Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a webserver that was setup using CentOS and we have contact forms on it that send email and everything worked great on the internal network. We was told to make the website live and we changed the IP address of the server and moved it into the DMZ now it will not send email. If I move it back into our internal trusted network it works fine. The network path is allowed as I can send email with a windows server also in the DMZ using a vbscript file just as a test. Is there something else I need to change after moving this into the DMZ?
if i look in the maillog i see this...
Nov 1 15:37:44 localhost sendmail[1644]: wA1JbYES001642: to=<somename@mydomain.com>, delay=00:00:10, xdelay=00:00:09, mailer=esmtp, pri=120512, relay=mail2.mydomain.com. [1.2.3.4], dsn=4.0.0, stat=Deferred: Connection reset by mail2.mydomain.com.
I changed the real IP address to 1.2.3.4 and host names to mydomain.com.
Any ideas?
I should also add that I did a packet capture on the interface this connects to and there are no packets even going out to the email server.
Last edited by djtmailing; 11-02-2018 at 01:00 PM.
Have you tried sending email from command line to see if that works?
echo "test email" | mail -s "test email from command line" -r donotreply@yahoo.com <your valid email address here>
Some clarifications, please.
You said the server "will not send email", but the log entry you posted shows that it tried to send the email and that the connection to mail2.mydomain.com was reset.
Is mail2.mydomain.com your server? If so, it's apparently not configured to allow relaying from the new IP address.
You said the problem occurred when you made the server "public" A public server wouldn't have an IP in the 192.168.x.x netblock, right?
Is the IP you masked in your OP the IP of the mail (exchange) server or the sending server? It still looks to me like the sending server is not authorized/trusted when it's in the DMZ, which, presumably, you'd have to configure on the exchange server.
When I say public I mean move it into the DMZ which all of the servers in my DMZ do have a 192.168.100.0/24 address. There is a firewall in front of that where the public ip address is and the port is forward to the server.
the masked IP in the original post is the mail server public ip address.
I added the entire subnet of the DMZ to the exchange allow to relay list so if the windows server can connect and send mail the others should too right?
Also if I understand the telnet output right... it's not really a question of attempting to relay.
it looks like it connects and then just drops it. i should be able to authenticate and send mail or attempt to relay mail and it should say unable to relay. Or maybe I don't understand whats happening here.
(yes the IP is masked)
[user@host ~]$ telnet 1.2.3.4 25
Trying 1.2.3.4...
Connected to 1.2.3.4.
Escape character is '^]'.
Connection closed by foreign host.
[user@host ~]$ telnet 1.2.3.4 25
Trying 1.2.3.4...
Connected to 1.2.3.4.
Escape character is '^]'.
Connection closed by foreign host.
This is not correct; you need to make sure that firewall between server in DMZ and your SMTP server on internal network allows SMTP (TCP Port 25).
Here is what you should see:
Code:
[user@myserver ~]$ telnet 1.2.3.4 25
Trying 1.2.3.4 ...
Connected to 1.2.3.4 .
Escape character is '^]'.
220 <SMTP Server> ESMTP
HELO yahoo.com
250 <SMTP Server>
MAIL FROM: donotreply@yahoo.com
250 sender <donotreply@yahoo.com> ok
RCPT TO: <valid email address here>
250 recipient <valid email address here> ok
DATA
354 go ahead
Subject: Sending an email using telnet
Hello,
Here is my body? Do you like it?
cheers
.
250 ok: Message 43625516 accepted
quit
221 <SMTP Server>
Connection closed by foreign host.
Here I am using "donotreply@yahoo.com" as sender address, which I know works...
Another thing you can do, is from your CentOS server in DMZ, use mail command (example below) to send email. Then look at the message header to determine which server message was routed from and use that instead of your Exchange server.
Code:
echo "test email from command line on DMZ Server" | mail -s "test email from command line" -r donotreply@yahoo.com <your valid email address here>
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.