Re: [cobalt-users] Mail Exchange in DMZ

["Colin J. Raven" <cjraven@xxxxxxxxxxx>]

On Sun, 8 Apr 2001, Jeff Jensen wrote:
> I'm sorry if this isn't a Cobalt question.
 
Yes, it is a "Cobalt Question" tangentially.

> I have just installed a second RAQ in my DMZ and now have a problem when
> sending mail between the two machines. In the maillog I can see that the
> sendmail times out when trying to send mail between the two. I don't
> have any problems with sending and receiving mail from the Internet on
> the two Raqs.

As a first guess (and that's what it is) it sounds like there is no
success on reverse lookup, ergo Sedmail times out attempting to deliver
the message.
 
>  I know this has something to do with the machines external IP and the
> firewall. 

Ummm...yes and perhaps also no.
You said both machines are in the DMZ, so a couple of questions come to
mind;
a) How is your DNS set up? (who's handling it...you or a 3rd party?)
b) To what extent is each machine aware of the other?? Is one machine
designed to be a failover for the other??? This isn't clear from your
post...I'm "assuming" (risky) that there isn't a relationship between the
two. Mail from one machine to the other shouldn't be passing *through* the
firewall, but maybe just *to* the firewall (then back inside) but again,
details are thin, so this is speculative at best.

If I were you, I'd begin thinking "behind" the firewall first, especially
since you say that mail *from* the WAN and *to* the WAN works for each
machine. In any event, more detail would be useful to begin zeroing in on
the real cause.

Just my first stab at this, anyone???????
Hell, as a "cheap date" you could put each  machine's external IP in
the other's resolv.conf I guess....I gotta try this myself since I have an
experimental setup somewhat similar at home.

Regards,
-Colin
--
Colin J. Raven
Linux Registered User #82296
Sun Apr  8 11:36:00 EDT 2001
 11:36am  up 39 days, 15:07,  1 user,  load average: 0.02, 0.05, 0.00