I need to send email using smtp on port 587 on a Red Hat Linux ES 3 system.

I have a customer that I inherited running Red Hat Linux ES 3 that wants to send email from the Linux side.  
I need to be able to send email using port 587.

cat /etc/redhat-release
Red Hat Enterprise Linux ES release 3 (Taroon)

The Windows support person says smtp must use port 587.

SMTP: smtp.emailarray.com  Port: 587
Login: info@computerohio.com

/etc/services
smtp            25/tcp          mail
smtp            25/udp          mail
submission      587/tcp         msa             # mail message submission
submission      587/udp         msa             # mail message submission

Since 587 is used by submission can smtp also be changed to 587 in the /etc/services file?

netstat -tanp | grep send | grep LISTEN
tcp        0      0 127.0.0.1:25            0.0.0.0:*    LISTEN      483/sendmail: acce

The Windows support person also says the following:
The Windows server is running DNS, so you may want to change the DNS servers to:
10.10.10.176
8.8.8.8
It should resolve "smtp.emailarray.com" to 69.28.212.198.

cat /etc/resolv.conf
nameserver 10.10.10.1
nameserver 68.10.16.25
nameserver 10.10.10.176
nameserver 8.8.8.8
search appemc


cat /etc/sysconfig/networking/devices
# Intel Corp.|82540EM Gigabit Ethernet Controller
DEVICE=eth0
BOOTPROTO=none
BROADCAST=10.10.10.255
HWADDR=00:c0:9f:27:7b:8f
IPADDR=10.10.10.100
NETMASK=255.255.255.0
NETWORK=10.10.10.0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
PEERDNS=yes
GATEWAY=10.10.10.1


cat /etc/sysconfig/networking/profiles/default/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost.localdomain   localhost       appemc
10.10.10.100    emc2
10.10.10.175    emcws
10.10.10.176    emcws2
10.10.10.93     upspc
10.10.11.2      dhk61353
#65.39.216.39   smtp.emailarray.com

cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=appemc

cat /etc/sysconfig/networking/profiles/default/network
HOSTNAME=appemc


grep DS /etc/mail/sendmail.cf
DS
# Return-Receipt-To: header implies DSN request
# DHParameters (only required if DSA/DH is used)

grep SMART sendmail.mc
dnl define(`SMART_HOST',`smtp.your.provider')

grep DAEMON sendmail.mc
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl

Below is an entry from /var/log/maillog:
Nov  8 22:17:11 localhost sendmail[18475]: vA93GY7L018471: to=<dkaibjr@verizon.n
et>, ctladdr=<root@localhost.localdomain> (0/0), delay=00:00:29, xdelay=00:00:29
, mailer=esmtp, pri=33202, relay=mailin-01.mx.aol.com. [64.12.88.132], dsn=5.0.0
, stat=Service unavailable

I did not install the Red Hat Linux on this system and not local to the equipment.
I do not have access to the console so everything I do needs to be from the command line.

One issue found from the original install was that the hostname was set as
HOSTNAME=localhost.localdomain

Thank you for any help you can provide.

Dan
Dan KaibAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Add a bit of clarification.

Are you attempting send email from this machine's MTA, through some other site like MailGun port 587?

Or...

Are you trying to have people submit email to your MTA via authenticated requests on port 587?
Dan KaibAuthor Commented:
Hi David,

Thank you for the quick reply.

They use the software package BackupEDGE to backup the Linux system.
BackupEDGE can email the results to an email address.
The mail system is not used on the Linux system.
I need to use SMTP to smtp.emailarray.com on Port 587
Below is the test of the SMTP Service:
[root@appemc root]# telnet smtp.emailarray.com 587
Trying 69.28.212.198...
Connected to smtp.emailarray.com (69.28.212.198).
Escape character is '^]'.
220 smtp2.emailarray.com ESMTP
helo
250 smtp2.emailarray.com
mail from: accounting@etched-metal.com
250 ok
rcpt to: mike@etched-metal.com
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

Not sure if that answers your question.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Looks like you have two problems.

1) The server smtp2.emailarray.com seems misconfigured to allow plain text connections, so anyone can scrape the user/pass for authentications. This is incorrect. Port 25 is reserved for non-authenticated mail submission + port 587 is reserved for authenticated mail submission.

2) The server smtp2.emailarray.com should have prompted for a user/pass to start a session.

3) The server smtp2.emailarray.com must be configured to accept email for the appemc machine or for mike@etched-metal.com to accept email for relaying or delivery.

I'd suggest you switch to using MailGun (free for first 10K email each month), so you can avoid fixing the smtp2.emailarray.com server config.
Get Blueprints for Increased Customer Retention

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Download your eBook!
Dan KaibAuthor Commented:
smtp.emailarray.com is already handling the users Windows email side without any problem.
Is there a way to send the authentication via the Linux sendmail?
I have no involvement with the Windows side of this installation.
I can only deal with the Linux application side of installation.

smtp.emailarray.com does not allow port 25 to be used.

The Linux services file shows smtp on port 25 and submission on port 587 below:
/etc/services
smtp            25/tcp          mail
smtp            25/udp          mail
submission      587/tcp         msa             # mail message submission
submission      587/udp         msa             # mail message submission

Can both smtp and submission use port 587 in the /etc/services file?

Thanks for your help,
Dan
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Per your previous update, the server smtp2.emailarray.com is misconfigured for how port 587 is meant to be used.

Port 25 - unauthenticated email submission.

Port 587 - authenticated (user/pass) email submission, usually behind TLS/SSL or it's pointless to run port 587 submission.

Answers to your questions.

1) Is there a way to send the authentication via the Linux sendmail?

Yes + you will have to configure sendmail to do this... which will likely have you pulling your hair out.

Before you start down this track, use http://www.jetmore.org/john/code/swaks/ to verify the receiving email system is working correctly.

Can't tell you how many times I've found bugs in receiving email systems, using swaks.

If you can't send a test message with swaks, you can't configure sendmail to send either.

Also, you'll be far better off using exim or postfix or if you're using a CMS like WordPress, use a plugin... rather than wrestling with sendmail.

2) I have no involvement with the Windows side of this installation.

You still have to verify this system is configured correctly. If you're sending unauthenticated email, use port 25. Even if their port 587 works now, this is a misconfiguration which might be fixed at any point.

3) I can only deal with the Linux application side of installation.

Start with swaks, then move onto configure either a CMS plugin or your MTA.

4) Can both smtp and submission use port 587 in the /etc/services file?

You misunderstand the purpose of /etc/services which only documents how ports are normally used.

This file is really a NOP (no operation, meaningless) file. You can run Apache or LDAP on port 25, if you'd like.

The /etc/services file is used for services like netstat to produce human readable translations for ports + has very little to do with reality.

Also /etc/services only relates to local machines + has no bearing on remote machines.
Dan KaibAuthor Commented:
Hi David,

Thank you for you help.  Sorry it took so long to get back to you.
It tried swaks on port 25 and attempted to run it on port 587.
Below are the results:

The port 25 test starts here:
alias vrfy='/usr/dhk/swaks-20170101.0/swaks -q rcpt -t'

vrfy smtp.emailarray.com
=== Trying smtp.emailarray.com:25...
=== Connected to smtp.emailarray.com.
<-  220 smtp2.emailarray.com ESMTP
 -> EHLO localhost.localdomain
<-  250-smtp2.emailarray.com
<-  250-STARTTLS
<-  250-AUTH LOGIN CRAM-MD5 PLAIN
<-  250-AUTH=LOGIN CRAM-MD5 PLAIN
<-  250-PIPELINING
<-  250 8BITMIME
 -> MAIL FROM:<root@localhost.localdomain>
<-  250 ok
 -> RCPT TO:<smtp.emailarray.com>
<** 550 sorry, no mailbox here by that name
 -> QUIT
<-  221 smtp2.emailarray.com
=== Connection closed with remote host.

The port 587 test starts here:
alias vrfy='/usr/dhk/swaks-20170101.0/swaks -q rcpt -t -p 587'

vrfy smtp.emailarray.com
To: mike@etched-metal.com
=== Trying mx1.emailsrvr.com:587...
*** Error connecting to mx1.emailsrvr.com:587:
***     IO::Socket::INET: connect: timeout

swaks looks similar to the smtp telnet test that I run that produced the following error:
rcpt to: accounting@etched-metal.com
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)

I emailed this error to the person that does the support for email and Windows.

What I hoped would be a quick fix is anything but that.  
I am waiting to hear from the Windows support person to see if he know how to resolve the error.

Thanks,
Dan
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
swaks -q rcpt -t is both incomplete (there's no to address) + will likely fail, because you have no from address. Almost every MTA will reject mail from an external site using a from address of root@localhost.localdomain as this address can't be verified via SPF records.

To have email delivered to most sites these days, you must send email from an IP with an SPF record for your domain, which says the IP is valid for sending email for your domain.

For example, if I send email from david@davidfavor.com then the IP I send/relay through must have an SPF record saying sending mail for the davidfavor.com domain is valid. This SPF record must be associated with the davidfavor.com domain, like this...

dig +short mailgun.davidfavor.com txt
"v=spf1 include:mailgun.org ~all"

Open in new window


Which says the IP related to the host mailgun.davidfavor.com can send email for the davidfavor.com domain, then I relay my email from david@davidfavor.com through mailgun.davidfavor.com + I get 100% deliverability.

So when you use swaks, you must...

1) Send using a valid from address.

2) Relay your message through a service which is valid to send your email (via an SPF record).

I suggest you use MailGun, as you can send 10K messages/month with no charge + their debugging facilities are stellar.

Then setup an SMTP credential for your domain (in MailGun) + send messages using swaks like this...

swaks -s smtp.mailgun.org:587 -tls -auth -au postmaster@mailgun.davidfavor.com -ap your-key-here --from=valid-email --to=someone@gmail.com

Open in new window


I suggest you start by sending to a Gmail address, as Googles email deliverability requirements are stringent.

Once you can get Gmail to accept your email, likely you can send email to any domain.

Then move onto sending email to the accounting@etched-metal.com address you list above.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
BTW, I just sent an email to the above address + the email was delivered. Here's the MailGun record...

Delivered: david@davidfavor.com → accounting@etched-metal.com 'test Sat, 11 Nov 2017 11:37:02 -0600' Server response: 250 OK

Open in new window


So it appears the only problem is your sending end, not the receiving end.

Also this message was delivered via port 25 to one of these MX records...

imac> dig +short etched-metal.com mx
10 mx1.emailsrvr.com.
20 mx2.emailsrvr.com.

Open in new window


It's unclear to me why you're attempting involvement of port 587 at all.

Fix your sending end + all will be well.

If you get stumped, hire someone to setup your sending end for you.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dan KaibAuthor Commented:
David,

Thank you for all of your input.
I am involving port 587 because that is what the their support person had to be used when using smtp.emailarray.com.

This is not worth the bother to send 1 email daily.
I'm going to try one other change to sendmail if that does not work they can setup a printer and have the summary printed.

This is what happens when you are the 4th person involved in an old installation from 2006 running an old OS and applications.
Like I said previously along the line that the original install of the OS did not setup a system name it was left as localhost.localdomain.

I thought this would be resolved by putting 587 here and smtp.emailarray.com there, rebuild sendmail and viola you are done.
I know sending email to etched-metal.com works, it has for years.

Thank you for all you tried to do.
Dan
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.