OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Michael Tokarev (mjttls.msk.ru)
Date: Sun Mar 03 2002 - 20:09:17 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    imlinterconnect.net wrote:
    >
    > I am wondering if DNS will always override transport.

    No, not at all.

    > For example, say I have the following DNS setup (this isn't real dns
    > format it is just so you can see the relavent info).
    >
    > box.domain.com 192.168.0.1
    > mx 10 box.domain.com
    > mx 20 mail2.otherdomain.com
    >
    > mailhub.domain.com 192.168.0.2
    >
    > domain.com 192.168.1.1
    > mx 10 mailhub.domain.com
    > mx 20 mail2.otherdomain.com
    >
    > mail.domain.com 192.168.1.2
    > mx 10 mailhub.domain.com
    > mx 20 mail2.otherdomain.com
    >
    > now postfix is on box.domain.com (which is also mailhub.domain.com, I
    > know this may be questioned but it is aside from the point). This is
    > the following relavent postfix config:
    >
    > myhostname = mailhub.domain.com
    > mydestination = domain.com, mail.domain.com
    > transport_maps = hash:/usr/local/etc/postfix/transport
    >
    > Here is where I run into the problem. If I put the transport as
    > follows:
    >
    > domain.com :mail.domain.com
    >
    > Then it messages will bounce saying it is pointing back to itself. I
    > suspect it is following strict DNS rules. If I put it as follows:
    >
    > domain.com :[192.168.1.2]
    >
    > Then it works fine. So the real question I guess is just trying to
    > see on a lower level how postfix is working. It appears to be taking
    > the MX record over the transport file.

    When you use

     domain.com smtp:some.machine.name

    postfix will lookup some.machine.name in DNS, looking to MX records, and if
    not found, A records. If you use

     domain.com smtp:[some.machine.name]

    or, like in your case,

      domain.com smtp:[ip.add.re.ss]

    postfix will lookup A record only (for name, not for ip.add.re.ss). This
    is documented. (Note that empty transport name means $default_transport;
    and this particular interpretation of transport definition is specific
    to smtp transport; for other transports, semantic and interpretation will
    be different).

    > Part 2 of this question is how do I make the headers show
    > mailhub.domain.com when it talks to other servers. Right now it shows
    > a little something like:
    >
    > Received: from mailhub.domain.com [192.168.0.1] by ....

    This is what 192.168.0.1 tells in HELO:

     HELO mailhub.domain.com [192.168.0.1]

    (this is syntactically incorrect). Format of postfix's Received line
    for smtpd looks like:

     Received: by HELO (hostname [ip.add.re.ss])
        by $myhostname ...

    the HELO part is exactly what smtp client said. Fix your software that
    talks to postfix I'd say.

    For example, I disallow any invalid helo arguments entirely here, so
    if such client will talk with my postfix, it will never able to send
    mail at all.

    Regards,
     Michael.
    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users