain1.com nor domain2.com is in sendmail.cw since I want to
> > relay mail for these domains to an internal mail server.
> > 
> > The internal DNS used by the firewall lists fw as the mail exchanger for
> > the domain so things sort of work.
> > 
> > Here is my problem
> > 
> > I want to use the short form of the DNS tables.
> > 
> > eg:
> >      db.both-domain looks like:
> > 
> > @ IN SOA fw.domain1.com. me.domain1.com. (
> >              .........)
> > 
> > @ IN A 123.123.123.124
> >   MX   10 real-mail-server
> >   MX   20 fw
> > 
> > named.boot then looks like
> > 
> > primary domain1.com   db.both_domains
> > primary       domain2.com     db.both_domains
> > 
> > 
> > All machines have the same addresses in both domains the two domain stuff
> > is simply so that our marketing folks can be happy with our fancy domain
> > name and the rest of us can use the one we have always used.
> > I really would rather not maintain two db files separately for the domains
> > which is why I am using the short form and only using one file.
> > 
> > The problem arrives when I try to send mail to user@domain2.com from the
> > Internet. The relay_based_on_MX doesn't allow the relay because the
> > firewall (which to the outside world is our primary MX) decides that it is
> > not an MX for domain2.com since it knows that it's name is fw.domain1.com.
> > 
> > So, is there a way that I can make my firewall realize that it is in both
> > domains or is there a simpler way of going about this. The goal I am
> > trying to acheive here is:
> > 
> > 1- fw is the primary MX for domain1.com and domain2.com as far as the
> >    outside world is concerned.
> > 2- fw does NOT deliver mail locally for either but rather forwards it to
> >    real_mail_server.domain1.com (acheived by using a different name server
> >    internally which lists a different set of MXs which do include fw)
> > 3- I only need to maintain _1_ db file for both domains under DNS
> > 4- I am a good neighbour and limit the spam I allow to pass through my
> >    system.
> > 
> > Thanks for reading my long winded query I would appreciate any advice.
> > 
> > -Steve
> > 
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-questions" in the body of the message
> 
> ----------------------------------
> E-Mail: malte@webmore.com
> Date: 13-Jun-98
> Time: 12:24:56
> ----------------------------------
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message