Do u have a reverse DNS record for your mail server in your extern DNS ?
U need to have that !
(Had the same problem with hotmail.com and others)....
____________________________________________________
Med venlig hilsen / Best regards
Lars Schmidt-Petersen Tlf. : +45 74 33 53 42
Sønderjyllands Amt - edb-kontoret e-mail : LSP AT SJA DOT DK
Skelbækvej 2
6200 Aabenraa
____________________________________________________
Nick Brandson <nickbrandson AT YAHOO DOT COM>
Sendt af: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
25-08-2003 13:48
Besvar venligst til Mailing list for discussion of Firewall-1
Til: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
cc:
Vedr.: [FW-1] Something about Sendmail & FW-1
Dear guru,
Got some problems with Sendmail setting (I bet).
Having place the Sendmail in DMZ and all the mails CAN
be sent and received successfully and normally EXCEPT
those mails sending to the mail servers or systems
need to do a reversed DNS Lookup, then the user will
receive a bounced back message from the mail server
saying "550.5.71 <receipent's email> ... Relaying
denied. IP name lookup failed [Firewall DMZ Internal
IP]".
Tried to ask the user to add the Reversed DNS record
for the mail server
nslookup x.x.x.x
can receive the reply from mail.x.com
- successful
Firewall settings
1. Mail Servers in the DMZ
2. One-to-one (Static) NAT for mail servers
3. Enabled "Auto Arp" & "Client-side NAT"
4. Rule allow "Any -> MailSrvs -> SMTP/POP ->
Allow"
5. Hide behind this interface 0.0.0.0 for Internal
Segement
6. No Hide mode for DMZ network
7. DNS query is allowed in the Global Property
Internal: 192.168.1.0.x/24
DMZ : 192.168.10.x/24
Firewall-Internal: 192.168.1.254
Firewall-DMZ: 192.168.10.254
Is there any setting has to be done in sendmail
server?
Seems the relay setting is blocked in the sendmail as
it showed the firewall dmz IP address in the error
message...
thanks
Nick
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
