Recipe 5.3 Disabling MX Processing to Avoid Loops

Problem

When a host's mailertable routes mail to a destination whose MX records point back to the host, a mail loop is possible.

Solution

Disabling MX processing for the mailertable entry avoids this type of mail loop.Enclose the host field of the mailertable entry in square brackets when the system identified in the host field uses the sendmail system as its mail exchanger . The mailertable [ host ] syntax bypasses MX record processing. After creating the mailertable , process the mailertable text file with the makemap script to build a hash database.

Include the mailertable feature in the sendmail configuration using lines such as the following:

 dnl Add support for the mailertable FEATURE(`mailertable')

Build the sendmail.cf file, copy it to /etc/mail , and restart sendmail following the example in Recipe 1.8.

Discussion

Usually a mail exchanger handles the mail routed to it by MX records through sendmail's basic relaying and forwarding functions, as discussed in Chapter 2 and Chapter 3. On those occasions when a mail exchanger handles this mail through the mailertable , special care is needed to avoid mail loops. To understand this, let's look at a couple of sample mailertable entries:

 .wrotethebook.net     smtp:[mail.wrotethebook.net] wrotethebook.net      smtp:[mail.wrotethebook.net]

The wrotethebook.net domain is handled through the mailertable . This domain cannot be handled through standard forwarding or relaying because those methods use the esmtp mailer and the host mail.wrotethebook.net does not understand Extended SMTP. For that same reason, MX records for the wrotethebook.net domain do not point directly to mail.wrotethebook.net . If the MX records did point directly, remote systems would attempt to send mail directly to mail.wrotethebook.net using the Internet's standard Extended SMTP protocol, which that system does not support. Our local system is a mail gateway configured to handle this problem. Mail is directed to our local host by MX records. The mailertable on the local host is configured to route mail to mail.wrotethebook.net using the mailer that mail.wrotethebook.net supports.

The two sample mailertable entries for wrotethebook.net look almost identical to the mailertable entries used in other recipes in this chapter. The primary difference is the use of the [ host ] syntax. This syntax prevents sendmail from doing an MX record lookup when delivering mail, as directed by the mailertable . Without this syntax, sendmail checks the MX record and follows its direction when making a final delivery. In this case, following the MX record would cause a loop because the MX record points right back to the local host. Using the [ host ] syntax bypasses the MX record and avoids the loop.

The sample mailertable entries refer to the same domain: one entry is a partial domain name and the other is a full domain name. The entry for the full domain name is used to catch mail addressed to user @ domain , in case there is an MX record for the entire domain. The entry for the partial domain name catches mail addressed to user @ host . domain for those hosts that have individual MX records. The recipient address pat@wrotethebook.net matches this mailertable entry:

 wrotethebook.net     smtp:[mail.wrotethebook.net]

and the address pat@sales.wrotethebook.net matches this entry:

 .wrotethebook.net    smtp:[mail.wrotethebook.net]

Neither entry by itself is sufficient to catch both address formats. Both mailertable entries are needed if both types of MX records exist. Because the sendmail administrator may not have control over the exact format of the MX records placed in the DNS zone file, it is safest to put both entries in the mailertable .

Recipe 5.3 Disabling MX Processing to Avoid Loops