Sendmail problems to certain domains & How can i watch Sendmail's negotiations in real time
I am using sendmail to relay voicemail messages from Asterisk. I am currently only able to relay to gmail.com recipents.
I have a PTR record setup to point to my static ip address, as mail.mydomain.com ...
I am not getting any bounced messages to the "serveremail" address I specify in Asterisk. I have tested with sending to yahoo, comcast, and gmail, and so far only gmail recipients are getting the e-mails. As I said before, I am not getting any bounce messages.
Sendmail is only used for outgonig messages, as all of my incoming messages are handled elsewhere, with MX records completely separate from anything to do with this IP address.
Any ideas?
And how can I watch what sendmail is doing in realtime? I would like to see the responses it gets as it tries to relay to other mail servers.
I have a PTR record setup to point to my static ip address, as mail.mydomain.com ...
I am not getting any bounced messages to the "serveremail" address I specify in Asterisk. I have tested with sending to yahoo, comcast, and gmail, and so far only gmail recipients are getting the e-mails. As I said before, I am not getting any bounce messages.
Sendmail is only used for outgonig messages, as all of my incoming messages are handled elsewhere, with MX records completely separate from anything to do with this IP address.
Any ideas?
And how can I watch what sendmail is doing in realtime? I would like to see the responses it gets as it tries to relay to other mail servers.
ASKER
Good thought, but the IP address that I am sending from DOES have a reverse lookup of my sending domain.... I had my Internet provider put it in yesterday. Google Apps hosts my incoming mail but their MX records in the DNS for my domain name should not be effecting it...
For example, if you do a reverse DNS lookup on the static IP address that Asterisk is sending from, it will match the domain name Asterisk is using in the "serveremail" field in voicemail.conf ..
Ping - a "my static IP"
returns ----- mail.mydomain.com
So there is something else going on here. Possibly because my reverse zone or PTR record is showing "mail.mydomain.com" and not just "mydomain.com" ???
For example, if you do a reverse DNS lookup on the static IP address that Asterisk is sending from, it will match the domain name Asterisk is using in the "serveremail" field in voicemail.conf ..
Ping - a "my static IP"
returns ----- mail.mydomain.com
So there is something else going on here. Possibly because my reverse zone or PTR record is showing "mail.mydomain.com" and not just "mydomain.com" ???
....yes but externally.... what IP address is resolved from mail.yourdomain.com ?
ASKER
My Static IP, the same one Asterisk is sitting behind.
What information does your log give you:
grep -i <example of destination> /var/log/maillog?
grep -i <example of destination> /var/log/maillog?
If that's the case, then we definitely need to check the logs....
ASKER
I am seeing a few errors in the logs.... Here is one that appears to be quite popular to the Samsung domain..
"Sender address rejected: MX or A record not found"
--- would I need an MX record if I am only sending, and what A record is it looking for? I have an A record for mail.mydomain.com, as well as the reverse entry that points to the same.
"Sender address rejected: MX or A record not found"
--- would I need an MX record if I am only sending, and what A record is it looking for? I have an A record for mail.mydomain.com, as well as the reverse entry that points to the same.
ASKER
I am also seeing this one to comcast:
relay=mx1b.comcast.net. [76.96.62.116], dsn=5.0.0, stat=Service unavailable
Jul 14 21:33:08 LINUX1 sendmail[28633]: n6F1X7f0028631: n6F1X8f0028633: DSN: Service unavailable
relay=mx1b.comcast.net. [76.96.62.116], dsn=5.0.0, stat=Service unavailable
Jul 14 21:33:08 LINUX1 sendmail[28633]: n6F1X7f0028631: n6F1X8f0028633: DSN: Service unavailable
If you just recently added the Host and MX records, it might take a while to update in public dns servers.
The A record would be "Mail"...a host record.
To check your MX record..go here: http://www.mxtoolbox.com/index.aspx
type mail.yourdomainname.com hit enter...
The A record would be "Mail"...a host record.
To check your MX record..go here: http://www.mxtoolbox.com/index.aspx
type mail.yourdomainname.com hit enter...
ASKER
And yahoo appears to be accepting the mail, but it never ends up in my Yahoo email box or spam folder... Here is the log that appears to be showing yahoo is accepting for delivery
Jul 15 12:39:29 LINUX1 sendmail[32128]: n6FGdTKF032128: to="Jim" <jkockler@yahoo.com>, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=37864, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (n6FGdTw0032133 Message accepted for delivery)
Jul 15 12:39:41 LINUX1 sendmail[32138]: n6FGdTw0032133: to=<jkockler@yahoo.com>, ctladdr=<root@localhost.lo
Jul 15 12:39:29 LINUX1 sendmail[32128]: n6FGdTKF032128: to="Jim" <jkockler@yahoo.com>, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=37864, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (n6FGdTw0032133 Message accepted for delivery)
Jul 15 12:39:41 LINUX1 sendmail[32138]: n6FGdTw0032133: to=<jkockler@yahoo.com>, ctladdr=<root@localhost.lo
ASKER
xuserx, The Mx records are setup through google because they host my incoming mail. So when I go to the mxtoolbox , it shows the google MX records. However I do have an A record, and a reverse zone pointing mail.mydomain.com to my static IP address where Asterisk sits.
I do not think the MX should be a factor because I am only sending not receiving.
I do not think the MX should be a factor because I am only sending not receiving.
root@localhost.localdomain
"However I do have an A record, and a reverse zone pointing mail.mydomain.com to my static IP address where Asterisk sits."
Where is that hosted ? Google ?... or internally ?
Where is that hosted ? Google ?... or internally ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
root@localhost.localdomain
--- How would I check??
-- I have Asterisk set to send as "myemailaddress@mydomain.c
--- How would I check??
-- I have Asterisk set to send as "myemailaddress@mydomain.c
ASKER
"However I do have an A record, and a reverse zone pointing mail.mydomain.com to my static IP address where Asterisk sits."
Where is that hosted ? Google ?... or internally ?
--- My A records, and MX records are hosted through Godaddy ...
-- My PTR or reverse DNS zones are hosted through Comcast, as the ISP servers are the ones that provide the reverse DNS to mail servers.
Where is that hosted ? Google ?... or internally ?
--- My A records, and MX records are hosted through Godaddy ...
-- My PTR or reverse DNS zones are hosted through Comcast, as the ISP servers are the ones that provide the reverse DNS to mail servers.
ASKER
_jesper_:
Your mail server should have matching forward and inverse DNS:
asterisk.domain.com. -> 192.168.1.1
1.1.168.192.in-addr.arpa. -> asterisk.domain.com.
Set sendmail to listen on the public IP for which you have DNS configured.
Use 'masquerade' in your sendmail.mc (sendmail.cf) to put the public domain name in the outgoing mail.
-----
asterisk.domain.com. -> 192.168.1.1
1.1.168.192.in-addr.arpa. -> asterisk.domain.com
Yes, the above is what is showing when you do a reverse lookup, and the ISP confirmed it.
I have not however set anything in sendmail.mc ... I will try that now.
Your mail server should have matching forward and inverse DNS:
asterisk.domain.com. -> 192.168.1.1
1.1.168.192.in-addr.arpa. -> asterisk.domain.com.
Set sendmail to listen on the public IP for which you have DNS configured.
Use 'masquerade' in your sendmail.mc (sendmail.cf) to put the public domain name in the outgoing mail.
-----
asterisk.domain.com. -> 192.168.1.1
1.1.168.192.in-addr.arpa. -> asterisk.domain.com
Yes, the above is what is showing when you do a reverse lookup, and the ISP confirmed it.
I have not however set anything in sendmail.mc ... I will try that now.
I think Jesper is on to something there.
ASKER
in the sendmail.mc .. what is the "dnl" before each line? is that commenting out the line or something that I should leave alone when setting the masquerade?
'dnl' at the beginning of a line is a comment character
'dnl' at the end of the line is required.
So,
MASQUERADE_AS(`domain.com'
is how it should read. If you do not copy/paste, be sure that the first quote in front of the domain name is a back tick. Change `domain.com' to your actual domain name.
make -C /etc/mail
service sendmail reload
'dnl' at the end of the line is required.
So,
MASQUERADE_AS(`domain.com'
is how it should read. If you do not copy/paste, be sure that the first quote in front of the domain name is a back tick. Change `domain.com' to your actual domain name.
make -C /etc/mail
service sendmail reload
ASKER
is that the only line I need to modify? There are more than a few masquerade lines ... Yahoo is now accepting after changing the MASQUERADE_AS(`domain.com'
the log is still showing localhost.localdomain.com
I check my sendmail.cf and "root" still showing as class E, and localhost as class "w" .. How can I get "mail.mydomain.com" to show as class E? It is currently showing as class 'M' .. I think that would fix it, no?
the log is still showing localhost.localdomain.com
I check my sendmail.cf and "root" still showing as class E, and localhost as class "w" .. How can I get "mail.mydomain.com" to show as class E? It is currently showing as class 'M' .. I think that would fix it, no?
ASKER
Now I am getting messages in the log about relay connection refused by 127.0.0.1 ??? Why is the local host refusing? very odd.
ASKER
Well the connection refused is fixed, I had spaces in the sendmail.mc that was screwing it up .. .but root@localhost.com is still showing all over the logs...
Your /etc/mail/access -- change 192.168.1 to the netblock of the server:
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
192.168.1 RELAY
makemap hash access < access
And, have sendmail only listen on the 'public' IP -- changing 192.168.1.1 to the actual IP address:
DAEMON_OPTIONS(`Port=smtp,
make -C /etc/mail
service sendmail reload
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
192.168.1 RELAY
makemap hash access < access
And, have sendmail only listen on the 'public' IP -- changing 192.168.1.1 to the actual IP address:
DAEMON_OPTIONS(`Port=smtp,
make -C /etc/mail
service sendmail reload
ASKER
Do i need to have sendmail listen on the public IP , if I am only sending mail from the local machine that it is on? I am not looking to receive mail.
More sendmail.mc stuff:
FEATURE(masquerade_envelop
FEATURE(masquerade_entire_
FEATURE(masquerade_envelop
FEATURE(masquerade_entire_
Also,
Do you have root as an exposed user in your sendmail.mc/cf?
Do you have root as an exposed user in your sendmail.mc/cf?
If you are sending email from a machine to another mail server, I would recommend it.
That way, the listening IP and DNS all match.
That way, the listening IP and DNS all match.
ASKER
Also,
Do you have root as an exposed user in your sendmail.mc/cf?
--- i dont know ... where is that? In the cf ,, I see root specified as class E ..
Do you have root as an exposed user in your sendmail.mc/cf?
--- i dont know ... where is that? In the cf ,, I see root specified as class E ..
ASKER
after I did the steps above, I started to receive this message:
Jul 15 14:12:52 LINUX1 sendmail[1850]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Cannot assign requested address
Jul 15 14:12:52 LINUX1 sendmail[1850]: daemon MTA: problem creating SMTP socket
Jul 15 14:12:52 LINUX1 sendmail[1850]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: server SMTP socket wedged: exiting
I really dont think I need to make all those relay changes and the public IP change.. I think all I need is to get the "locahost" and root@localhost out of the logs.... The remaining servers that are rejecting, are referring to those lines... and root and local host are still appearing as E class in the sendmail.mc
Jul 15 14:12:52 LINUX1 sendmail[1850]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Cannot assign requested address
Jul 15 14:12:52 LINUX1 sendmail[1850]: daemon MTA: problem creating SMTP socket
Jul 15 14:12:52 LINUX1 sendmail[1850]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: server SMTP socket wedged: exiting
I really dont think I need to make all those relay changes and the public IP change.. I think all I need is to get the "locahost" and root@localhost out of the logs.... The remaining servers that are rejecting, are referring to those lines... and root and local host are still appearing as E class in the sendmail.mc
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Brilliant!! Yes!!!
Samsung & Comcast are now accepting !!!!
This was the final nail "/etc/mail/sendmail.mc -> dnl in front of exposed user"
Thanks for all the hep jesper!
Samsung & Comcast are now accepting !!!!
This was the final nail "/etc/mail/sendmail.mc -> dnl in front of exposed user"
Thanks for all the hep jesper!
No problem. Glad to hear that everything is working.
You are using a "fake" domain name in the sender address....
Example... Your mail came from Asterisk@somewhere.com ...from the IP address 208.80.xxx.xxx ....then Yahoo does a reverse lookup on "mail.somewhere.com".... and it points to a different IP address... Yahoo rejects the mail, because the sender is "masquerading" as someone else.
Now if there were a domain actually registered on the public IP address that you send your mail from, then a reverse lookup of mail.somwhere.com, would be correct...and your mail would be delivered. G-mail may be more relaxed than some of the other mail servers you mentioned.
This is called reverse lookup, and most providers use it to filter the majority of spam....over half the spam on the internet comes from spambots that send e-mail for domains that sometimes don't even exist.
Configure the logging for sendmail.
http://docs.hp.com/en/B2355-90685/ch04s11.html#ceecefji