Redhat 9, sendmail, iptables

TomServo3k · 07-01-2003, 02:27 PM

I installed RedHat 9 and setup sendmail (along with ssh, http, etc). The iptables settings, below, are installed. The web server, telnet and ftp work. Sendmail doesn't. I can connect locally as localhost (telnet localhost 25) but not by name (telnet mydomain.com 25) even from the local machine, much less from any other machine on the lan, or externally. I'm not a newbie, but apparently not an expert either. I've set up sendmail on RedHat 6 and 7 before but I seem to be missing something on 9.

The message I get is

Trying 192.168.2.35...
telnet: connect to address 192.168.2.35: Connection refused

Any help would be very much appreciated. This is all that's keeping my site from going live.

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
-A INPUT -j RH-Lokkit-0-50-INPUT
-A FORWARD -j RH-Lokkit-0-50-INPUT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
COMMIT

emence · 07-01-2003, 02:30 PM

you need to edit the /etc/mail/local-host-names file and make an entry like:

my.domain.com

also be sure that you have my.domain.com listed in your /etc/hosts

service restart sendmail and you are done.

TomServo3k · 07-01-2003, 02:39 PM

I already have done that. Also in hosts file. Also in mail/access. The problem persists. Keep in mind, I can (telnet 127.0.0.1 25) and it works, but (telnet 192.168.2.35 25) fails. It seems more like a firewall / iptables issue to me, but I'm not sure.

david_ross · 07-01-2003, 02:40 PM

Also check your sendmail.mc file and "dnl" the line:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

This makes sendmail listen not just on the loopback. You will need to hash the mc file again afterwards.

emence · 07-01-2003, 03:06 PM

Quote:

Originally posted by david_ross
Also check your sendmail.mc file and "dnl" the line:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

This makes sendmail listen not just on the loopback. You will need to hash the mc file again afterwards.

That was kind of the point I was trying to get to. your firewall is fine. you dont have sendmail setup correctly

TomServo3k · 07-01-2003, 03:09 PM

Thank you, David - that did the trick!