(Original article directly below the answer that follows now)
I haven't tried this yet, but Steven Ho tells me:
>A patch is now available for this problem.
>Keywords: bypass, mailhost, mail, security, sendmail, sometime, connect, host, outside, domain
>Synopsis: Solaris 2.1: sendmail sometimes bypasses mailhost and connects directly to host outside its domain
>Hope this helps,
And that is not all. If you run DNS without NIS and you are running SunOS 4.1,
you may wind up with ping and telnet to a system resulting in "host unknown",
too. For this, a patch exists, too. It is included here, for completeness'
sake, use it at your own risk, but it works for me...
% # (First test a proper resolv.conf with nslookup!). Then:
% cd /usr/lib/shlib.etc
% mkdir tmp
% cd tmp
% ar x ../libc_pic.a
% rm __.SYMDEF
% mv rpc_dtablesize. rpc_dtablesize.o
% mv rpc_commondata. rpc_commondata.o
% ar x /usr/lib/libresolv.a
% rm gethostent.o strcasecmp.o
% cd ..
% cp lorder-sparc lorder-sparc.orig
% # (Now edit lorder-sparc:
# so that you now have:
% make libc.so
% # (This should build some libc.so.x.y.z; test this library:
% setenv LD_LIBRARY_PATH `pwd`
% # Test this. (ping, or ftp, or telnet). If it works:
% cp libc.so.x.y.z /usr/lib
% unsetenv LD_LIBRARY_PATH
% # Verify if it works, output should contain the new library name:
% trace date
% # Ready.
----- Begin Included Message -----
>From firstname.lastname@example.org Mon Jan 11 11:51 PST 1993
From: Adri.Verhoef@rivm.nl (Adri Verhoef)
Subject: Solaris 2.1 mail/DNS client configuration problem (nsswitch.conf?)
This is my new Solaris 2.1 SparcStation 10.
My problem is that E-mail and DNS don't cooperate very well.
My hosts file is very small, containing three entries:
127.0.0.1 localhost loghost
184.108.40.206 krypton.rivm.nl krypton mailhost news
and my sendmail.cf has DR and CR set to `mailhost', and Dm set to `rivm.nl'.
In my /etc/nsswitch.conf file I have specified "hosts: files",
so that mail works. (Outbound mail gets sent to `mailhost'.)
But, in this way, I have to update my /etc/hosts file myself.
So, add "dns" to the `hosts' entry of nsswitch.conf, like this:
hosts: files dns
Now I can ftp and telnet inside my local domain (there is a firewall).
now almost all mail stays in the queue: "No route to host". Sendmail
tries to directly connect to the foreign host, but since there is a
firewall, I am not permitted to connect directly, and the mail can't
(In the good configuration,
All outbound mail should be sent to `mailhost' (krypton.rivm.nl).)
Output of `netstat -r' looks like this (localhost == toonder):
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
localhost localhost UH 0 3175 lo0
220.127.116.11 toonder U 2 1473 le0
default 18.104.22.168 UG 0 61
So, in order to let E-mail work, I change the
`hosts' entry in nsswitch.conf back to
but now ftp/telnet/rlogin/finger can't find foreign hosts (those that are
not in the hosts file). (However, nslookup works, thanks to the
resolv.conf file, that looks like this:)
If you know the answer, let me know. I'll summarize, if possible. Thanks,
----- End Included Message -----
Thanks to: Ying.Ho@corp.sun.com (Steven Ho)
and all others who replied.
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:23 CDT