"Daniel L'Hommedieu" <dlhommed...@gmail.com> wrote in message news:9a3f9786-0cb4-41a7-8462-4c49445a4...@gmail.com... > On Nov 5, 2009, at 16:12, Eric B. wrote: >> "Daniel L'Hommedieu" <dlhommed...@gmail.com> wrote in message >> news:670a051c-1871-4e2e-82d8-187324ef1...@gmail.com... >>> On Nov 5, 2009, at 15:52, Eric B. wrote: >>>> "Eric B." <ebe...@hotmail.com> wrote in message >>>> news:hcupsk$b8...@ger.gmane.org... >>>>> "Victor Duchovni" <victor.ducho...@morganstanley.com> wrote in >>>>> message >>>>> news:20091104232940.gi27...@np305c2n2.ms.com... >>>>>> On Wed, Nov 04, 2009 at 06:16:56PM -0500, Eric B. wrote: >>>>>> >>>>>>> Is there no way to direct Postfix to a different DNS server (as >>>>>>> opposed >>>>>>> to >>>>>>> the ones specified in resolve.conf) either for a particular >>>>>>> domain, >>>>>>> or >>>>>>> for >>>>>>> all domains altogether? >>>>>> >>>>>> If you chroot-jail the smtp(8) delivery agent, it will use the >>>>>> resolv.conf >>>>>> file in the chroot jail. This is ugly, you are probably solving the >>>>>> wrong problem. >>>>> >>>>> Interesting thought. I agree that this is somewhat ugly, but might >>>>> be >>>>> something worth investigating... >>>> >>>> Ok - now I am very confused. I tried setting up Postfix in a chroot >>>> jail, >>>> and specified a different set of nameservers in >>>> /var/spool/postfix/etc/resolv.conf. However, it seems as though >>>> Postfix >>>> continues to use the name servers specified in /etc/resolv.conf and >>>> not >>>> the >>>> ones in the chroot jail. >>>> >>>> I have gone so far as to create an empty /var/spool/.../ resolv.conf >>>> with >>>> no >>>> nameservers specified, and yet postfix is still able to deliver the >>>> email >>>> (to the wrong server). I would have expected that leaving the >>>> nameservers >>>> blank would have caused Postfix to choke, and yet it still connects. >>>> >>>> I definitley have chroot set to Y in my master.cf file, and have done >>>> a >>>> postfix restart. I do get a warning on restart that >>>> postfix/postfix-script: warning: /var/spool/postfix/etc/ resolv.conf >>>> and >>>> /etc/resolv.conf differ >>>> >>>> Or does the fact that they differ cause the chroot to fail, and the >>>> process >>>> ends up running in regular mode instead? >>>> >>>> I have gone as far as deleting the /var/spool/postfix/lib and lib64 >>>> directories, and postfix still starts without any error messages. >>>> And >>>> when >>>> I try to mail something, it still manages to send the mail. So that >>>> gives >>>> me confirmation that the chroot isn't working properly. >>>> >>>> Apart from setting chroot to y in master.cf, is there anything else I >>>> have >>>> to do to enable it properly? >>>> >>>> Thanks, >>> >>> Eric, >>> >>> Getting back to your original goal, my understanding is that the >>> original >>> goal is to override the DNS "A" record for a single host, yes? If so, >>> that is a perfect use for /etc/hosts. Give that method a try. >> >> Actually, it isn't for the "A" record; it is for the MX record(s). And >> unfortunately, I know of no way of using the hosts file to override MX >> records for a particular domain.
> > It seems to me that you do want to override an "A" record: all you care > about is that outbound mail gets routed through another host. Your > postfix server will use DNS to query for the MX record for example.com , > which will return mx.example.com. Ordinarily it would then query DNS for > the "A" record for mx.example.com, but if you configure nsswitch.com to > query files before DNS, you can put mx.example.com into the /etc/ hosts > file, with the desired IP address. Interesting idea. I could probably try something like that, but would require a little reconfiguration of my internal DNS so I don't override some of my internal DNS names instead... I think I'll try this as a Plan B if I can't get the others to work. Thanks for the tip, Eric
