> Date: Wed, 29 Oct 2008 09:52:05 -0700
> From: Justin Pryzby
> To: bind-users@isc.org
> Subject: Re: bind and outgoing mail relay
> On Wed, Oct 29, 2008 at 09:24:36AM -0700, Gregory Hicks wrote:
> > > I wonder if there's any way of using our local recursive server

> > > forcing all locally-originating mail to go through a given mail

> > > I suspect not?

> >
> > Not via DNS. The setup is with the sendmail.cf (or what ever config
> > file you use).

> That doesn't *force* outgoing mail through the mailserver; I was
> looking for a way (perhaps) to get all MX queries to return our local
> server, but I think that's impossible...?

Not impossible. h2n provides a way to set the MX for hosts to whatever
you desire. In your own domain (or domains that you control) of
course. You cannot do anything about domains that you do not control.

But the "gateway" function of sendmail.cf will, in fact, force all mail
to be relayed through a 'gateway' host. If your firewall settings are
correct and block all connection attempts from other than the
designated host, mail not going to the mail gateway won't get

I think the "DG" macro specifies the "gateway out of our domain".
You'll also want to have one or more instances of the CI (IP addresses
in our domain) macro.

Gregory Hicks

> Justin

Gregory Hicks | Principal Systems Engineer
Cadence Design Systems | Direct: 408.576.3609
555 River Oaks Pkwy M/S 9B1
San Jose, CA 95134

People sleep peaceably in their beds at night only because rough men
stand ready to do violence on their behalf -- George Orwell

The price of freedom is eternal vigilance. -- Thomas Jefferson

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton