Hi Guys, Thanks for all the advice on my post a couple weeks ago regarding redoing a new box.
I've made the plunge and installed RH7.3, and managed to successfully install a 'custom' setup. I let RH installer do mysql and PHP although my instinct was nagging me to hand install those. I have yet to install Apache and FP extensions. The RHN updates are kinda spiffy (first time I've tried it) and with VNC it's pretty nice to be able to log in remotely. I'm excited about playing with squirrel mail and other toys once I've got the machine stabilized. I have a few more dumb questions to ask and there may be simple answers, but I'm not quite able to sort this out. Situation: ========== Initially the custom install put in IPCHAINS vs. IPTABLES contrary to RH documentation. I'm not familiar with either, but found that once I got up, that my DNS wasn't working (I do my own DNS for websharx.com and a couple of friends domains). 1 ) I did a bit of googling, and was able to figure out how to open up port #53 to the outside world. 2) I then had a problem with mail not coming in and opened up SMTP, but mail still was not coming in. Telnetting from the outside to mail port did not work. As a result the following lines were added to /etc/sysconfig/ipchains file: -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 53 -p udp -j ACCEPT 3) Mail still was not coming in and the port now showed on nmap scans but showed as being closed. After a little more googling, I commented out this line from the /etc/mail/sendmail.mc file: dnl This changes sendmail to only listen on the loopback device 127.0.0.1 dnl and not on any other network devices. Comment this out if you want dnl to accept email over the network. dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') After changing DAEMON_OPTIONS to have dnl in front of it, mail started coming in. NOTE: Have I done something horrible and opened myself up more than necessary? I'd like to keep this puppy tight, but I need to serve DNS, WWW, and receive and send mail locally and from the outside. 4) I'm having a problem with mail being rejected from a host that I'm sending mail to. I can send mail to some folks, but not others. This particular host returns the following message: ======================================================================= The original message was received at Wed, 18 Sep 2002 01:26:46 -1000 from [EMAIL PROTECTED] ----- The following addresses had transient non-fatal errors ----- <[EMAIL PROTECTED]> ----- Transcript of session follows ----- ... while talking to smtp-cpf.xxx.com.: >>> RCPT To:<[EMAIL PROTECTED]> <<< 451 4.1.8 Domain of sender address [EMAIL PROTECTED] does not resolve <[EMAIL PROTECTED]>... Deferred: 451 4.1.8 Domain of sender address [EMAIL PROTECTED] does not resolve Warning: message still undelivered after 4 hours Will keep trying until message is 5 days old [ Part 2: "Delivery Status" ] Reporting-MTA: dns; tiger.websharx.com Arrival-Date: Wed, 18 Sep 2002 01:26:46 -1000 Final-Recipient: RFC822; [EMAIL PROTECTED] Action: delayed Status: 4.1.8 Remote-MTA: DNS; smtp-cpf.xxx.com Diagnostic-Code: SMTP; 451 4.1.8 Domain of sender address [EMAIL PROTECTED] does not resolve Last-Attempt-Date: Wed, 18 Sep 2002 06:26:15 -1000 Will-Retry-Until: Mon, 23 Sep 2002 01:26:46 -1000 ======================================================================= My DNS seems to be working and I basically copied the /var/named entries from my old RH6.2 setup over to the new one, and changed /etc/named.conf appropriately. Nslookup seems work inside and pinging from other hosts seems to work. Nslookup from the outside using websharx.com as the server work too. I've believe I've changed the hostname in the right places, but not sure if that is the issue. I have a feeling I'm missing something in my sendmail setup or my DNS setup that makes this host reject my mail. I can send mail to other hosts though, just like when I was on RH6.2. I used to send mail to this host regularly but with this install of RH7.3 it rejects it. Would anyone be able to help me with learning this aspect of config or provide insight? Any other tips you might suggest for this new install? I'm trying to keep only a minimum of ports open till I can get everything locked down. Thanks in advance, Sharky