Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Linux CentOS sendmail queing some messages relaying others

Posted on 2013-01-13
10
Medium Priority
?
1,011 Views
Last Modified: 2013-03-16
So our sendmail stopped sending out notifications for SVN service about a month ago.   So I've racked my brains trying to figure out why.   We recently deployed an exchange server (Exchange Enterprise 2010).  I've managed to get sendmail to run sendemail -v myname@mydomain.com and it it relays the message just fine, I can access the test message on my exchange server, but when I do the same process changing the email address to myname@gmail.com /tail reports the message stat=queued.

For security actual domain/address have been replaced with wildcards.

[root@PnPSamba mail]# sendmail -v myname@gmail.com
15 615 testing the st^H^Ht
.
myname@gmail.com... Connecting to [127.0.0.1] via relay...
220 PnPSamba.pnp?,????? ESMTP Sendmail 8.13.8/8.13.8; Sun, 13 Jan 2013 22:47:43
-0700
>>> EHLO PnPSamba.pnp?,?????
250-PnPSamba.pnp?,????? Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> MAIL From:<root@PnPSamba.pnp?,?????> SIZE=25
250 2.1.0 <root@PnPSamba.pnp?,?????>... Sender ok
>>> RCPT To:<myname@gmail.com>
>>> DATA
250 2.1.5 <myname@gmail.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 r0E5lhF3009919 Message accepted for delivery
myname@gmail.com... Sent (r0E5lhF3009919 Message accepted for delivery
)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 PnPSamba.pnp?,????? closing connection
[root@PnPSamba mail]# tail -f /var/log/maillog
Jan 13 22:43:51 PnPSamba sendmail[9886]: r0E5ha76009884: r0E5hp76009886: DSN: ha
sh map "Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.alia
ses.db: Permission denied
Jan 13 22:43:51 PnPSamba sendmail[9886]: r0E5hp76009886: to=<root@PnPSamba.pnp?.
local>, delay=00:00:00, mailer=local, pri=31574, stat=queued
Jan 13 22:47:43 PnPSamba sendmail[9917]: r0E5lXvK009917: from=root, size=25, cla
ss=0, nrcpts=1, msgid=<201301140547.r0E5lXvK009917@PnPSamba.pnp?,?????>, relay=r
oot@localhost
Jan 13 22:47:43 PnPSamba sendmail[9919]: r0E5lhF3009919: from=<root@PnPSamba.pnp
i.?????>, size=326, class=0, nrcpts=1, msgid=<201301140547.r0E5lXvK009917@PnPSam
ba.pnp?,?????>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jan 13 22:47:43 PnPSamba sendmail[9917]: r0E5lXvK009917: to=jeremy.werderman@gma
il.com, ctladdr=root (0/0), delay=00:00:10, xdelay=00:00:00, mailer=relay, pri=3
0025, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (r0E5lhF3009919 Messag
e accepted for delivery)
Jan 13 22:47:43 PnPSamba sendmail[9921]: STARTTLS=client, relay=exchange.pnp?.??
???., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jan 13 22:47:48 PnPSamba sendmail[9921]: r0E5lhF3009919: to=<jeremy.werderman@gm
ail.com>, ctladdr=<root@PnPSamba.pnp?,?????> (0/0), delay=00:00:05, xdelay=00:00
:05, mailer=relay, pri=120326, relay=exchange.pnp?,?????. [192.168.15.35], dsn=5
.7.1, stat=User unknown
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lhF3009919: SYSERR(root): hash map
"Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.aliases.db:
 Permission denied
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lhF3009919: r0E5lwF3009921: DSN: ha
sh map "Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.alia
ses.db: Permission denied
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lwF3009921: to=<root@PnPSamba.pnp?.
local>, delay=00:00:00, mailer=local, pri=31573, stat=queued
0
Comment
Question by:OrderlyChoas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 38773493
Do you mean when changing To: myname@gmail.com from sendmail, exchange not able to relay email to internet? If yes, and if To:your@internal.com from sendmail, you able to read the email on your exchange.

Try check at on Exchange's Send Connector. You have to put * so that any email that not match your internal domain/accepted domain name, the email will route to DNS/Smart host before sending to internet
0
 

Author Comment

by:OrderlyChoas
ID: 38773506
Where exactly does the * go?
0
 
LVL 19

Expert Comment

by:suriyaehnop
ID: 38773538
It is not Exchange server. You log on to your Exchange server | Run Exchange Management Console.

I'm not sure expand on Organization or Server level (current not able access the Exchange server). Click on Hub Transport and you will see the "Send Connector" tab
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 80

Expert Comment

by:arnold
ID: 38773768
Based on sendmail log, your exchange server seems to treat gmail.com as a local domain or is a result of failing to establish a TLS session,
Jan 13 22:47:43 PnPSamba sendmail[9921]: STARTTLS=client, relay=exchange.pnp?.??
???., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jan 13 22:47:48 PnPSamba sendmail[9921]: r0E5lhF3009919: to=<jeremy.werderman@gm
ail.com>, ctladdr=<root@PnPSamba.pnp?,?????> (0/0), delay=00:00:05, xdelay=00:00
:05, mailer=relay, pri=120326, relay=exchange.pnp?,?????. [192.168.15.35], dsn=5
.7.1, stat=User unknown

One option would be to setup a transport rule for gmail.com destined recipients to avoid being sent through the exchange server.
0
 

Author Comment

by:OrderlyChoas
ID: 38774416
It may be worth mentioning that exchange seems to have no problem sending its own mail to the outside world.
0
 
LVL 80

Expert Comment

by:arnold
ID: 38775066
The issue is with the interaction between sendmail and exchange. Note there is a response coming from exchange to sendmail 5.7.1 User Unknown.

Try the following.  From the system on which sendmail is running. telnet 192.168.15.35 25
and perform a simple SMTP session.
Anything after the command needs to be replaced with appropriate data
ehlo sendmail_server
mail from: <sender_email_address>
rcpt to: <recipient_email_address.
data
From: <sender_email_address>
To: <recipient_email_address>
Subject: testing

This is a test to ...
.

upon the last entry (.) you should get a response from your exchange in the form of 2xx that it accepted the message. If you get anything else, it means exchange rejected the attempt.
One thing to make sure is that exchange is configured to allow relaying from the sendmail system in addition to authenticated relaying which is likely why you can send through the exchange using an email client.

Presumably if you attempt a telnet session as described above from your local workstation, you may encounter a similar situation whereby exchange rejects the submission of an email to an external destination.
0
 

Author Comment

by:OrderlyChoas
ID: 38789365
So when trying to send to an external address the log is reporting 5.7.1 and 5.1.1 error.  Is there a way to use specific credentials that sendmail should use?
0
 
LVL 80

Expert Comment

by:arnold
ID: 38790121
A Local account defined on the system can be used.
A log entry means that the server to which your server is trying to deliver the message is not allowed to do it.  The complete error message should include a description of the error
5.7.1 realying denied
5.1.1 Not authorized

Without knowing what server your system was accessing it is impossible for me to know what is missing.  If sendmail on external connection has to authenticate, it is a configuration option.
0
 

Accepted Solution

by:
OrderlyChoas earned 0 total points
ID: 38975631
We ended up abandoning the Linux mail transport client and just routed everything through our exchange server.
0
 

Author Closing Comment

by:OrderlyChoas
ID: 38991451
Question ended up not being answered and an alternative method of circumventing the linux sendmail client was found.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question