sendmail relaying

bithead bithead at adelphia.net
Sun Jan 19 11:59:34 EST 2003


Robert, did you figure out this problem? I am catching up with my email
prior to the meeting today.

I noticed in your original post that you stated you could send mail to your
UB account but not the AOL account.
I am assuming you used the same methods to send the message both times.
That rules out your configuration of relaying, I believe.

What I found we had to do one time for a mail server I work with was to
ensure that there was a PTR record in existance for that relaying mailhost.
This is a requirement which is used in conjunction with many sites'
anti-spam countermeasures. They want to be able to resolve your name from
your IP (which they know) before accepting your mail for relay (even if it
is to their domain).

Go to www.dnsstuff.com and type in your ip address to see what they would
see if they do a PTR on your mailhost.

The remainder is in their anti-spam configuration.

- Brian

----- Original Message -----
From: "Robert Dege" <rdege at cse.Buffalo.EDU>
To: <nflug at nflug.org>
Sent: Friday, January 03, 2003 9:48 PM
Subject: Re: sendmail relaying


>
> Well, you see, therein lies the problem.  When Mozilla tries to send the
> email, it immediately gives me the relaying message.  It doesn't send ->
> bounce error.
>
> That's why I'm having problems trouble-shooting this problem.  I have no
> debugging info to help chase down the problem.
>
> I'll reboot into linux & see if I can get pine to supply more info.
>
> -Rob
>
> > this mc will generate a sendmail.cf that will relay all mail to a
> > central mailserver which handles the mail processing for your network. i
> > thought that was what you where looking for, sorry. could you forward
> > one of these bounced message to the list as an attachment so i can have
> > a look at the headers?
> >
> > Robert Dege wrote:
> >
> > >Is this for my internal mailserver, or for my personal machine?  If
it's
> > >for my personal computer, that solution won't work since I'm trying to
use
> > >Mozilla via WinXP.
> > >
> > >If this is for the mail server, then np. :)
> > >
> > >Thanks for the help thus far.
> > >
> > >-Rob
> > >
> > >
> > >
> > >>rob,
> > >>
> > >>give this mc a try for you client machine, don't copy and paste the
> > >>below text, there are tabs in the LOCAL_NET_CONFIG that won't
translate
> > >>use the attachment. you'll need to modify mailhost$?m.$m$. SMART_HOST,
> > >>LOCAL_RELAY, MAIL_HUB to represent you mailserver, replace with
> > >>mail.domain.com, the $?m.$m$. simply adds the dsndomain if it's
defined.
> > >>if you have mailhost defigned in dns or hosts you shouldn't have to do
> > >>anything. these rules will send ALL mail, to your mail relay.
> > >>
> > >>divert(-1)
> > >>divert(0)dnl
> > >>include(`/usr/share/sendmail-cf/m4/cf.m4')
> > >>VERSIONID(`@(#)linux.mc 1.0 08/05/2002')
> > >>OSTYPE(`linux')dnl
> > >>define(`SMART_HOST', `mailhost$?m.$m$.')
> > >>define(`LOCAL_RELAY', `mailhost$?m.$m$.')
> > >>define(`MAIL_HUB', `mailhost$?m.$m$.')
> > >>MAILER(`local')dnl
> > >>MAILER(`smtp')dnl
> > >>
> > >>LOCAL_NET_CONFIG
> > >>R$* < @ $* .$m. > $*    $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3
> > >>
> > >>Robert Dege wrote:
> > >>
> > >>
> > >>>Should sendmail be spitting out some logs even if I get a relaying
denied
> > >>>message on the mail client?  I'm not getting any to help me
troubleshoot
> > >>>the problem.
> > >>>
> > >>>
> > >>>/etc/mail/sendmail.mc
> > >>>
> > >>>=====================
> > >>>
> > >>>divert(-1)
> > >>>dnl This is the sendmail macro config file. If you make changes to
this
> > >>>file,
> > >>>dnl you need the sendmail-cf rpm installed and then have to generate
a
> > >>>dnl new /etc/mail/sendmail.cf by running the following command:
> > >>>dnl
> > >>>dnl        m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
> > >>>dnl
> > >>>include(`/usr/share/sendmail-cf/m4/cf.m4')
> > >>>VERSIONID(`linux setup for Red Hat Linux')dnl
> > >>>OSTYPE(`linux')
> > >>>dnl Uncomment and edit the following line if your mail needs to be
sent
> > >>>out
> > >>>dnl through an external mail server:
> > >>>dnl define(`SMART_HOST',`smtp.your.provider')
> > >>>define(`confDEF_USER_ID',``8:12'')dnl
> > >>>undefine(`UUCP_RELAY')dnl
> > >>>undefine(`BITNET_RELAY')dnl
> > >>>dnl define(`confAUTO_REBUILD')dnl
> > >>>define(`confTO_CONNECT', `1m')dnl
> > >>>define(`confTRY_NULL_MX_LIST',true)dnl
> > >>>define(`confDONT_PROBE_INTERFACES',true)dnl
> > >>>define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> > >>>define(`ALIAS_FILE', `/etc/aliases')dnl
> > >>>dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
> > >>>define(`UUCP_MAILER_MAX', `2000000')dnl
> > >>>define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
> > >>>define(`confPRIVACY_FLAGS',
`authwarnings,novrfy,noexpn,restrictqrun')dnl
> > >>>define(`confAUTH_OPTIONS', `A')dnl
> > >>>dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> > >>>dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5
CRAM-MD5
> > >>>LOGIN PLAIN')dnl
> > >>>dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
> > >>>dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> > >>>dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> > >>>dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> > >>>dnl define(`confTO_QUEUEWARN', `4h')dnl
> > >>>dnl define(`confTO_QUEUERETURN', `5d')dnl
> > >>>dnl define(`confQUEUE_LA', `12')dnl
> > >>>dnl define(`confREFUSE_LA', `18')dnl
> > >>>dnl FEATURE(delay_checks)dnl
> > >>>FEATURE(`no_default_msa',`dnl')dnl
> > >>>FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
> > >>>FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
> > >>>FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
> > >>>FEATURE(redirect)dnl
> > >>>FEATURE(always_add_domain)dnl
> > >>>FEATURE(use_cw_file)dnl
> > >>>FEATURE(use_ct_file)dnl
> > >>>dnl The '-t' option will retry delivery if e.g. the user runs over
his
> > >>>quota.
> > >>>FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
> > >>>FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
> > >>>FEATURE(`blacklist_recipients')dnl
> > >>>EXPOSED_USER(`root')dnl
> > >>>dnl This changes sendmail to only listen on the loopback device
127.0.0.1
> > >>>dnl and not on any other network devices. Comment this out if you
want
> > >>>dnl to accept email over the network.
> > >>>DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
> > >>>dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires
> > >>>dnl       a kernel patch
> > >>>dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')
> > >>>dnl We strongly recommend to comment this one out if you want to
protect
> > >>>dnl yourself from spam. However, the laptop and users on computers
that do
> > >>>dnl not have 24x7 DNS do need this.
> > >>>FEATURE(`accept_unresolvable_domains')dnl
> > >>>dnl FEATURE(`relay_based_on_MX')dnl
> > >>>MAILER(smtp)dnl
> > >>>MAILER(procmail)dnl
> > >>>Cwlocalhost.localdomain
> > >>>
> > >>>===============================
> > >>>
> > >>>
> > >>>-Rob
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>>does "My Machine" send mail directly to external address or does it
> > >>>>relay mail through your mailserver? can you send a copy of the mc
file
> > >>>>that you used to generate the sendmail.cf?
> > >>>>
> > >>>>Robert Dege wrote:
> > >>>>
> > >>>>
> > >>>>
> > >>>>>Sorry for my delayed response.  Was being distracted with other
> > >>>>>priorities.
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>>What version of sendmail?
> > >>>>>>
> > >>>>>>
> > >>>>>sendmail-8.12.4-1
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>>You can send mail from a pc on your lan correct (only to the local
> > >>>>>>domain), your not getting a connection refused. In some of the
later
> > >>>>>>releases by default sendmail will refuse connection on port 25
from
> > >>>>>>anything other than localhost (need to comment out
> > >>>>>>DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA') ) and then
regen the
> > >>>>>>sendmail.cf file. I dont belive this is the case (just for general
info
> > >>>>>>for others who may have this problem in the future).
> > >>>>>>
> > >>>>>>
> > >>>>>No, that's not correct.  Lemme explain it better:
> > >>>>>
> > >>>>>
> > >>>>> Firewall w/real IP
> > >>>>>     & masq. IP
> > >>>>> |
> > >>>>> +-------+---------------+
> > >>>>> | |
> > >>>>> Mail Server My Machine
> > >>>>> Masq IP Masq IP
> > >>>>>
> > >>>>>
> > >>>>>My machine currently acts as a listserv.  It receives emails to the
list &
> > >>>>>successfully forwards them to the list members.
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>From "My Machine" I can email to myself and others at UB email
addresses.
> > >>>>
> > >>>>
> > >>>>>However, when I try to email an @aol.com address, I get the email
relaying
> > >>>>>denied error.  If I logon to the machine I can then send the
message via
> > >>>>>pine to ANY @aol.com address without error.
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>>Have you tried adding 192.x.x RELAY to /etc/mail/access Justin
> > >>>>>>
> > >>>>>>
> > >>>>>I added my 192.168.1 address to access, and relay-domains, but
still no
> > >>>>>luck.  Still get relaying denied.
> > >>>>>
> > >>>>>
> > >>>>>-Rob
> > >>>>>
> > >>>>>Robert Dege said: > > I'm
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>>having difficutlies sendmail mail with my sendmail server. > >
> > >>>>>>background: > > I have a linux box running sendmail in behind a
firewall.
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>>>I want to use mail from my computer using my linux box as
POP/SMTP > >
> > >>>>>>>
> > >>>>>>>
> > >>>>>>Both machines have internal 192.168 addresses > The Linksys router
has
> > >>>>>>the real_ip/hostname. > The linux box uses that hostname despite
it's
> > >>>>>>internal IP > I added 192.168.1. to my /etc/mail/relays file. > >
I am
> > >>>>>>able to send mail to my UB account from my machine. But when I try
> to
> > >>>>>>send mail to an aol account, I get relaying denied. If I send it >
from
> > >>>>>>the box directly (pine), then it sends no problem. > > So what
step am I
> > >>>>>>overlooking? > > Dege > > So Many Things in Life Would Be Really
Funny >
> > >>>>>>.... If They Weren't Happening To Me > > > -- > This message has
been
> > >>>>>>scanned for viruses and > dangerous content by Dynabrade using
> > >>>>>>Mailscanner, > and is believed to be clean. --
> > >>>>>>------------------------------------------- Justin Bennett Red Hat
> > >>>>>>(Linux) Certified Engineer Network Administrator Dynabrade Inc.
8989
> > >>>>>>Sheridan Dr Clarence, NY 14031 716-631-0100 ext 215
> > >>>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>
> > >>>>>
> > >>>>>Dege
> > >>>>>
> > >>>>>So Many Things in Life Would Be Really Funny
> > >>>>>.... If They Weren't Happening To Me
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>--
> > >>>>Darin Perusich
> > >>>>Unix Systems Administrator
> > >>>>Cognigen Corp.
> > >>>>darinper at cognigencorp.com
> > >>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>>
> > >>>
> > >>>
> > >>>Dege
> > >>>
> > >>>So Many Things in Life Would Be Really Funny
> > >>>.... If They Weren't Happening To Me
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>--
> > >>Darin Perusich
> > >>Unix Systems Administrator
> > >>Cognigen Corp.
> > >>darinper at cognigencorp.com
> > >>
> > >>
> > >>
> > >
> > >
> > >
> > >Dege
> > >
> > >So Many Things in Life Would Be Really Funny
> > >.... If They Weren't Happening To Me
> > >
> > >
> > >
> > >
> >
> >
>
>
>
> Dege
>
> So Many Things in Life Would Be Really Funny
> .... If They Weren't Happening To Me
>




More information about the nflug mailing list