View Single Post
  #2   (View Single Post)  
Old 21st May 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

A mailserver first will try to lookup the MX (Mail eXchanger) DNS record.

On my local LAN with DJBDNS nameservers
Code:
]dig +norecurse  -t mx utp.xnet @192.168.222.11

; <<>> DiG 9.3.4 <<>> +norecurse -t mx utp.xnet @192.168.222.11
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6504
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;utp.xnet.                      IN      MX

;; ANSWER SECTION:
utp.xnet.               604800  IN      MX      0 mail.utp.xnet.

;; AUTHORITY SECTION:
utp.xnet.               259200  IN      NS      ns1.utp.xnet.

;; ADDITIONAL SECTION:
mail.utp.xnet.          604800  IN      A       192.168.222.10
ns1.utp.xnet.           259200  IN      A       192.168.222.11

;; Query time: 1 msec
;; SERVER: 192.168.222.11#53(192.168.222.11)
;; WHEN: Wed May 21 23:08:42 2008
;; MSG SIZE  rcvd: 97
If there is no MX record , it will do an A DNS record lookup.

From the sending sendmail box, can you do the MX and A record lookups manually with dig? What do they produce?

If you modified the DNS records, please restart BIND so it will not answer queries from the old cached records.

BTW To sniff DNS traffic I use
Code:
tcpdump -nvv -i re0 -s512  port domain
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote