Re: sendmail error, "MX list for mydomain.com points back to server.mydomain.com"
Date: Fri, 19 May 2023 05:32:01 UTC
> On May 19, 2023, at 12:43 AM, vagabond <vagabond@blackfoot.net> wrote: > > On 2023-05-18 19:44, Dan Mahoney (Ports) wrote: >> Do you see it? It’s subtle. >> Your system is asking your own 127.0.0.1 DNS for the AAAA for >> ns.dreamchaser.org (because sendmail attempts ipv6 before it attempts >> ipv4) > > ok. > >> You forgot a trailing . in your NS records. Your DNS kicks back that >> “hey, I don’t know about ns.dreamchaser.org” so it gives you an SOA >> record. (answer = 0, authority = 1) >> is doing lookups for ns.dreamchaser.org.dreamchaser.org because of that. >> Post your zone file? > > Staring hard, but I still don't see it. > This is a cut down one (removed comments and other hosts) > which still fails. > secondary names have been changed. DNS is public. Still not sure why you feel the need to do that. >> Here’s what I think it happening: (Have a reference here: >> Your system is looking at its own rdns/fdns, and discovering that its >> hostname is ns.dreamchaser.org.dreamchaser.org (probably because your >> primary IP is not present in /etc/hosts). It attempts to deliver to >> itself, and finds that mail SHOULD come to it (since your >> misconfiguration says your MX is ns.dreamchaser.org.dreamchaser.org >> AND that’s what you resolve to, but ns.dreamchaser.org.dreamchaser.org >> isn’t in /etc/mail/local-host-names. > > # cat /etc/hosts > ::1 localhost.dreamchaser.org. localhost > 127.0.0.1 localhost.dreamchaser.org. localhost > 66.109.141.57 ns.dreamchaser.org. ns trailing dots don’t typically get used in /etc/hosts, but they’re probably harmless here. I’d remove them. >> * Put your primary addresses in /etc/hosts — there are numerous >> documented cases of sendmail ignoring /etc/hosts but it *might* help >> clue it in to your proper hostname at least. > > see above > >> * Fix your forward and reverse DNS >> * (and in fact, stop faking it out. Fix it at your hosting provider. >> if your hosting provider is taking this long, find another one) You had complained of bogus entries, and of them being slow, that was what I had meant. In a perfect world, you should not need to host a zone file for something you’re not authoritative for, like 141.109.66.in-addr.arpa. as you’re presently doing. It’s a useful workaround, but will break lookups to anything else in that subnet. Everything in your zone file *looks* right here. Is your ISP giving you any kind of ipv6 address? If you type “hostname” you do get your FQDN, right? -Dan