Linux CentOS sendmail queing some messages relaying others

So our sendmail stopped sending out notifications for SVN service about a month ago.   So I've racked my brains trying to figure out why.   We recently deployed an exchange server (Exchange Enterprise 2010).  I've managed to get sendmail to run sendemail -v myname@mydomain.com and it it relays the message just fine, I can access the test message on my exchange server, but when I do the same process changing the email address to myname@gmail.com /tail reports the message stat=queued.

For security actual domain/address have been replaced with wildcards.

[root@PnPSamba mail]# sendmail -v myname@gmail.com
15 615 testing the st^H^Ht
.
myname@gmail.com... Connecting to [127.0.0.1] via relay...
220 PnPSamba.pnp?,????? ESMTP Sendmail 8.13.8/8.13.8; Sun, 13 Jan 2013 22:47:43
-0700
>>> EHLO PnPSamba.pnp?,?????
250-PnPSamba.pnp?,????? Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> MAIL From:<root@PnPSamba.pnp?,?????> SIZE=25
250 2.1.0 <root@PnPSamba.pnp?,?????>... Sender ok
>>> RCPT To:<myname@gmail.com>
>>> DATA
250 2.1.5 <myname@gmail.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 r0E5lhF3009919 Message accepted for delivery
myname@gmail.com... Sent (r0E5lhF3009919 Message accepted for delivery
)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 PnPSamba.pnp?,????? closing connection
[root@PnPSamba mail]# tail -f /var/log/maillog
Jan 13 22:43:51 PnPSamba sendmail[9886]: r0E5ha76009884: r0E5hp76009886: DSN: ha
sh map "Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.alia
ses.db: Permission denied
Jan 13 22:43:51 PnPSamba sendmail[9886]: r0E5hp76009886: to=<root@PnPSamba.pnp?.
local>, delay=00:00:00, mailer=local, pri=31574, stat=queued
Jan 13 22:47:43 PnPSamba sendmail[9917]: r0E5lXvK009917: from=root, size=25, cla
ss=0, nrcpts=1, msgid=<201301140547.r0E5lXvK009917@PnPSamba.pnp?,?????>, relay=r
oot@localhost
Jan 13 22:47:43 PnPSamba sendmail[9919]: r0E5lhF3009919: from=<root@PnPSamba.pnp
i.?????>, size=326, class=0, nrcpts=1, msgid=<201301140547.r0E5lXvK009917@PnPSam
ba.pnp?,?????>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jan 13 22:47:43 PnPSamba sendmail[9917]: r0E5lXvK009917: to=jeremy.werderman@gma
il.com, ctladdr=root (0/0), delay=00:00:10, xdelay=00:00:00, mailer=relay, pri=3
0025, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (r0E5lhF3009919 Messag
e accepted for delivery)
Jan 13 22:47:43 PnPSamba sendmail[9921]: STARTTLS=client, relay=exchange.pnp?.??
???., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jan 13 22:47:48 PnPSamba sendmail[9921]: r0E5lhF3009919: to=<jeremy.werderman@gm
ail.com>, ctladdr=<root@PnPSamba.pnp?,?????> (0/0), delay=00:00:05, xdelay=00:00
:05, mailer=relay, pri=120326, relay=exchange.pnp?,?????. [192.168.15.35], dsn=5
.7.1, stat=User unknown
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lhF3009919: SYSERR(root): hash map
"Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.aliases.db:
 Permission denied
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lhF3009919: r0E5lwF3009921: DSN: ha
sh map "Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.alia
ses.db: Permission denied
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lwF3009921: to=<root@PnPSamba.pnp?.
local>, delay=00:00:00, mailer=local, pri=31573, stat=queued
OrderlyChoasAsked:
Who is Participating?
 
OrderlyChoasConnect With a Mentor Author Commented:
We ended up abandoning the Linux mail transport client and just routed everything through our exchange server.
0
 
suriyaehnopCommented:
Do you mean when changing To: myname@gmail.com from sendmail, exchange not able to relay email to internet? If yes, and if To:your@internal.com from sendmail, you able to read the email on your exchange.

Try check at on Exchange's Send Connector. You have to put * so that any email that not match your internal domain/accepted domain name, the email will route to DNS/Smart host before sending to internet
0
 
OrderlyChoasAuthor Commented:
Where exactly does the * go?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
suriyaehnopCommented:
It is not Exchange server. You log on to your Exchange server | Run Exchange Management Console.

I'm not sure expand on Organization or Server level (current not able access the Exchange server). Click on Hub Transport and you will see the "Send Connector" tab
0
 
arnoldCommented:
Based on sendmail log, your exchange server seems to treat gmail.com as a local domain or is a result of failing to establish a TLS session,
Jan 13 22:47:43 PnPSamba sendmail[9921]: STARTTLS=client, relay=exchange.pnp?.??
???., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jan 13 22:47:48 PnPSamba sendmail[9921]: r0E5lhF3009919: to=<jeremy.werderman@gm
ail.com>, ctladdr=<root@PnPSamba.pnp?,?????> (0/0), delay=00:00:05, xdelay=00:00
:05, mailer=relay, pri=120326, relay=exchange.pnp?,?????. [192.168.15.35], dsn=5
.7.1, stat=User unknown

One option would be to setup a transport rule for gmail.com destined recipients to avoid being sent through the exchange server.
0
 
OrderlyChoasAuthor Commented:
It may be worth mentioning that exchange seems to have no problem sending its own mail to the outside world.
0
 
arnoldCommented:
The issue is with the interaction between sendmail and exchange. Note there is a response coming from exchange to sendmail 5.7.1 User Unknown.

Try the following.  From the system on which sendmail is running. telnet 192.168.15.35 25
and perform a simple SMTP session.
Anything after the command needs to be replaced with appropriate data
ehlo sendmail_server
mail from: <sender_email_address>
rcpt to: <recipient_email_address.
data
From: <sender_email_address>
To: <recipient_email_address>
Subject: testing

This is a test to ...
.

upon the last entry (.) you should get a response from your exchange in the form of 2xx that it accepted the message. If you get anything else, it means exchange rejected the attempt.
One thing to make sure is that exchange is configured to allow relaying from the sendmail system in addition to authenticated relaying which is likely why you can send through the exchange using an email client.

Presumably if you attempt a telnet session as described above from your local workstation, you may encounter a similar situation whereby exchange rejects the submission of an email to an external destination.
0
 
OrderlyChoasAuthor Commented:
So when trying to send to an external address the log is reporting 5.7.1 and 5.1.1 error.  Is there a way to use specific credentials that sendmail should use?
0
 
arnoldCommented:
A Local account defined on the system can be used.
A log entry means that the server to which your server is trying to deliver the message is not allowed to do it.  The complete error message should include a description of the error
5.7.1 realying denied
5.1.1 Not authorized

Without knowing what server your system was accessing it is impossible for me to know what is missing.  If sendmail on external connection has to authenticate, it is a configuration option.
0
 
OrderlyChoasAuthor Commented:
Question ended up not being answered and an alternative method of circumventing the linux sendmail client was found.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.