[milters] Archive

Lists Index Date Thread Search

Article: 1381
From: Jeff Gamberutti
Date: 2006-12-26 21:08:15 -0500
Subject: Re: milter-sender issues on a multi-homed sendmail gateway

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------


The holidays plus a bad cold have kept me from digging into this until
today.  I'm not much of a C programmer but I managed to put some debug
statements into the milter-sender.c code just to see what was coming out.
What I found out was in the function mxConnect, if I passed NULL in place of
smfOptInterfaceIp.string into socketOpenBindClient, all call-backs and
call-aheads work perfectly.  I've shown an excerpt of the changed code
(please remove the excerpt if I'm violating any copyrights).

My question is, what problems am I to encounter if I make this change?

Thanks for your help!

Jeff


static int
mxConnect(workspace data, char *server, int *code)
{
        int rc;

        smfLog(SMF_LOG_DIALOG, TAG_FORMAT "opening SMTP connection to %s",
TAG_ARGS, server);

        socketClose(data->server);
        data->server = NULL;

/*
        if (socketOpenBindClient(server, SMTP_PORT, socketTimeout.value,
smfOptInterfaceIp.string, NULL, &data->server)) {
*/
        if (socketOpenBindClient(server, SMTP_PORT, socketTimeout.value,
NULL, NULL, &data->server)) {
                rc = MX_ERROR_CONNECT;
#ifdef FAIL_ON_CONNECT
                *code = 554;
#else
                *code = 421;
#endif
                goto error0;
        }





-----Original Message-----
From: milters-bounce@milter.info [mailto:milters-bounce@milter.info] On
Behalf Of Jeff Gamberutti
Sent: Friday, December 15, 2006 9:04 AM
To: milters@milter.info
Subject: [milters] milter-sender issues on a multi-homed sendmail gateway

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

I have a FC4 box with eth0 pointing to the internet and eth1 pointing to our
internal LAN.  Iptables is setup to block all inbound traffic except for
SMTP.  I'm running a caching DNS server as well.
 
Everything works perfectly from a networking standpoint as long as
milter-sender is not enabled in the sendmail.cf file.  However, once
enabled, callbacks timeout.  I've noticed through running tcpdump, that
milter-sender is attempting to callback the senders mx server using my
internal IP address on eth0 (the internet interface) which obviously won't
work since it's a fictitious address.  If I set the interface-ip= and/or
interface-name= parameters to my internet interface (eth0), call backs work
perfectly.  However, call ahead's to my internal mail hub fail for the same
reason as before, where tcpdump now shows a call to my internal mail server
using the LAN interface however with a source address equal to my wan ip,
which again it won't find.
 
I've tried disabling the firewall altogether (makes me nervous), pointing
/etc/resolv.conf to a real DNS server, swapping the interfaces, as well as
trying various different combinations of settings between PublicIp=,
PublicName=, interface-ip= and interface-name=, mailertable entries (with
and without []'s), MxCallAheadDb= with various entries (with and without
[]'s), MxCallAheadHost= (set and not set) all with the same results one way
or another.  I have confLOG_LEVEL turned all the way up as well as
verbose=all in milter-sender.cf.  The DNS queries are all resolving
properly, it's the SMTP queries which are having the issues.
 
In a nutshell, everything is working perfectly from a networking standpoint
except that milter-sender is only using one IP address (inside or outside)
only when attempting to call back or call ahead.  Depending on which IP it
uses, one side works while the other side doesn't.
 
Where did I go wrong??  I've looked through the list and haven't seen
anything regarding this so pardon me if this has been brought up before.
 
Regards to all,
 
Jeff




Lists Index Date Thread Search