netbsd-users: Re: sendmail inappropriately tries to externally relay local mail

Subject: Re: sendmail inappropriately tries to externally relay local mail
To: Chuck Swiger <cswiger@mac.com>
From: Christian Hattemer <c.hattemer@arcor.de>
List: netbsd-users
Date: 09/01/2005 12:03:03
Hello Chuck,

On 31.08.05, you wrote:

> Doesn't "dig localhost." and "dig localhost" and "dig
> localhost.myisp.de" all  return 127.0.0.1...?

No. If I read the dig output correctly there are two NXDOMAIN and one
valid external IP for the last variant.

$ dig localhost.
 
; <<>> DiG 9.3.0 <<>> localhost.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49986
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
 
;; QUESTION SECTION:
;localhost.                     IN      A
 
;; AUTHORITY SECTION:
.                       10      IN      SOA     A.ROOT-SERVERS.NET.
NSTLD.VERISIGN-GRS.COM. 2005083101 1800 900 604800 86400
 
;; Query time: 118 msec
;; SERVER: 217.9.16.25#53(217.9.16.25)
;; WHEN: Thu Sep  1 11:32:14 2005
;; MSG SIZE  rcvd: 102
 
$ dig localhost
 
; <<>> DiG 9.3.0 <<>> localhost
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
 
;; QUESTION SECTION:
;localhost.                     IN      A
 
;; AUTHORITY SECTION:
.                       1       IN      SOA     A.ROOT-SERVERS.NET.
NSTLD.VERISIGN-GRS.COM. 2005083101 1800 900 604800 86400
 
;; Query time: 63 msec
;; SERVER: 217.9.16.25#53(217.9.16.25)
;; WHEN: Thu Sep  1 11:32:23 2005
;; MSG SIZE  rcvd: 102
 
$ dig localhost.t-link.de
 
; <<>> DiG 9.3.0 <<>> localhost.t-link.de
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6847
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
 
;; QUESTION SECTION:
;localhost.t-link.de.           IN      A
 
;; ANSWER SECTION:
localhost.t-link.de.    78934   IN      A       217.9.16.2
 
;; AUTHORITY SECTION:
t-link.de.              12197   IN      NS      ns.terralink.de.
t-link.de.              12197   IN      NS      ns1.terralink.de.
 
;; ADDITIONAL SECTION:
ns.terralink.de.        56524   IN      A       217.9.16.14
ns1.terralink.de.       64925   IN      A       217.9.17.34
 
;; Query time: 70 msec
;; SERVER: 217.9.16.25#53(217.9.16.25)
;; WHEN: Thu Sep  1 11:32:37 2005
;; MSG SIZE  rcvd: 130
 
$

> Perhaps your sendmail is misconfigured.  You should set the canonical
> hostname  to be a fully-qualified value, and you should ensure that
> sendmail sees this.

In /etc/rc.conf I have: hostname=lahksa.t-link.de
The IP is static, I also have an entry in /etc/hosts with it.

> Consider the output of:
>
>     echo "3,0 user@localhost" | sendmail -d0.1 -bt

$ echo "3,0 root@localhost" | sendmail -d0.1 -bt
Version 8.13.3
 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
                NAMED_BIND NETINET NETINET6 NETISO NETUNIX NEWDB PIPELINING
                SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG
 
============ SYSTEM IDENTITY (after readcf) ============
      (short domain name) $w = lahksa
  (canonical domain name) $j = lahksa.t-link.de
         (subdomain name) $m = t-link.de
              (node name) $k = lahksa.t-link.de
========================================================
 
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> canonify           input: root @ localhost
Canonify2          input: root < @ localhost >
Canonify2        returns: root < @ lahksa . t-link . de . >
canonify         returns: root < @ lahksa . t-link . de . >
parse              input: root < @ lahksa . t-link . de . >
Parse0             input: root < @ lahksa . t-link . de . >
Parse0           returns: root < @ lahksa . t-link . de . >
ParseLocal         input: root < @ lahksa . t-link . de . >
ParseLocal       returns: root < @ lahksa . t-link . de . >
Parse1             input: root < @ lahksa . t-link . de . >
Parse1           returns: $# local $: root
parse            returns: $# local $: root
> $


I noticed another thing.  IIRC, in older versions of NetBSD local mails had
only one Received: header line. Since a while they have two.

It seems the first one works Ok, while the problem occurs when it tries to
forward the mail the second time. This is the upper header in this example,
the last mail that got through correctly:

From root@lahksa.t-link.de Fri Aug 19 03:15:45 2005
        by lahksa.t-link.de (8.13.3/8.13.3) with ESMTP id j7J1FiDE017168
        for <root@lahksa.t-link.de>; Fri, 19 Aug 2005 03:15:45 +0200 (CEST)
        by lahksa.t-link.de (8.13.3/8.13.3) id j7J1F0h6023665;
        Fri, 19 Aug 2005 03:15:01 +0200 (CEST)
Date: Fri, 19 Aug 2005 03:15:01 +0200 (CEST)
From: Charlie Root <root@lahksa.t-link.de>
Message-Id: <200508190115.j7J1F0h6023665@lahksa.t-link.de>
To: root@lahksa.t-link.de
Subject: lahksa.t-link.de daily output for Fri Aug 19 03:15:00 CEST 2005


The returned mails in clientmqueue have only the lower header.

Bye, Chris