Optimizing sendmail smart hosts

While debugging an issue last week, I noticed some odd behavior when the Sendmail Smart host configuration directive (DS) was used. Smart hosts allow nodes to delegate mail delivery services to upstream devices, alleviating the need to run a full blown mail relay on each host. Smart hosts are configured with the Sendmail MC SMART_HOST directive, or through the sendmail.cf/submit.cf DS variable:

$ grep DS /etc/mail/submit.cf
DSsmtp-relay.dns.net

While I was performing a packet capture to isolate a problem with mail delivery, I noticed that each outbound message triggered several odd DNS lookups:

$ snoop -d eri0 port 53

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.net. Internet MX ?
dnsserver.dns.net -> s1 DNS R

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.net.internal.dns.net. Internet MX ?
dnsserver.dns.net -> s1 DNS R Error: 3(Name Error)

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.net.corp.dns.net. Internet MX ?
dnsserver.dns.net -> s1 DNS R Error: 3(Name Error) 

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.net.dns.net. Internet MX ?
dnsserver.dns.net -> s1 DNS R Error: 3(Name Error)

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.net. Internet Unknown (28) ?
dnsserver.dns.net -> s1 DNS R

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.net. Internet Addr ?
dnsserver.dns.net -> s1 DNS R smtp-relay.dns.net. Internet Addr 1.2.3.4 

Upon closer inspection, I noticed that sendmail (actually the resolution libraries) were attempting to resolve the SMTP relay along with each entry in the search path. To fix this issue ( I think it’s an issue, since it’s wasting bandwidth and CPU cycles), I fully qualified the smart host in my submit.cf:

$ grep DS /etc/mail/submit.cf
DSsmtp-relay.dns.net.

Once this was changed, and sendmail was restarted, the resolver only requested entries for the FQDN:

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.com. Internet MX ?
dnsserver.dns.net -> s1 DNS R

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.com. Internet Unknown (28) ?
dnsserver.dns.net -> s1 DNS R

s1 -> dnsserver.dns.net DNS C smtp-relay.dns.com. Internet Addr ?
dnsserver.dns.net -> s1 DNS R smtp-relay.dns.com. Internet Addr 1.2.3.4

I just dusted off my bat book, and hope to find an MC setting to disable MX lookups for the smart host. That should kill four more UDP datagrams. :)

4 thoughts on “Optimizing sendmail smart hosts”

  1. I have a really strange issue with using a smart host in sendmail. when outbound mail is sent to my email server via stmp (from a workstation) and the link to the smart host is down, sendmail will hang and never accept the msg for delivery. As soon as the smart host is reachable again – sendmail has no problem accepting msgs. I always thought sendmail would accept msgs for remote delivery and try to reach the smart host without holding up the client.

    msg flow:
    workstation -> email server -> (internet) smarthost.

    Only experienced this in Thunderbird – haven’t tested other’s or done manual test. but still strange to me.

  2. One should never modify the sendmail.cf : it will prove as difficult to maintain and update as would be the practice of hand-editing software binaries. Modify the source, rebuild the object. Your modification, therefore, should be made as part of your sendmail.mc file. Sendmail would seem large and baroque to someone even suggesting modification of the .cf file.

    The smarthost mechanism should have gone away by now. The new mechanism is in the mailertable, if I remember correctly. I’ve used it for several different ‘smart host’ configurations in the same service, and it’s not only worked well but also handled unreachable smart hosts without blocking.

  3. Not sure if you already know this but to stop the system using DNS Lookups you need to enclose the host in square backets.

    DS[smtp-relay.dns.net]

    as long as it resolves locally that will work for you.

  4. Jad is 99% acurate with his answer.
    When you put a hostname between square brackets, you tell Sendmail to skip the MX lookups. The system will still look for A records in DNS (which is what most people want in this case)

    Regards Steven

Leave a Reply

Your email address will not be published. Required fields are marked *