Solved

Linux CentOS sendmail queing some messages relaying others

Posted on 2013-01-13
10
989 Views
Last Modified: 2013-03-16
So our sendmail stopped sending out notifications for SVN service about a month ago.   So I've racked my brains trying to figure out why.   We recently deployed an exchange server (Exchange Enterprise 2010).  I've managed to get sendmail to run sendemail -v myname@mydomain.com and it it relays the message just fine, I can access the test message on my exchange server, but when I do the same process changing the email address to myname@gmail.com /tail reports the message stat=queued.

For security actual domain/address have been replaced with wildcards.

[root@PnPSamba mail]# sendmail -v myname@gmail.com
15 615 testing the st^H^Ht
.
myname@gmail.com... Connecting to [127.0.0.1] via relay...
220 PnPSamba.pnp?,????? ESMTP Sendmail 8.13.8/8.13.8; Sun, 13 Jan 2013 22:47:43
-0700
>>> EHLO PnPSamba.pnp?,?????
250-PnPSamba.pnp?,????? Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> MAIL From:<root@PnPSamba.pnp?,?????> SIZE=25
250 2.1.0 <root@PnPSamba.pnp?,?????>... Sender ok
>>> RCPT To:<myname@gmail.com>
>>> DATA
250 2.1.5 <myname@gmail.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 r0E5lhF3009919 Message accepted for delivery
myname@gmail.com... Sent (r0E5lhF3009919 Message accepted for delivery
)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 PnPSamba.pnp?,????? closing connection
[root@PnPSamba mail]# tail -f /var/log/maillog
Jan 13 22:43:51 PnPSamba sendmail[9886]: r0E5ha76009884: r0E5hp76009886: DSN: ha
sh map "Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.alia
ses.db: Permission denied
Jan 13 22:43:51 PnPSamba sendmail[9886]: r0E5hp76009886: to=<root@PnPSamba.pnp?.
local>, delay=00:00:00, mailer=local, pri=31574, stat=queued
Jan 13 22:47:43 PnPSamba sendmail[9917]: r0E5lXvK009917: from=root, size=25, cla
ss=0, nrcpts=1, msgid=<201301140547.r0E5lXvK009917@PnPSamba.pnp?,?????>, relay=r
oot@localhost
Jan 13 22:47:43 PnPSamba sendmail[9919]: r0E5lhF3009919: from=<root@PnPSamba.pnp
i.?????>, size=326, class=0, nrcpts=1, msgid=<201301140547.r0E5lXvK009917@PnPSam
ba.pnp?,?????>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jan 13 22:47:43 PnPSamba sendmail[9917]: r0E5lXvK009917: to=jeremy.werderman@gma
il.com, ctladdr=root (0/0), delay=00:00:10, xdelay=00:00:00, mailer=relay, pri=3
0025, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (r0E5lhF3009919 Messag
e accepted for delivery)
Jan 13 22:47:43 PnPSamba sendmail[9921]: STARTTLS=client, relay=exchange.pnp?.??
???., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jan 13 22:47:48 PnPSamba sendmail[9921]: r0E5lhF3009919: to=<jeremy.werderman@gm
ail.com>, ctladdr=<root@PnPSamba.pnp?,?????> (0/0), delay=00:00:05, xdelay=00:00
:05, mailer=relay, pri=120326, relay=exchange.pnp?,?????. [192.168.15.35], dsn=5
.7.1, stat=User unknown
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lhF3009919: SYSERR(root): hash map
"Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.aliases.db:
 Permission denied
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lhF3009919: r0E5lwF3009921: DSN: ha
sh map "Alias1": unsafe map file /home/majordomo/majordomo-1.94.5/majordomo.alia
ses.db: Permission denied
Jan 13 22:47:58 PnPSamba sendmail[9921]: r0E5lwF3009921: to=<root@PnPSamba.pnp?.
local>, delay=00:00:00, mailer=local, pri=31573, stat=queued
0
Comment
Question by:OrderlyChoas
  • 5
  • 3
  • 2
10 Comments
 
LVL 18

Expert Comment

by:suriyaehnop
ID: 38773493
Do you mean when changing To: myname@gmail.com from sendmail, exchange not able to relay email to internet? If yes, and if To:your@internal.com from sendmail, you able to read the email on your exchange.

Try check at on Exchange's Send Connector. You have to put * so that any email that not match your internal domain/accepted domain name, the email will route to DNS/Smart host before sending to internet
0
 

Author Comment

by:OrderlyChoas
ID: 38773506
Where exactly does the * go?
0
 
LVL 18

Expert Comment

by:suriyaehnop
ID: 38773538
It is not Exchange server. You log on to your Exchange server | Run Exchange Management Console.

I'm not sure expand on Organization or Server level (current not able access the Exchange server). Click on Hub Transport and you will see the "Send Connector" tab
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 77

Expert Comment

by:arnold
ID: 38773768
Based on sendmail log, your exchange server seems to treat gmail.com as a local domain or is a result of failing to establish a TLS session,
Jan 13 22:47:43 PnPSamba sendmail[9921]: STARTTLS=client, relay=exchange.pnp?.??
???., version=TLSv1/SSLv3, verify=FAIL, cipher=AES128-SHA, bits=128/128
Jan 13 22:47:48 PnPSamba sendmail[9921]: r0E5lhF3009919: to=<jeremy.werderman@gm
ail.com>, ctladdr=<root@PnPSamba.pnp?,?????> (0/0), delay=00:00:05, xdelay=00:00
:05, mailer=relay, pri=120326, relay=exchange.pnp?,?????. [192.168.15.35], dsn=5
.7.1, stat=User unknown

One option would be to setup a transport rule for gmail.com destined recipients to avoid being sent through the exchange server.
0
 

Author Comment

by:OrderlyChoas
ID: 38774416
It may be worth mentioning that exchange seems to have no problem sending its own mail to the outside world.
0
 
LVL 77

Expert Comment

by:arnold
ID: 38775066
The issue is with the interaction between sendmail and exchange. Note there is a response coming from exchange to sendmail 5.7.1 User Unknown.

Try the following.  From the system on which sendmail is running. telnet 192.168.15.35 25
and perform a simple SMTP session.
Anything after the command needs to be replaced with appropriate data
ehlo sendmail_server
mail from: <sender_email_address>
rcpt to: <recipient_email_address.
data
From: <sender_email_address>
To: <recipient_email_address>
Subject: testing

This is a test to ...
.

upon the last entry (.) you should get a response from your exchange in the form of 2xx that it accepted the message. If you get anything else, it means exchange rejected the attempt.
One thing to make sure is that exchange is configured to allow relaying from the sendmail system in addition to authenticated relaying which is likely why you can send through the exchange using an email client.

Presumably if you attempt a telnet session as described above from your local workstation, you may encounter a similar situation whereby exchange rejects the submission of an email to an external destination.
0
 

Author Comment

by:OrderlyChoas
ID: 38789365
So when trying to send to an external address the log is reporting 5.7.1 and 5.1.1 error.  Is there a way to use specific credentials that sendmail should use?
0
 
LVL 77

Expert Comment

by:arnold
ID: 38790121
A Local account defined on the system can be used.
A log entry means that the server to which your server is trying to deliver the message is not allowed to do it.  The complete error message should include a description of the error
5.7.1 realying denied
5.1.1 Not authorized

Without knowing what server your system was accessing it is impossible for me to know what is missing.  If sendmail on external connection has to authenticate, it is a configuration option.
0
 

Accepted Solution

by:
OrderlyChoas earned 0 total points
ID: 38975631
We ended up abandoning the Linux mail transport client and just routed everything through our exchange server.
0
 

Author Closing Comment

by:OrderlyChoas
ID: 38991451
Question ended up not being answered and an alternative method of circumventing the linux sendmail client was found.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Read this checklist to learn more about the 15 things you should never include in an email signature.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question