OOPS!! The other one went out by accident...
> First to recap what is needed for DNS. The DNS server only needs to publish
> The Start Of Authority (SOA), Name Server (NS) and Address (A) records for
> the DNS servers. It then needs to advertise Mail eXchanger (MX) Records for
> the domain itself and wild card MX records for anything inside the domain.
>
> For example:
> ; primary DNS information file for widget.com domain
> mydomain.com. SOA fire.mydomain.com. postmaster.fire.mydomain.com. (
> 93102101 ; SERIAL in yymmddvv format
> 3600 ; REFRESH every hour
> 300 ; RETRY every 5 mins.
> 604800 ; EXPIRE in 7 days
> 86400 ) ; MINIMUM TTL of a day
> NS fire.mydomain.com.
> NS ext-ns.service.prvdr.
> ext-ns.service.prvdr. A 123.456.789.012 ; A record just in case
This A record is not needed, as ext-ns.service.prvdr. is outside our domain.
> ;
> @ MX 10 fire.mydomain.com. ; MX record for
> MX 20 ext-ns.service.prvdr. ; the domain itself
> ;
> * MX 10 fire.mydomain.com. ; wildcard MX record for
> MX 20 ext-ns.service.prvdr. ; the domain itself
> ; Host information for the firewall
> fire.mydomain.com. A 192.102.231.19 ; A record for the firewall
> MX 10 fire.mydomain.com. ; Host specific MX record for
> MX 20 ext-ns.service.prvdr. ; the firewall itself
>
> A few gotchas:
> It is important that, if you advertize A records for hosts behind the
> firewall, that you need to publish a host specific MX records for each host
> pointing to the firewall. This is because if sendmail finds host specific
> information for a host, it will not use any wildcard information (its a
> feature (:-).
Actually this is a feature of DNS, not of sendmail. However, since sendmail
can't find an MX record for the host, but *can* find an A reocrd, it should
still be able to deliver the mail (at least this is what I recall from memory;
if this in incorrect, send me some flack).
Regards,
-Roger
References:
|
|
