Earlier this week, I wrote:
>I've just installed ISDN dialup service at home, using an Ascend
>Pipeline 75 router. Every time a purely local e-mail message is
>sent (even me to me), the router brings up the link to my ISP.
>
>I'm running Solaris 2.5.1.
>
>Snoop shows ('osprey' is my hostname; 'router0.isp.net' is the ISP;
>IP addresses are blanked out to protect the innocent):
>
># snoop -V osprey
>Using device /dev/elx (promiscuous mode)
>osprey -> localhost ETHER Type=0800 (IP), size = 58 bytes
>osprey -> localhost IP D=1.0.0.0.127 S=XXX.XXX.XX.XX LEN=44, ID=26169
>osprey -> localhost UDP D=512 S=33023 LEN=24
>osprey -> localhost BIFF C port=33023 tkevans@132660\n\0
>
>router0.isp.net -> osprey ETHER Type=0800 (IP), size = 70 bytes
>router0.isp.net -> osprey IP D=XXX.XXX.XX.XX S=XXX.XXX.XX.XX LEN=56, ID=50896
>router0.isp.net -> osprey ICMP Destination unreachable (Bad host)
>
>Notice the 'tkevans@132660'. This appears to be a random number, and
>it's different each time. It also looks like a bogus hostname on my
>local network.
>
>I am running a local nameserver for my little 4-host domain, and have
>/etc/nsswitch.conf set up to look for hostnames in /etc/hosts, then
>DNS. /etc/resolv.conf shows only my own domain name and "nameserver
>127.0.0.1".
>
>Ascend Tech Support swears this is a DNS lookup request, and that
>such shouldn't be filtered by the router. Of course, DNS shouldn't
>be filtered, but if my own nameserver is authoritative for my
>own domain, even a bogus hostname lookup in that domain should be
>handled by my own nameserver, without the router even bringing
>up the link.
>
>I have even gone so far as to disable comsat in inetd.conf, and
>re-name the in.comsat and biff executables. This *still* happens,
>even after reboots.
>
Thanks to:
rdervan@abraxis.com (Richard B Dervan)
Casper Dik <casper@holland.Sun.COM>
davem@fdgroup.co.uk (David Mitchell)
jwf@ccuc.on.ca (John W. Funk)
Bob Woodward <bobw@filmworks.com>
Casper pointed out the byte-order reversal of the localhost
IP address in the packet trace ('127.0.0.1' was turned around
to '1.0.0.127'--see line two of the snoop output above).
He recommended that I change the local delivery
agent in sendmail.cf from /bin/mail to /usr/lib/mail.local.
This resolved the problem.
The Sunsolve bug database has a report on this, bugid #1252722.
Sun's solution is to install the Solaris recommended patch set,
which, among other things, changes the local delivery agent to
mail.local. I'd already installed this patch set, but am using
sendmail 8.8.6, so I had to do the sendmail.cf fix myself.
-- Tim Evans | E.I. du Pont de Nemours & Co. tkevans@eplrx7.es.dupont.com | Experimental Station (302) 695-9353/8638 (FAX) | P.O. Box 80357 EVANSTK AT A1 AT ESVAX | Wilmington, Delaware 19880-0357
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:59 CDT