Quote:
Originally Posted by freddy_rixcom
Hi All,
I'm trying to configure a messaging system based on php script with iptables, rsyslog and mysql. In the firewall server Sendmail is istalled so i'd like to use it to receive messages in the main mail server, located in DMZ.
In the Lan i've configured another linux server than works perfectly, sending mail messages to the server located in DMZ. After looking for some solution I've tried to configure sendmail to relay mail to the server but the only thing I reached is the following message:
"Deferred: Connection refused by mail.server.com"
message rest on queue and flushing it reply
Running /var/spool/mqueue/o9KFpBNS029132 (sequence 1 of 1)
<pluto@server.com>... Connecting to mail.server.com. via smtp...
<pluto@server.com>... Deferred: Connection refused by mail.server.com
Any ideas on how to solve it?
The server is a firewall gateway for the LAN and DMZ. eth0 is the public IP. Via Nat we receive email and web connections. eth1 is the lan interface named 192.168.20.1 and eth2 is the DMZ interface named 192.168.40.1. Mail server has 192.168.40.2. internal DNS server is 192.168.20.2.
with telnet i can enter the mail server from the firewall and if i try to resolve mail server name i obtain 192.168.40.2 so everything seems correct with network settings.
Thanks in advance for any help! |
Hey freddy,
I think ur scenario is
1. Every host can connect to eachother through firewal. Ok that's fine. Now nothing problem with network.
2. you got the "Deffered message" due to relay problem with Sendmail at SMTP-OUT server and couldn't receive at SMTP-IN server.
Ok Solution,
You have not cleared ur sendmail configuration, so i m explaining you on base of CentOS x/RedHat Linux 5x and Sendmail-8.13 0r above.
====================
1st. Tyr telnet to the Sendmail running server smtp for response like:
"telnet 192.168.40.2 25" ----> if you get something like
==========================
i think ur POP mail server is at 192.168.40.2 where sendmail also runs
[root@firewall ~]# telnet 192.168.40.2 25
Trying 192.168.40.2...
Connected to example.server.com (192.168.40.2).
Escape character is '^]'.
220 mail.server.com ESMTP Sendmail 8.14.4/8.14.4; Sat, 23 Oct 2010 16:47:37 +0545
==========================
That's perfect - u can try this through/out or ur DMZ. if it is fine then almost every thing is fine.
Now
2nd part is from Sendmail Configuration - from which your messages got "Deffered" by Mail Receving Server.
================
You can get some ideas from this link also:
http://www.ispexperts.com.np/?page_id=286
================
Firewall Sendmail Server Part:
--------------
Main thing is you have to configure two files(depends also from DNS configuration also) at SMTP-IN sendmail server(mail receiving) "/etc/mail/relay-domains, /etc/mail/mailertable".
If you want the sendmail installed at Firewall server to just relay mail to another server 192.168.40.2. u can use "relay-domains" and "mailertable" file. Or If you want your clients to use that Firewall Sendmail Server as SMTP-OUT then u have to relay the networks from "/etc/mail/access". You can look on the link of ispexperts.com.np which i have given above for SMTP.
------------------
Well, you want the firewall server only to use for Mail relay:
1.Configure your DNS server and add the MX pointing like
"IN MX 0 192.168.40.2"
(You need to keep your hostname instead of IP, better) zone entrys pointing to Your Firewall Sendmail Server.
about DNS configuration U can get help here:
http://www.ispexperts.com.np/?page_id=310
Secondly
Edit the /etc/mail/relay-domains file which is not by default. Just create the file.
# touch /etc/mail/relay-domains
Add the following line (keep in mind that which domain your have and you want to relay pointed by DNS. for ur case "server.com")
==============
server.com
============
Save it.
-------
Restart your sendmail server
#service sendmail start
or
#/etc/init.d/sendmail start
----------
Now configure /etc/mail/mailertable file. its purpose is to forward email received to another mailserver. You have relayed the domain "server.com" and now we could also define destination server which will receive email for it actually i:e POP server where the email gets stored at user's mail box.
--------------
# vi /etc/mail/mailertable ---> its there by default
Add the following line
=========
server.com smtp:[mail.server.com]
=========
save anc quit
===========
If your have just created the new mailertable file then u need to hash the mailertable file. like this "otherwise not"
#cd /etc/mail
#makemap hash mailertable < mailertable
# ls -la ---> there u can see mailertable.db and mailertable files.
Ok gr8 -> you are almost done.
--------------
keep in mind the rectangular bracket"[]" - if you didn't keep it aslo works, but every time your sendmail will lookup the domain and wastes around 2-4 miliseconds. its upto u.
--------------
==========
Next part Mail Receiving server where you have
--------
1.Run sendmail to listen on all interface (not only on 127.0.0.1)
2. Add your domain "server.com" inside /etc/local-host-names on a single line.
3. Run your POP service (like Dovecot,pop3d etc.)
Gr8 --> every thing done.
I think u got the idea for your scenario in this link
http://www.ispexperts.com.np
Give your response.
