This HOWTO details disabling DNS in Sendmail 8.12.x and later.
By default, Sendmail 8.12.x and later will always attempt to use MX records if it detects “dns” in the hosts line in the /etc/nsswitch.conf on Solaris. (I believe the same applies on Linux, but I’ve not verified this yet.)
At an ISP this isn’t normally a problem as the ISP has access to reliable DNS servers and will forward DNS requests when necessary, however in the corporate world this can be a real problem with things like firewalls getting in the way, and internal only DNS servers.
In the event Sendmail can’t canonify the recipient domain, it will queue the email and report something along the lines of:
$ domain.com: Name server timeout
bob.smith@domain.com… Transient parse error — message queued for future delivery
bob.smith@domain.com… queued
$
Now the easiest way is to remove "/etc/nsswitch.conf, however this also means you can’t use DNS for your local domains.dns” from the hosts line in
The better way is to change Sendmail’s configuration and this is what I’ll detail here.
.mc files, the method of generating the .cf files and restarting Sendmail may vary slightly.
1. Change into the directory that contains the macro configuration (.mc) files:
2. Make a copy of the subsidiary.mc and submit.mc files
# cp submit.mc nodns-submit.mc
3. Add the following lines to the new nodns-subsidiary.mc file just above the “confFALLBACK_SMARTHOST” line:
FEATURE(`nocanonify')dnl
define(`SMART_HOST', `[mailhost]‘)dnl
4. Ensure you have an entry in your /etc/hosts file for the hostname “mailhost“.
5. Comment out the “confFALLBACK_SMARTHOST” line by placing “dnl” at the beginning of the line in the new nodns-subsidiary.mc file.
6. Add the following line to the new nodns-submit.mc file after all the other “define” lines:
define(`confDIRECT_SUBMISSION_MODIFIERS', `C')dnl
7. Generate the new .cf files (note the filename used is the same as the file we edited, except the extension is now .cf instead of .mc):
test ! -f nodns-subsidiary.cf || /usr/bin/mv nodns-subsidiary.cf nodns-subsidiary.cf.prev
/usr/ccs/bin/m4 ../m4/cf.m4 nodns-subsidiary.mc > nodns-subsidiary.cf
# /usr/ccs/bin/make nodns-submit.cf
test ! -f nodns-submit.cf || /usr/bin/mv nodns-submit.cf nodns-submit.cf.prev
/usr/ccs/bin/m4 ../m4/cf.m4 nodns-submit.mc > nodns-submit.cf
#
8. Make a backup of the current files:
# cp /etc/mail/submit.cf /etc/mail/submit.cf.orig
9. Put the new files into place:
# cp /usr/lib/mail/cf/nodns-submit.cf /etc/mail/submit.cf
10. Restart Sendmail
Thats it. Sendmail will no longer query DNS and will instead blindly forward all emails destined for users remote to the local machine to the “mailhost“. It’s then up to this machine to query a reliable interface facing DNS server. This is commonly a machine managed by an ISP.
2 Responses to “HOWTO: Prevent Sendmail From Using DNS”
Speak Your Mind 
Search
Related Entries
- Mails Queueing in MSP only Mode
- OpenSolaris Now Secure By Default.
- Links for 3 August 2007
- Compiling GAIM 2 / Pidgin On Solaris 10
- ZFS: Rampant Layering Violation
- Solaris 10 10/08 (aka Update 6) is Now Available
- About
- HOWTO: Create a ZFS Filesystem OS X Leopard
- Growing a ZFS Root Pool
- Installing the Recommended Patch Cluster With Zones Parallel Patching
Buy Me A Beer
Man, thanks for that write up. I needed that, and didn’t want to crack open the sendmail cookbook. Cheers.
Tnank you. it was very usefull