Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

bind, named and sendmail in 10.2 UNIX
It's really nice that Apple includes the BIND (named) setup by default. But they forgot to spell check! Modify the BIND file located at /System -> Library -> StartupItems -> BIND, and fix this line:
  if [ "${DNSSSERVER:=-NO-}" = "-YES-" ]; then
to only include two "S" characters instead of three. Then go change NO to YES in the /etc/hostconfig file to get named to start correctly.

Read the rest of the article for more on named, bind, and sendmail...

Once you've made the first two changes, go to /var/named/ and add the names of your local machines:
  bubba     A
jones A
It wouldn't hurt to also add them to /var/named/named.local.

Next go to the "Network" control panel and create a new location. For the DNS server, enter "" and for the search domain enter "localhost". Then reboot or run:
  % /usr/sbin/named
to get it going immediately.

sendmail also works this time around. I did a:
  % chmod g-w /
to make it happy. Then I set all my email accounts to use "localhost" as the SMTP server. Make sure to edit the:
file and add the local machine and the usual suspects on your local network (if you want them to use you as the SMTP gateway):
Although it appeared to work better when it was first loaded, 10.2 quickly forgot about its favorite internet applications and started using Internet Exploder. So you need to go do the old tricks in /System -> Library -> PreferencePanes -> Internet.prefPane -> Contents -> Resources -> English.lproj -> DefaultHelperApps.plist.

these few things make all the difference. Of course, all this should be done as root:
  % sudo su
  • Currently 3.00 / 5
  You rated: 2 / 5 (2 votes cast)

bind, named and sendmail in 10.2 | 11 comments | Create New Account
Click here to return to the 'bind, named and sendmail in 10.2' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
why sudo su?
Authored by: a1291762 on Aug 26, '02 07:56:30PM

Why not just type "sudo -s"? It launches a shell as root. I could maybe understand "sudo su -" which will better simulate a root login.

[ Reply to This | # ]
dynamic ip
Authored by: kentucky on Aug 27, '02 12:54:48AM

How should that work with dynamic ip? every day my ip is changing by the provider!
Is there an oder trick to fix sendmail?

[ Reply to This | # ]
Can you give us an example of what these files are supossed to look like?
Authored by: myself on Aug 27, '02 06:31:30PM

Coming from a newbies perspective, you lost me at

bubba A
jones A

[ Reply to This | # ]
some answers to questions?
Authored by: rgould on Aug 27, '02 10:53:39PM
real quick: i use bind/named is for caching my local network names and for caching DNS lookup information. in other words, i use it to speed up web browsing to use you own private DNS server rather than the one provided by my isp. back to the questions: who the hell cares how you get to be root, so long as it works?! worry about something else "a1291762". there are a million different ways to do it and i chose "sudo su". on to the better questions/concerns: you would list all the machines on your local network in the /var/named/ file that you want to be able to reference by name. sadly, apple got rid of the /etc/hosts functionality. since bind/named is actually using the root DNS servers for initially resolving names they arent going to know who bubba is. and since you are actually making a ".localhost" domain, they certainly arent going to know who bubba.localhost is (rather than if you only have one computer (the computer you are setting this up on), then there only needs to be one entry. the "A" stands for alias. so the name "bubba" is aliased to the ip address it could just as well be "my-mac" aliased to "bubba", of course, is an example. this is the name of MY machine. change it to be the name of your machine. and it cant have any spaces in it, only "-" and numbers. i have a linksys firewall/hub behind a cable modem. my mac is plugged into the linksys. so i chose the "bootleg" 192.168.x.x networking scheme for my not-real-world network. the linksys handles the goofy DHCP networking addresses that the isp gives me. you could also have a:
gateway         A
reference in the file. so you would be able to ping your "gateway", (which would resolve to the ip address for the linksys router). you could, of course, call it whatever you want:
some-router-thingy-a-mabob         A
you should also add AT LEAST the local machine (that this bind/named server is running on) to the /var/named/named.local file. the format is exactly the same. it couldnt hurt to also include the other machines. if you dont have your own private networking going on, and you are plugged into the modem directly, im not sure how all this bind/named stuff would work. getting that to work would probably be a real trick. i would invest in the linksys (or something like it). its safer for your computer, and it makes adding more machines easier. so, in summary, you can add as many names for different things on your own network that you want in the /var/named/ file and the /var/named/named.local file:
gateway         A
bubba           A
jones           A
ibook           A
gregs-7300      A
both files serve different purposes, and both are necessary. when all is said and done, you should be able to bring up the prompt and type:
    >nslookup bubba
and it should come back with:
    Server:  localhost

    Name:    bubba.localhost
if that doesnt work, try:
    >nslookup bubba.localhost
if that doesnt work, then make sure the search domain in the networking control panel includes "localhost". you should also set your ip address to "bubba". also remember, after modifying the files, you HAVE to restart the bind/named server. and each time you do this, you lose the speed of all the caching of the lookups you have done. the DNS stuff stored locally is stored in memory, and there is "no way" to write it to disk. if you have a bunch of sites that you commonly go to that you would like quick lookup for when you turn your computer, you may want to create a StartupItem that does nothing but:
etc. that way, when you get around to browsing them, they are already in cache. i looked around long and hard for documentation on this stuff (im hardly a pro) and everything that i found was very technical, poorly written, and very confusing. thats why i sent in the tip - to try and boil it all down for everyone. here are a couple of sites, but its all very confusing: the cool thing is, apple pretty much has everything setup for you, and all you have to do is plug in a few things. i did all this for 10.1 and it was a major pain in the butt. i spent many long hours trying to get it work. writing your own config files is not fun. apple made it easy, be thankful.

[ Reply to This | # ]
some answers to questions?
Authored by: shen on Aug 28, '02 02:55:07AM

"if you dont have your own private networking going on, and you are plugged into the modem directly, im not sure how all this bind/named stuff would work. getting that to work would probably be a real trick. i would invest in the linksys (or something like it). its safer for your computer, and it makes adding more machines easier."

Short answer: it apparently doesn't.

RGould, I can't help but get the feeling that your base configuration is somehow quite different from mine, if what you described has actually given you a functional sendmail. I have tried a dozen different ways to get sendmail running in 10.1.5 and 10.2 and none of them work. All I want is to be able to get syslog reports emailed to me instead of /dev/null. I have managed to get the daemon running and it will even accept connections on localhost port 25, but after that it always fails to accept a message. Very frustrating, and I dare say Apple is getting far too much credit for making something easy that turns out to be really quite difficult for some. I'm a pretty old hand with BSD operating systems, and Apple's netinfo and SystemStarter pretty much makes everything I think I know about configuring mail transport agents worthless in Mac OS X. I just hope someone comes up with a safe and sane way to do what should be relatively simple task. Why there isn't a checkbox in Sharing to enable sendmail is beyond me. Maybe I should just buck the system and install qmail or postfix instead.

[ Reply to This | # ]
some answers to questions?
Authored by: rgould on Aug 28, '02 10:03:52AM
did you make sure to:
chmod g-w /
to make sendmail happy? modifying the /etc/mail/ file and fiddling with the
O UnsafeGroupWrites=False
line didnt seem to help me. if you did do the chmod trick, you are going to have to make sure to do it again after every install with a apple package you do. apparently the package installer resets that permission. a good way to figure out why your sendmail is not happy is to check in /var/log/mail.log. to troubleshoot, i open up a terminal and type
tail -F /var/log/mail.log
this will show you what gets written to the file in real-time so long as you keep the tail process running. now send some mail and see what it is complaining about. or, research what the error is that the server is giving you back. i use as for my installation vs everyone elses installation, i did a clean install of 10.2. if you did an install over a 10.1 things could be all outta whack.

[ Reply to This | # ]
some answers to questions?
Authored by: shen on Aug 28, '02 01:31:16PM

I did all of the perms fixes, had a clean install of 10.2. I was already tailing mail.log and the error message returned by sendmail is so non-specific I can't find any further info on it.

Thanks for posting... I've complained to Apple about this one, because it is just unreasonable to ship a Unix distribution (which Mac OS X undeniably is) with broken sendmail and provide no safe, sane, or standard procedure to enable it.

[ Reply to This | # ]
Also trying to get syslog mailed to
Authored by: dhed on Sep 06, '02 02:09:05PM

I have gone over all the hints I can find and followed the original instructions for setting this up in 10.1.5 (which was working before I upgraded to 10.2), but I can't seem to get to see my local mail account.

I think I am hung up on getting to see the Unix account. In Mail 1.0, you could select an email account with a type of UNIX. This isn't an option in Mail 1.2, just IMAP, POP and iMac mail accounts are listed.

Is there any way to get this selection back so the UNIX account is an option when setting up your account?

[ Reply to This | # ]
OT: Also trying to get syslog mailed to
Authored by: carsten on Sep 21, '02 09:44:00AM

Local unix mailbox accounts are no longer an option in 10.2's Mail (Grrrrrrrr. Rrr!!) You need to install an imap or pop server now to access your local mail. You can also use the command-line mail program, or install a much friendlier command-line mail program such as pine.

[ Reply to This | # ]
bind correction
Authored by: tenebrae on Sep 21, '02 12:34:42AM

Just a quick correction to rgould's bind setup info.

The only information needed in named.local would be the name of the local machine. That file is only used for the reverse DNS (ie. PTR or record for the 127.0.0 netblock, the only entry needed is the default:

1 IN PTR localhost.

Any 192.168 IP addresses that you enter there might actually cause errors with BIND, else BIND will interpret them as, which won't resolve to anything on your local network.

Other than that lil issue, the info was spot-on regarding BIND. I can't speak to the sendmail info, as my OS X box is a workstation, and I leave the mail to my (FreeBSD) server. Hope this helps.

[ Reply to This | # ]
Authored by: ClarkGoble on Oct 11, '02 12:37:49AM

Minor quibble, just in case anyone has problems. The file to edit is
/System/Library/StartupItems/BIND/BIND. The author forgot a BIND.

[ Reply to This | # ]