Mail Routing Problems

[BigBirdy]

I hope I can clearly and simply explain our architecture so that my question will make sense.

3 Servers on the Internal Lan:

pbco-server1.pbco.ca
pbco-server2.pbco.ca (Scalix Server which receives all mail to the pbco.ca domain, via fetchmail as the domain is hosted externally)
pbco-server4.pbco.ca

1 gateway/relay/web server on the DMZ:

pbco-server3.pbco.ca (running mailscanner, mailwatch and SWA)

There are firewall rules to allow pbco-server3 to connect to ports 25, 143 and 389 and so remote SWA on the externally visible pbco-server3, works and connects to the internal Scalix server on pbco-server2.

All outgoing mail, including from Scalix, is routed through pbco-server3 on the DMZ running mailwatch and mailscanner.

So far so good.

All 3 linux servers have aliases for the root account so that system messages will go to jstork@pbco.ca. All three servers have a user account with the same uid as my Scalix id, jstork. The Scalix server on pbco-server2 works fine and any messages going to root@pbco-server2.pbco.ca, aliased to jstork@pbco.ca goes correctly to my Scalix account.

pbco-server4 routes all outgoing mail through pbco-server2 (Scalix) and so any mail sent from pbco-server4, to an existing Scalix account (jstork@pbco.ca), goes correctly to my Scalix account.

THE PROBLEM, is with pbco-server3 (the gateway and mailscanner server which all outgoing mail routes through) which also has a local user account, jstork. Mail sent to jstork@pbco.ca ends up trying to go to the external mail server for our domain, pbco.ca and returns an erro message that the user does not exist? Even though the user jstork@pbco.ca DOES exist. I think this is due to the sendmail checking the domain/host of the sender so if sent from the nobody@pbco-server3.pbco.ca account, it will not find this in DNS.

What I need is for the sendmail/mailscanner server on the gateway, pbco-server3.pbco.ca to send all mail to any pbco.ca address, to the actual Scalix server on the LAN?

Any ideas how I can do this?


Below is the maillog for a message sent from the nobody@pbco-server3.pbco.ca account on server3, to jstork@pbco.ca.

Aug 30 08:52:32 pbco-server3 sendmail[31423]: j7UFqCO8031423: to=<jstork@pbco.ca>, delay=00:00:00, mailer=esmtp, pri=30531, stat=queued
Aug 30 08:52:32 pbco-server3 sendmail[31397]: j7UFppDK031397: to=jstork@pbco.ca, ctladdr=nobody@pbco-server3.pbco.ca (99/99), delay=00:00:41, xdelay=00:00:20, mailer=relay, pri=30358, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (j7UFqCO8031423 Message accepted for delivery)
Aug 30 08:53:35 pbco-server3 sendmail[31459]: STARTTLS=client, relay=pbco.ca., version=TLSv1/SSLv3, verify=FAIL, cipher=AES256-SHA, bits=256/256
Aug 30 08:53:36 pbco-server3 sendmail[31459]: j7UFqCO8031423: to=<jstork@pbco.ca>, ctladdr=<nobody@pbco-server3.pbco.ca> (99/99), delay=00:01:04, xdelay=00:00:19, mailer=esmtp, pri=120531, relay=pbco.ca. [216.7.189.216], dsn=5.1.1, stat=User unknown
Aug 30 08:53:36 pbco-server3 sendmail[31459]: j7UFqCO8031423: j7UFqsgR031459: DSN: User unknown

[ScalixSupport]

I know you've already logged this as a support call but I thought I'd better post the result for other forum members.

The solution in this case is to add a mailertable entry in /etc/mail/mailertable which reads:

pbco.com smtp:[pbco-server2.pbco.ca]


The two values are tab separated and you need to restart sendmail for this change to be picked up.

This tells sendmail that any recipient address where the domain is pbco.com should be routed via the smtp mailer to pbco-server2.pbco.ca. The square brackets around the server name prevents sendmail from doing any MX lookups and potentially causing a routing loop.

Cheers

Dave