?
Solved

Email Server in RH8

Posted on 2003-03-09
27
Medium Priority
?
389 Views
Last Modified: 2013-12-15
Hi,

I have setup an email server on RH8, but have run into to trouble.  Email can be sent out, but cannot be recieved from external mail accounts.

Any suggestions?

Thanks,

Matt
0
Comment
Question by:MatthewL
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 12
  • 2
  • +1
27 Comments
 
LVL 9

Expert Comment

by:majorwoo
ID: 8100928
what message do you get? Is your mail server accesible from the internet? if there is a firewall in the way is it forwarding port 25 to the mailserver?


EXTIF="eth1"
MAILIP="192.168.2.2"
/sbin/iptables -t nat -A PREROUTING -i $EXTIF -p tcp --dport 25 -j DNAT --to "$MAILIP":25
/sbin/iptables -A FORWARD -p tcp --dport 25 -i $EXTIF -j ACCEPT

that will forward port 25 from the firewall to the mailserver  
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8100985
Hi majorwoo,

The message that I recieve when the mail bounces is (XXXX is just the domain name:

   ----- Transcript of session follows -----
553 5.3.5 XXXXX.com. config error: mail loops back to me (MX problem?)
554 5.3.5 Local configuration error

I can connect through mail2web.com to the account and send mail out without any problems.

With the commands you provided, for MAILIP, should I use my machine address or is 192.168.2.2 like 127.0.0.1?

Thanks,

Matt
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 8101035
the mail IP should be the IP address of the machine doing the mailserver, assuming that it is behind a firewall:

once again, those commands i gave you are only going to help the mailserver has a private IP 192.168.0.2 kind of deal, and gets its internet from a firewall/router machine in front of it -- they would need to be added to the firewall script.
0
WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

 
LVL 15

Expert Comment

by:periwinkle
ID: 8101051
Are you using sendmail?  This is a common question, that is answered in the sendmail FAQ:

http://www.sendmail.org/faq/section4.html#4.5

Basically, you need to added your domain name to the local-host-names file and restart sendmail by performing the following command:

     kill -HUP `head -1 /var/run/sendmail.pid`
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8103303
Hi periwinkle,

I do have the domain names in the local-host-names file, but maybe I have it in correct format.  The format I have used is:

localhost
www.mydomain.com
www.mydomain2.com

Perhaps it should be

localhost
mydomain.com
mydomain2.com

?

Thanks,

Matt
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8103329
Matt -

If you put in mydomain.com, it will also accept www.mydomain.com - I'd try changeing that.

Localhost is generally not needed - I'd remove that.
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8103810
Hi periwinkle,

I made those changes, but no dice.  Any other suggestions?

Thanks,

Matt
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8103823
Hi majerwoo,

I did have a firewall running on the same machine, but I have now turned it off to narrow the problem.  I still get the same symptoms.

Thanks,

Matt
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8104532
any more information in the /var/log/maillog file?
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8104706
Hi Periwinkle,

It has an error that says

... relaying denied.  IP lookup failed.

Matt

0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8105226
Are the DNS records for your domain properly configured?

If you do:

dig mx domainname.com

do you get your mailserver?  Are the MX domains properly set up as A records?

Try running through http://www.dnsreport.com/ and see if you get some feedback.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8105228
Additionally, what's in /etc/resolv.conf ?  Are they valid name servers?
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8108628
Hi Periwinkle,

I think you are on to the heart of the problem.  
I went to www.dnsreport.com as you suggested.

The DNS report shows that
i) MX Category fails
ii) connection to mail servers failed

The mail test shows that
i) there is no MX record
ii) there is an A record


Matt
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8110953
Matt -

Do you have access to your dns records?  Or can you let us know the domain name?  I can help with the DNS issues, too.
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8111588
Hi periwinkle,

The domain is www.mountainpeace.ca.  I probably do have access to dns records, but would need to know what to do.

Thanks,

Matt
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8111805
Hi Matt -

I did a 'dig' on your domain name for mx records:

$dig mx mountainpeace.ca

; <<>> DiG 9.2.1 <<>> mx mountainpeace.ca
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25017
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;mountainpeace.ca.              IN      MX

;; ANSWER SECTION:
mountainpeace.ca.       7200    IN      MX      0 mail.mountainpeace.ca.

;; AUTHORITY SECTION:
mountainpeace.ca.       7200    IN      NS      ns12.zoneedit.com.
mountainpeace.ca.       7200    IN      NS      ns14.zoneedit.com.

;; ADDITIONAL SECTION:
ns12.zoneedit.com.      3514    IN      A       64.246.26.64
ns14.zoneedit.com.      48221   IN      A       209.126.159.80

;; Query time: 66 msec
;; SERVER: 64.39.2.170#53(64.39.2.170)
;; WHEN: Tue Mar 11 09:43:45 2003
;; MSG SIZE  rcvd: 153


And then looked up mail.mountainpeace.ca:

dig mail.mountainpeace.ca

; <<>> DiG 9.2.1 <<>> mail.mountainpeace.ca
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13001
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mountainpeace.ca.         IN      A

;; ANSWER SECTION:
mail.mountainpeace.ca.  7200    IN      A       24.66.201.190

;; AUTHORITY SECTION:
mountainpeace.ca.       7200    IN      NS      ns12.zoneedit.com.
mountainpeace.ca.       7200    IN      NS      ns14.zoneedit.com.

;; Query time: 48 msec
;; SERVER: 128.242.249.201#53(128.242.249.201)
;; WHEN: Tue Mar 11 10:44:31 2003
;; MSG SIZE  rcvd: 105

Is this the correct address of 124.66.201.190 ?
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8111847
I can ping mail.mountainpeace.ca without problem, but when I try to telnet to port 25, I get:

telnet mail.mountainpeace.ca 25
Trying 24.66.201.190...
telnet: Unable to connect to remote host: Connection refused

This means that outside mailers cannot connect to your mailhost.

Do you have a firewall set up that is preventing routing of port 25?

From the traceroute, I notice that you are using a cable modem connection for your server:

traceroute mail.mountainpeace.ca
traceroute to mail.mountainpeace.ca (24.66.201.190), 30 hops max, 38 byte packets
 1  ge0400.ed2.wdc.dn.net (216.167.2.67)  0.431 ms  0.488 ms  0.439 ms
 2  ge-4-0.a01.alxnva02.us.ra.verio.net (216.167.88.115)  0.293 ms  0.431 ms  0.350 ms
 3  p4-6-1-0.r02.stngva01.us.bb.verio.net (129.250.17.53)  1.747 ms  1.715 ms  1.642 ms
 4  p16-0-0-0.r00.stngva01.us.bb.verio.net (129.250.5.14)  2.093 ms  2.036 ms  2.051 ms
 5  p16-0-1-1.r21.dllstx01.us.bb.verio.net (129.250.5.34)  37.899 ms  37.925 ms  37.875 ms
 6  p64-0-0-0.r20.dllstx01.us.bb.verio.net (129.250.3.40)  37.955 ms  37.970 ms  37.912 ms
 7  p16-3-0-0.r01.chcgil06.us.bb.verio.net (129.250.5.84)  62.264 ms  62.368 ms  62.249 ms
 8  p16-7-0-0.r01.chcgil01.us.bb.verio.net (129.250.5.71)  42.851 ms  42.796 ms  42.783 ms
 9  p4-6-0.r00.chcgil01.us.bb.verio.net (129.250.2.253)  42.974 ms p4-5-1.r00.chcgil01.us.bb.verio.net (129.250.3.65)  42.778 ms  42.785 ms
10  ge-0.bigpipe.chcgil01.us.bb.verio.net (129.250.10.18)  42.809 ms  43.032 ms  42.924 ms
11  rc1so-pos13-0.cg.shawcable.net (66.163.76.85)  78.014 ms  77.996 ms  77.995 ms
12  rd1lb-atm0-1-0-1.lb.shawcable.net (66.163.76.150)  80.874 ms  80.652 ms  80.647 ms
13  24.66.200.1 (24.66.200.1)  81.011 ms  80.971 ms  80.805 ms
14  h24-66-201-190.lb.shawcable.net (24.66.201.190)  133.130 ms  105.202 ms  108.014 ms

Does shawcable.net filter out connections to port 25?
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8111902
From the www.shawcable.com website, it looks like only Business accounts support servers.  Do you have a business account or one of the lower accounts?  

For the lower accounts (Professional and SOHO), it states:

Please note The following services are not allowed to be run on Shaw provided IP Addresses: http, ftp, nntp, pop and smtp

It also states on the Business account information:

Server usage is limited to business package customers only. The lone exception is the use of a proxy server which is permitted on the SOHO and professional packages
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8112552
Hi periwinkle,

24.66.201.190 is the correct address for the machine. Where does the 124.66.201.190 come in?

The account should be a business account, and I can get some access (i.e. I can check my mail and send something from within www.mail2web.com - just not recieve).

How would I open up port 25?

Matt
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8112636
Hi Matthew -

RE:  124.66.201.190  - oops!  My typo - meant 24.66.201.190

RE: The account should be a business account

Oh good - then they shouldn't be blocking the port.  Have you checked with your ISP just in case?

RE: I can get some access (i.e. I can check my mail and send something from within www.mail2web.com - just not recieve).

Outgoing SMTP is different from incoming email - port 25 access is required for

Do you have a firewall of some sort that would be blocking port 25?  If so, you have to reconfigure it to allow access to port 25.

Does /etc/services on the redhat box contain a definition for port 25?

0
 
LVL 1

Author Comment

by:MatthewL
ID: 8112727
Hi periwinkle,

/etc/services has the following for port 25

smtp            25/tcp          mail
smtp            25/udp          mail

I will double check the account type at lunch today.

Thanks,

Matt
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8116870
Hi periwinkle,

Sorry about the delay, had some fires to put out.  I have confirmed that it is a business account, and a windows mail server has run off the same account previously.

There also should be no firewall issues.

Thanks,

Matt
0
 
LVL 1

Accepted Solution

by:
DonalS earned 2000 total points
ID: 8118157
Hi Matthew,

Try the command netstat -a
If there is a line like this in the output

   tcp 0 0 localhost.localdom:smtp *:* LISTEN

that means your sendmail only listen in 127.0.0.1 at port 25.

To enable sendmail to listen on port 25 on LAN interface IP address , do this.

Edit /etc/sendmail.cf
there is a line like this :

O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA

Modify it into:

O DaemonPortOptions=Port=smtp,Addr=10.10.1.1, Name=MTA

Where 10.10.1.1 is the IP address of the LAN interface.

Replace the IP address with the IP of your server.

Save the file and reboot.

Now netstat -an should show smtp port listening on the server's IP address.

Hope this can solve your problem.

Donal
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8123268
Hi Donal,

You nailed it!

Thanks,

Matt


0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8123345
Matthew -

I'm glad your problem was solved - and I learned something new today, too!
0
 
LVL 1

Author Comment

by:MatthewL
ID: 8128389
Hi Periwinkle,

I did a 2nd post yesterday that somehow got dropped.  I do very much appreciate all the help that you contributed to the solution and there is a new questions entitled pointsForPeriwinkle so that you also get rewarded.  I posted it yesterday so it may have moved down the list some.

Thanks,

Matt
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 8128538
Matthew -

Thanks for your kind award of the points - I'm very happy that your problem has been solved, and glad to have helped in helping rule out other issues, even if I wasn't the primary solver of your problem!
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month14 days, 20 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question