How to disable reverse DNS in Sendmail

domain-name-systemsendmail

I would like to disable reverse DNS lookups in Sendmail.

We have an SMTP relay, running Sendmail, with an IP-based access.db. We have no requirement for reverse lookups and, in fact, they may be contributing to delays in response time. This triggers alerts in monitoring … which make people unhappy.

I've had a search and have been unable to find anything to disable reverse DNS lookups for incoming connections. Obviously I can't just kill all DNS lookups as no mail will then be delivered.

OS: centos 5
sendmail.x86_64 8.13.8-8.1.el5_7
sendmail-cf.x86_64 8.13.8-8.1.el5_7

Thanks in advance!

Best Answer

Check in your sendmail.mc whether FEATURE(require_rdns) is enabled. If not check also whether your sendmail binary is compiled with tcp_wrappers support, and if yes, check the policies (specific for sendmail, or default if absent for sendmail) in /etc/hosts.allow and /etc/hosts.deny

UPDATE:

There are a couple more files to check. First check /etc/nsswitch.conf (or /etc/mail/service.switch) if it exists. Normal entries for DNS resolving are:

hosts: files bind

Next check the entries of /etc/resolv.conf. Are the nameservers listed there responding? Maybe the first one is not reachable and this is the cause of the delays.

Where are the logs?

The default location depends on your linux/unix system, but the most common places are

/var/log/maillog
/var/log/mail.log
/var/adm/maillog
/var/adm/syslog/mail.log

If it's not there, look up /etc/syslog.conf. You should see something like this

mail.*         -/var/log/maillog

sendmail writes logs to the mail facility of syslog. Therefore, which file it gets written to depends on how syslog was configured.

If you system uses syslog-ng (instead of the more "traditional" syslog), then you'll have to look up your syslog-ng.conf file. You'll should something like this:

# This files are the log come from the mail subsystem.
#
destination mail     { file("/var/log/mail.log"); };
destination maillog  { file("/var/log/maillog"); };
destination mailinfo { file("/var/log/mail.info"); };
destination mailwarn { file("/var/log/mail.warn"); };
destination mailerr  { file("/var/log/mail.err"); };

Unable to send out emails?

One of the most common reason I've seen for a freshly installed sendmail not being able to send out emails is the DAEMON_OPTIONS being set to listen only on 127.0.0.1

See /etc/mail/sendmail.mc

dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

If that's your case, remove the "Addr=127.0.0.1" part, rebuild your conf file and you're good to go!

DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl

[root@server]$ m4 sendmail.mc > /etc/sendmail.cf
[root@server]$/etc/init.d/sendmail restart

If you've been making changes to /etc/sendmail.cf manually thus far (instead of the *.m4 file) you can make similar changes in /etc/sendmail.cf. The offending line will look like this:

O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA

Change it to:

O DaemonPortOptions=Port=smtp, Name=MTA

Best Answer

Related Solutions

Windows – What’s the command-line utility in Windows to do a reverse DNS look-up

Where to check log of sendmail

Where are the logs?

Unable to send out emails?

Related Topic