OT sendmail delay

Bryan Hepworth bryan at redfedora.co.uk
Sun Oct 8 14:41:13 UTC 2006 

Subject: Re: OT sendmail delay

Tim

Thanks for the reply...


> On Fri, 2006-10-06 at 10:57 +0100, bryan at coxagri.com wrote:
>> Thanks for your reply to this. When I was doing further checks I found
>> that it was also failing reverse dns look ups. So I bit the bullet and
>> started to learn about dns. Would you have any advice to offer as to
>> best practice for this?
>
> Get it working internally, first, and be certain you're familiar with it
> (your server, and DNS records in general) before you move beyond
> internal DNS serving.
>
>> I was thinking that we need an internal dns server to keep sendmail
>> happy with all the internal people that use it to send out email.
>> Sendmail  isn't currently taking mail in yet directly. That's taken from
>> the box that's hosted at the ISP and brought in by fetchmail. Long term
>> this was going to change and the MX record externally (at the ISP) was
>> going to point to our adsl router.
>
> First advice:  Before setting yourself up with a SMTP server accepting
> input from the public, learn about spam control.  Once you start
> handling your own mail, you've also got to deal with all the spam that
> someone else would have been managing for you.  You have to learn how to
> kill it properly, not get exploited, and not get blacklisted.

The mailserver currently runs spamassassin, and testing with smtp auth and 
starttls also works. This was a requirement for getting port 25 opened by 
the isp. I've read about grey listing. Is there anything else you would 
recommend?

> For internal networking, it probably is easier to have a local DNS
> server that takes care of address resolution (easier than maintaining
> hosts files, etc.).  But be careful how you organise your internal mail
> if you want users to be able to post to the outside world using the same
> e-mail addresses.  You won't be able to post from a domain name that's
> not recognised outside your LAN.  There's nothing stopping you from
> having different responses to domain names inside and outside of your
> LAN (i.e. using a public domain name, inside and out, but inside your
> machines all have internal LAN IP addresses, for internal work, outside
> your domain has a real internet IP address for mail checks, etc.).

Everything that goes out is masqueraded as coxagri.com. It goes out to the 
smarthost at the ISP currently. My test ones made it out of the system OK to 
an external address. Is there anything else to be aware of?

Thanks

Bryan

More information about the users mailing list