jacoby
asked on
sendmail : Relaying Denied
Hi, I'm working with RedHat 6.0 and sendmail 8.9.3, pop3d .
This server "should" work as a mail server for 10
differents domains.
When I try to send a mail from the local network to the Internet, it works
But if another domain try to send a mail to the Internet, it gives the message : Relaying Denied.
I know that with sendmail 8.8.7, we have a file : /etc/mail/ip-allow. And if I add networks number in this file, (and add this line in sendmail.cf :
F{LocalNames} /etc/mail/ip_allow ) ,this solve the problem. But it doesn't work with snedmail 8.9.3.
I tried to add these line and file, without success.
Any Ideas ?
This server "should" work as a mail server for 10
differents domains.
When I try to send a mail from the local network to the Internet, it works
But if another domain try to send a mail to the Internet, it gives the message : Relaying Denied.
I know that with sendmail 8.8.7, we have a file : /etc/mail/ip-allow. And if I add networks number in this file, (and add this line in sendmail.cf :
F{LocalNames} /etc/mail/ip_allow ) ,this solve the problem. But it doesn't work with snedmail 8.9.3.
I tried to add these line and file, without success.
Any Ideas ?
RH does NOT use that file by default. It uses /etc/mail/access and /etc/mail/name-allow
Add the domains in linuxconf ("relay for by name" in sendmail antispam section)
Add the domains in linuxconf ("relay for by name" in sendmail antispam section)
oh, if you add them manually, dont forget to restart sendmail
/etc/rc.d/init.d/sendmail restart
/etc/rc.d/init.d/sendmail restart
ASKER
Thanks for your quicks answers.
Relay-domains was already created, with the correct settings, so this isn't the problem.
access is also in with the following settings:
mydomain.com RELAY
blablabla RELAY
but I've no name_allow
I'll add it and let you know.
Thanks, Jacoby.
Relay-domains was already created, with the correct settings, so this isn't the problem.
access is also in with the following settings:
mydomain.com RELAY
blablabla RELAY
but I've no name_allow
I'll add it and let you know.
Thanks, Jacoby.
do NOT add it maually. Do this trough linuxconf. and make sure that you are using a RH generated sendmail.cf otherwise the RH implementation of sendmail will be "unhappy" ;)
ASKER
I added it with linuxconf. and used "original" sendmail provided with RedHat 6.0, but it still doesn't work.
I also have ip_allow file with network numbers.
(the file created by linuxconf was: name_allow, not name-allow)
I'll save my sendmail.cf and try to generate one with linuxconf.
Do u think it should help ?
I also have ip_allow file with network numbers.
(the file created by linuxconf was: name_allow, not name-allow)
I'll save my sendmail.cf and try to generate one with linuxconf.
Do u think it should help ?
the - _ thing was a typo on my part. also if you use /etc/mail/access the ifo must be BOTH in that file and in the apropriate name_allow / ip_allow.
Linuxconf will complain that "this sendmail.cd isnt generated with linuxconf" if it isnt generated with linuxconf. Unless you are getting that message, this isnt the problem.
but AFTER you have added info do a /etc/rc.d/init.d/sendmail restart
This works like a charm in my 6.0 system. And also note that if you use "by domain" you MUST make sure that DNS is correctly configured.
Linuxconf will complain that "this sendmail.cd isnt generated with linuxconf" if it isnt generated with linuxconf. Unless you are getting that message, this isnt the problem.
but AFTER you have added info do a /etc/rc.d/init.d/sendmail restart
This works like a charm in my 6.0 system. And also note that if you use "by domain" you MUST make sure that DNS is correctly configured.
ASKER
If I use Linuxconf generated sendmail.cf, sendmail won't start !
Then you need to figure out WHY. whats the messages in /var/log/messages?
And once again "Is DNS configured correctly?" without it, sendmail wont run properly.
And once again "Is DNS configured correctly?" without it, sendmail wont run properly.
ASKER
about DNS, I think it's OK, but How can I be sure?
Everybody can surf and we can browse every sites hosted by this server.
Bind seems to start.
I'll post messages from /var/log/messages.
Everybody can surf and we can browse every sites hosted by this server.
Bind seems to start.
I'll post messages from /var/log/messages.
ASKER
about DNS, after a reboot here is /var/log/messages:
gnome server name [759] starting
"" "" "" "" name server starting
"" "" "" [763] starting
"" "" "" "" name server was running on display, exiting.
and also :
named : sent NOTIFY for d2i.fr; 1 NS; 1 A
named : received NOTIFY answer in SOA
But i found nothing about sendmail except for:
sendmail : shutting down succeeded
(or starting succeded)
gnome server name [759] starting
"" "" "" "" name server starting
"" "" "" [763] starting
"" "" "" "" name server was running on display, exiting.
and also :
named : sent NOTIFY for d2i.fr; 1 NS; 1 A
named : received NOTIFY answer in SOA
But i found nothing about sendmail except for:
sendmail : shutting down succeeded
(or starting succeded)
well, you said sendmail doesnt start. and you you say you see "starting succeded"?
ASKER
sorry, when i saw that it doesn't start I restore my old sendmail.cf and restart.
if I generate sendmail.cf with linuxconf nd then ask to leave, linuxconf hangs during the activate changes command.
If I kill it, here is the log:
sendmail : sendmail shutdown succeeded.
then, after /etc/rc.d.init.d/sendmail restart :
I have
shutting down sendmail [failed]
(no mysteries: sendmail is already stopped)
and it hangs during sendmail start :
so after 3mns, Ctrl C !! :=)
the log is now :
sendmail : sendmail shutdown failed and nothing else.
then, after a backup of my old sendmail.cf, and a sendmail start
I have :
sendmail : sendmail startup succeeded.
if I generate sendmail.cf with linuxconf nd then ask to leave, linuxconf hangs during the activate changes command.
If I kill it, here is the log:
sendmail : sendmail shutdown succeeded.
then, after /etc/rc.d.init.d/sendmail restart :
I have
shutting down sendmail [failed]
(no mysteries: sendmail is already stopped)
and it hangs during sendmail start :
so after 3mns, Ctrl C !! :=)
the log is now :
sendmail : sendmail shutdown failed and nothing else.
then, after a backup of my old sendmail.cf, and a sendmail start
I have :
sendmail : sendmail startup succeeded.
ASKER
my files are:
/etc/mail/access :
localhost.localdomain RELAY
lvl-medical.fr RELAY
dom.fr RELAY
/etc/mail/ip_allow
194.8.120.
195.28.
/etc/mail/name_allow
lvl-medical.fr
dom.fr
relay-domains
lvl-medical.fr
dom.fr
/etc/sendmail.cf:
#access list database
Kaccess hash -o /etc/mail/access
#hosts that will permit relaying ($=R)
FR-o /etc/mail/relay-domains
#file containing IP numbers of machines which can use our relay
F{LocalIP} /etc/mail/ip_allow
(this are only parts of /etc/sendmail.cf)
access.db was created manually with:
makemap hash /etc/mail/access < /etc/mail/access
/etc/mail/access :
localhost.localdomain RELAY
lvl-medical.fr RELAY
dom.fr RELAY
/etc/mail/ip_allow
194.8.120.
195.28.
/etc/mail/name_allow
lvl-medical.fr
dom.fr
relay-domains
lvl-medical.fr
dom.fr
/etc/sendmail.cf:
#access list database
Kaccess hash -o /etc/mail/access
#hosts that will permit relaying ($=R)
FR-o /etc/mail/relay-domains
#file containing IP numbers of machines which can use our relay
F{LocalIP} /etc/mail/ip_allow
(this are only parts of /etc/sendmail.cf)
access.db was created manually with:
makemap hash /etc/mail/access < /etc/mail/access
then i dont know. I just used linuxconf. and it works for me.
btw
"and it hangs during sendmail start :
so after 3mns, Ctrl C !! :=) "
usually means DNS problem, it will hang for 2-4 minute per unresolavble domain.
"and it hangs during sendmail start :
so after 3mns, Ctrl C !! :=) "
usually means DNS problem, it will hang for 2-4 minute per unresolavble domain.
ASKER
I tried again with linuxconf and reboot.
sendmail seems to start but in /var/log/maillog I've the following error:
test.test2@d2i.fr ... cannot alias-non local names.
As I've more than 300 aliases, this may be the cause of this "hang".
How did u setup ur aliases ?
sendmail seems to start but in /var/log/maillog I've the following error:
test.test2@d2i.fr ... cannot alias-non local names.
As I've more than 300 aliases, this may be the cause of this "hang".
How did u setup ur aliases ?
aliases for what? multidomains? or just the "normal" aliases?
ASKER
hummm i don't know.
As I told u, I'm hosted some domains.
for exemple : lvl-medical.fr
and they want their e-mail as
john.smith@lvl-medical.fr
before,i had to add a line such as
john.smith@ lvl-medicla.fr : smith@lvl-medical.fr
but with linuxconf sendmail.cf, it seems to be different (cf maillog report)
As I told u, I'm hosted some domains.
for exemple : lvl-medical.fr
and they want their e-mail as
john.smith@lvl-medical.fr
before,i had to add a line such as
john.smith@ lvl-medicla.fr : smith@lvl-medical.fr
but with linuxconf sendmail.cf, it seems to be different (cf maillog report)
Comme vous etes francais, vous pouvez eventuellement utiliser le kit de Jussieu pour creer le fichier sendmail.cf.
Il est dispo sur
http://www.prism.uvsq.fr/~pda/kit-jussieu/
La configuration en est facile et souple.
Documentation: http://www.prism.uvsq.fr/~pda/kit-jussieu/support/index.html
Salut.
Il est dispo sur
http://www.prism.uvsq.fr/~pda/kit-jussieu/
La configuration en est facile et souple.
Documentation: http://www.prism.uvsq.fr/~pda/kit-jussieu/support/index.html
Salut.
A propos, comment sont heberges les domaines?
Les machines que vous voulez relayer ont-elles un enregistrement DNS valide (A et PTR) ?
Sinon, sendmail ne peut pas resoudre l'adresse de
machine.mydomain.com et donc ne connait pas le domaine de la machine a relayer, et refuse.
Si vous hebergez ces machines, il faut creer une zone pour le domaine et ajouter des enregistrements PTR dans le fichier que je vous ai fait creer, sinon le fichier relay-domains est inutilisable.
Les machines que vous voulez relayer ont-elles un enregistrement DNS valide (A et PTR) ?
Sinon, sendmail ne peut pas resoudre l'adresse de
machine.mydomain.com et donc ne connait pas le domaine de la machine a relayer, et refuse.
Si vous hebergez ces machines, il faut creer une zone pour le domaine et ajouter des enregistrements PTR dans le fichier que je vous ai fait creer, sinon le fichier relay-domains est inutilisable.
ASKER
hehe, c'etait ma question de tout a l'heure sur les enregistrement a creer.
En fait, j'ai cree les zones comme suit:
dans /etc/named.conf:
pour lba-sa par exemple:
zone "lba-sa.fr" {
type master;
file "/var/named/lba-sa.fr.host
};
et donc dans /var/named, il y a le fichier lba-sa.fr.hosts suivant:
lba-sa.fr. IN SOA www.d2i.fr. fjacoby.d2i.fr. (
1999121005
86400
3600
604800
86400 )
lba-sa.fr. IN NS www.d2i.fr.
www.lba-sa.fr. IN A 195.28.198.254
mail.lba-sa.fr. IN A 195.28.198.254
lba-sa.fr. IN NS ns1.satelnet.fr.
lba-sa.fr. IN MX 10 mail
et dans httpd.conf, j'ai l'enregistrement suivant :
<VirtualHost 195.28.198.254>
ServerName www.lba-sa.fr
DocumentRoot /www/htdocs/lba-sa.fr
En fait, j'ai cree les zones comme suit:
dans /etc/named.conf:
pour lba-sa par exemple:
zone "lba-sa.fr" {
type master;
file "/var/named/lba-sa.fr.host
};
et donc dans /var/named, il y a le fichier lba-sa.fr.hosts suivant:
lba-sa.fr. IN SOA www.d2i.fr. fjacoby.d2i.fr. (
1999121005
86400
3600
604800
86400 )
lba-sa.fr. IN NS www.d2i.fr.
www.lba-sa.fr. IN A 195.28.198.254
mail.lba-sa.fr. IN A 195.28.198.254
lba-sa.fr. IN NS ns1.satelnet.fr.
lba-sa.fr. IN MX 10 mail
et dans httpd.conf, j'ai l'enregistrement suivant :
<VirtualHost 195.28.198.254>
ServerName www.lba-sa.fr
DocumentRoot /www/htdocs/lba-sa.fr
Le probleme viendrait que sendmail essaye d'envoyer les courriers a serval.d2i.fr, et serval n'existe pas dans le DNS.
ASKER
Thanks everybody for your help !!
Please jprohart, answer and I'll grade !!
Please jprohart, answer and I'll grade !!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
/etc/mail/relay-domains
Restart sendmail after modifying this file.
sendmail 8.9.x blocks relaying by default (a good thing) and this file controls the domains that you accept relays for.