Sendmail does not deliver when email comes from an external server : sourceforge, Sendmail, latest, on a fedora core x server

May 17, 2008 10:50am pdt

1. jar3817 19,165
2. Nopius 18,975
3. RaulDias 16,875
4. PsiCop 16,575
5. _jesper_ 10,600
6. war1 9,100
7. kieran_b 8,000
8. fgrushevsky 6,290
9. grblades 5,500
10. hielo 5,375
11. mwecompu... 4,500
12. kenfcamp 4,150
13. nplib 4,000
14. Abs_jaipur 3,000
15. Bibliophage 2,800
15. Norush 2,800

1. jlevie 347,626
2. PsiCop 243,064
3. anfi 85,387
4. jar3817 64,574
5. Nopius 64,125
6. kenfcamp 47,413
7. markt9 39,546
8. Sembee 28,311
9. war1 25,775
10. it_alche... 25,390
11. samri 25,291
12. grblades 22,095
13. _jesper_ 20,800
14. HalldorG 18,447
15. ygoutham 17,675

01.31.2008 at 08:19PM PST, ID: 23128700

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

6.6

Sendmail does not deliver when email comes from an external server

Zones: SendMail Email Server, Linux Administration, Fedora Linux

Tags: sourceforge, Sendmail, latest, on a fedora core x server

Hi there,

I've had my servers setup for years, and working well. But I've recently been making some dns and other changes (like trying to install milter), and now I've run into a strange problem.

It's a Fedora Core something server running the latest sendmail and bind.

my /etc/aliases/file contains an entry like:

editor: myemail@myisp.com

If I send an email from the problematic server eg

> echo hello | mail editor@problemserver.com

then the email gets delivered to myemail@myisp.com (as you would expect).

However, if the email comes from an external source, eg I send an email to editor@problemserver.com from my PC, then the email does not get delivered. In fact there is not even an entry recorded in /var/log/mail (nor in /var/log/*), not an error message to be found.

Does anyone have a suggestion for me to look into?

thanks

Start your free trial to view this solution

Question Stats

Zone: Software

Question Asked By: danielkirk

Solution Provided By: arrkerr1024

Participating Experts: 2

Solution Grade: A

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

01.31.2008 at 08:36PM PST, ID: 20794258

Rank: Master

arrkerr1024:

When you send an email to problemserver.com it doesn't make an smtp connection to problemserver.com, it looks up the MX records for problemserver.com and sends the mail there. So check your MX records... assuming a top-level domain as in your example.

01.31.2008 at 08:44PM PST, ID: 20794287

danielkirk:

okay here's an example of one of the zone files:

;
; Zone file for toptipper.com
;
$TTL 3D
@ IN SOA ns0.kirkyonline.com. webmaster.toptipper.com. (
2008020103
8H
2H
4W
1D )
;
NS ns0.kirkyonline.com. ; Inet Address of name server
NS ns1.kirkyonline.com. ; Inet Address of name server
MX 10 mail.toptipper.com. ; Primary Mail Exchanger
;
;toptipper.com. IN TXT "v=spf1 ip4:207.228.252.8 ip4:207.228.252.47 ip4:207.228.252.194 ip4:66.36.238.10 ip4:66.36.238.69 include:iinet.net.au include:bigpond.com ~all"
localhost A 207.228.252.47
ns0 A 207.228.252.47
ns1 A 207.228.252.194
www A 207.228.252.47
mail A 207.228.252.47

Does that give you any more info?

regards

01.31.2008 at 08:49PM PST, ID: 20794300

danielkirk:

If it helps, here's my named.conf file. I think the only changes I was making was with the "recursion yes;" which I think might be back to the way they were when the configuration was working (yes i've restarted named and yes i know i should have backed up the file before making changes)

[root@kirkyonline danielk]# cat /etc/named.conf

//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursion yes;
query-source port 53;
query-source-v6 port 53;
allow-query { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

01.31.2008 at 09:11PM PST, ID: 20794374

Rank: Master

arrkerr1024:

ok, so when you send mail to you@toptipper.com it will make the connection to mail.toptipper.com (207.228.252.47). From your machine see if you can "telnet mail.toptipper.com smtp". It should open up a connection, and you could say "ehlo test" and it'll say hi back. If not, you've got a firewall in the way or sendmail isn't listening on the right interface.

Try that and we'll take it from there.

BTW, I hope that wasn't your whole named.conf... because you domains aren't in there (it never loads your toptipper.com zone file).

01.31.2008 at 09:19PM PST, ID: 20794404

danielkirk:

no i can't telnet to mail.toptipper.com smtp from anywhere - even from the same server (where I can send mail via the mail command as shown above) I get a connection refused message. I've got a feeling we're going off the beaten track here, I think the server is configured not to allow any form of telnet and there have been no changes to the firewall recently so its unlikely this is the source of the problem (but of course I could be wrong).

named.conf includes /etc/named.rfc1912.zones....

01.31.2008 at 09:41PM PST, ID: 20794457

Rank: Master

arrkerr1024:

Doing a "telnet mail.toptipper.com smtp" makes a connection to the smtp port of the server. If it doesn't pick up and say hi then your mail server is either not running, or you have a firewall blocking it. You're just using the telnet program to make a connection on the smtp port - you aren't telnetting to the telnet port (which no one uses any more anyway) - hopefully that makes sense? You can actually use telnet to test any un-encrypted service as long as you know the right commands - pop3, imap, smtp, http, etc. Its very useful.

So ya, make sure sendmail is actually running ("pgrep -fl sendmail" and "netstat -nlp|grep sendmail")and make sure you don't have a local firewall (iptables --list). You'll see some basic iptables rules even if you aren't firewalled - but I'd try running "/etc/init.d/iptables stop" to bring down the rules just to test. If the "netstat -nlp|grep sendmail" only shows "127.0.0.1:25" and not "0.0.0.0:25" then your sendmail is only listening on localhost and you need to edit /etc/mail/sendmail.cf and modify you DaemonPortOptions to not have "Addr=127.0.0.1".

Let me/us know what you find.

Accepted Solution

01.31.2008 at 09:53PM PST, ID: 20794488

danielkirk:

here are some commands i've run:

[root@kirkyonline mqueue]# pgrep -fl sendmail
8669 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
8693 sendmail: accepting connections
8694 sendmail: ./m111axX4031904 couldletter.com.: user open

[root@kirkyonline mqueue]# netstat -nlp|grep sendmail
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 8693/sendmail: acce

[root@kirkyonline mqueue]# /etc/init.d/iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]

[danielk@toptipper-new ~]$ telnet mail.toptipper.com smtp
Trying 207.228.252.47...
telnet: connect to address 207.228.252.47: Connection refused
telnet: Unable to connect to remote host: Connection refused
[danielk@toptipper-new ~]$ echo hello | mail editor@sportspunter.com

mail is not delivered, and nothing shows in sendmail log on mail server
(that's from another server)

[root@kirkyonline mqueue]# telnet mail.toptipper.com smtp
Trying 207.228.252.47...
telnet: connect to address 207.228.252.47: Connection refused
telnet: Unable to connect to remote host: Connection refused

[root@kirkyonline mqueue]# echo hello | mail editor@toptipper.com
The email gets through
(thats' from the same server sendmail is running on)

The mail log shows:
Feb 1 05:51:33 kirkyonline sendmail[9080]: m115pXdI009080: from=root, size=32, class=0, nrcpts=1, msgid=<200802010551.m115pXdI009080@kirkyonline.kirkyonline.com>, relay=root@localhost
Feb 1 05:51:33 kirkyonline sendmail[9081]: m115pX6F009081: from=<root@kirkyonline.kirkyonline.com>, size=344, class=0, nrcpts=1, msgid=<200802010551.m115pXdI009080@kirkyonline.kirkyonline.com>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Feb 1 05:51:33 kirkyonline sendmail[9080]: m115pXdI009080: to=editor@toptipper.com, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30032, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (m115pX6F009081 Message accepted for delivery)
Feb 1 05:51:36 kirkyonline sendmail[9082]: m115pX6F009081: to=dkirk@iinet.net.au, ctladdr=<root@kirkyonline.kirkyonline.com> (0/0), delay=00:00:03, xdelay=00:00:03, mailer=esmtp, pri=30585, relay=as-av.iinet.net.au. [203.0.178.180], dsn=2.0.0, stat=Sent (ok: Message 275706519 accepted)

01.31.2008 at 10:00PM PST, ID: 20794503

danielkirk:

perhaps i shoudl have read your comment from the bottom up.

I removed DaemonPortOptions to not have "Addr=127.0.0.1"

and it is working again

Can you just explain what that command does and why it now works?

thanks

02.01.2008 at 04:00AM PST, ID: 20795854

Rank: Master

arrkerr1024:

Sure. In the old releases of RedHat sendmail was installed and, by default, listened on all addresses. This mean that a new system was potentially a spam relay. To help resolve that issue by default sendmail only listens for connections on its loopback interface, so you can only use sendmail from the local machine.

The Addr= line in the DaemonPortOptions tells sendmail to only listen on a given address. 127.0.0.1 is the ip on the loopback interface - it is a reserved IP on all systems, and is only used to connect to yourself - it isn't routable.

The DamonPortOptions contains any number of options to onfnigure the daemon... if you had many interfaces on your machine (one IP on a vlan, one on some public network, one on some private, etc...) you could specify which ones to use, or you could specify an alternate port, etc...

Glad it works now!!!

02.02.2008 at 04:52PM PST, ID: 20806781

kodiakbear:

danielkirk ,
In general, the Asker needs to make the last comment in any question.
You should make replies to any suggestions that the Experts have made - or - if you are going to request closure, go ahead and let the Experts know of your intentions.
That way they can move on to other questions and not keep yours in their queue.
There is a pending comment/suggestion from an Expert.
If the Asker does not respond to this suggestion, a moderator will finalize this question in approximately 4 days by:
PAQ'ing (closing) or Deleting the question without refund.
Since there is a pending comment from an expert the question will be closed in 4 days as
delete NO Refund.
Unless there are objections from the participating experts then the points may be awarded to them
kb
Experts Exchange Moderator

02.02.2008 at 11:38PM PST, ID: 20808093

Rank: Master

arrkerr1024:

I think that the question is solved - I posed the last comment as a clarification, but the last comment by the poster was that the issue was solved.

modus_operandi

02.12.2008 at 09:24AM PST, ID: 20876813

Forced accept.
modus_operandi
EE Moderator

danielkirk

02.12.2008 at 01:42PM PST, ID: 20879409

i don't get it, i clicked on 'this is the solution' and awarded points for a previous post. It's a bit silly to have to do it again just because we have a little post-solution discussion?

danielkirk

02.12.2008 at 01:45PM PST, ID: 20879436

I've just checked my email and it looks like I got given the points. I'm sure it asked me who should get them and I selected arrkerr!?!?

20080236-EE-VQP-29 / EE_QW_2_20070628