LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   can't get sendmail to send messages outside (https://www.linuxquestions.org/questions/linux-server-73/cant-get-sendmail-to-send-messages-outside-4175509764/)

johnpuppa 07-01-2014 11:43 AM
can't get sendmail to send messages outside
 
Hello guys, I'm trying to set up a basic mail server only for fun..
Yesterday I managed to have it working but today for some reasons it does not work anymore..

I would like to avoid postfix although I managed to make it working with it..

I have port forwarding configured on my router to redirect smtp to 192.168.0.6 (internal address) and the firewall is open on smtp

Here is the situation:
Quote:
bash-4.2$ netstat -nl |grep 25
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN


nmap -sS my.example.org

Starting Nmap 6.40 ( http://nmap.org ) at 2014-07-01 17:18 IST
Nmap scan report for my.example.org (127.0.0.1)
Host is up (0.0000080s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
25/tcp open smtp
587/tcp open submission

Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds
I'm using noip with dinamic client

Logs:
Quote:
Jul 1 17:13:03 my sm-mta[25249]: s61GCgSU025249: from=<frank@my.example.org>, size=464, class=0, nrcpts=1, msgid=<20140701161241.GA25245@my.example.org>, proto=ESMTP, daemon=MTA, relay=my.example.org [127.0.0.1]
Jul 1 17:13:03 my sendmail[25248]: s61GCfQs025248: to="email address", ctladdr=frank (1000/100), delay=00:00:22, xdelay=00:00:21, mailer=relay, pri=30305, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s61GCgSU025249 Message accepted for delivery)
Jul 1 17:13:04 my sm-mta[25252]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Jul 1 17:13:05 my sm-mta[25252]: s61GCgSU025249: to=<"emailaddress">, ctladdr=<frank@my.example.org> (1000/100), delay=00:00:03, xdelay=00:00:02, mailer=esmtp, pri=120464, relay=gmail-smtp-in.l.google.com. [173.194.67.26], dsn=5.0.0, stat=Service unavailable
Jul 1 17:13:05 my sm-mta[25252]: s61GCgSU025249: s61GD5SU025252: DSN: Service unavailable
Jul 1 17:13:05 my sm-mta[25252]: s61GD5SU025252: to=<frank@my.example.org>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31693, dsn=2.0.0, stat=Sent
/etc/hosts :
Quote:
# For loopbacking.
127.0.0.1 localhost.localdomain
127.0.0.1 my.example.org
192.168.0.6 my.example.org
192.168.0.6 = internal wirless network address.

/etc/resolv.conf:
Quote:
# Generated by dhcpcd from wlan0
# /etc/resolv.conf.head can replace this line
domain my.example.org
nameserver 192.168.0.1 #(router)
dhcp on wireless...

I keep getting the DNS Service unavailable error..

As I said yesterday I managed to make it working by mean of postfix as well. Then I removed postfix and it kept working.. Today I could not get it to work.

there must be a mistake regarding the MX, but I don't quite know how to set them..

I thought it was sensible to cover email address and domain..

anyone who can help?

Ser Olmy 07-02-2014 02:38 PM
That's a DSN (Delivery Status Notification) error, not a DNS error.

The log clearly shows that the Google server name is resolved properly, and the error code is being returned by that server. For some reason, the server is rejecting your mail.

You say you use No-IP; were you by any chance affected by the recent domain seizure by Microsoft? Do all your domain records still resolve properly on the Internet?

Have you checked that your IP address isn't (incorrectly) listed in any of the popular RBLs? I recommend you check your IP address against the SpamHaus and SpamCop lists.

Have you configured SPF records for your domain? That should prevent other MTAs from rejecting your mails as possible spam.

Have you checked the user and Postmaster mailboxes for non-delivery reports?

johnpuppa 07-02-2014 06:49 PM
Hello Ser, thanks for helping..

My domain seems to resolve fine so I don't think I was affected by the takedown. However no list seem to be provided..
I checked my Ip and it's not blocked by any RBl

The SPF is a good questions, so far I haven't been able to configure a MX records. There is a SPF tool on the website, but I can't manage to get a proper format.. I don't know.. Also tried with other example, stick the string resulting into the box and still errors..
tried with spfwidzard.net.. No luck so far...

The undelivered message from the dns is such..: So it seems to be considered as spam.. But the other day worked.. Now I can't even receive mail from google.. nothing in the log... I don't know how to tackle this problems and where the error lays..
So annoying...
Quote:
Our system has detected that this
message is 550-5.7.1 likely unsolicited mail. To reduce the amount of spam
sent to Gmail, 550-5.7.1 this message has been blocked. Please visit
550-5.7.1 http://support.google.com/mail/bin/a...&answer=188131
for 550 5.7.1 more information. fv8si21750777wib.73 - gsmtp (in reply to
end of DATA command)

Ser Olmy 07-03-2014 06:54 AM
Quote:
Originally Posted by johnpuppa (Post 5197675)
The SPF is a good questions, so far I haven't been able to configure a MX records. There is a SPF tool on the website, but I can't manage to get a proper format.. I don't know.. Also tried with other example, stick the string resulting into the box and still errors..
tried with spfwidzard.net.. No luck so far...
In your initial post you said your setup worked until just recently, but now you say you haven't created an MX record? Did you mean an SPF record?

If the MX record points to your mail serer (via an A record), creating an SPF record should be a breeze. All you need to do is to create a TXT record with no name containing "v=spf1 mx ~all" (without the quotes).

Quote:
Originally Posted by johnpuppa (Post 5197675)
The undelivered message from the dns is such..: So it seems to be considered as spam..
Create an SPF record, and there's an excellent chance Google will start accepting your mails.

johnpuppa 07-03-2014 09:38 AM
On the NoIp website there is a Mx record, where I simply put my hostname. Then I tried adding SPF as you have suggested.
I could receive some message from gmail.
Sending messages from my web server is impossible.. No I get this errors:

Quote:
relay=mail1.no-ip.com[8.23.224.50]:25, delay=1.3, delays=0.08/0.01/1/0.22, dsn=5.7.1, status=bounced (host mail1.no-ip.com[8.23.224.50] said: 554 5.7.1 <myemail@gmail.com>: Relay access denied (in reply to RCPT TO command))
The mail delivery subsistem instead append this:
Quote:
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain freelife.zapto.org by mail1.no-ip.com. [8.23.224.50].

The error that the other server returned was:
554 5.7.1 <frank@freelife.zapto.org>: Relay access denied
I don't know where the mail1.no-ip.com come from.. I quite confused.. every post online seems not to help and I have tried different things, ending probably in a big mess..

Ser Olmy 07-03-2014 10:00 AM
Quote:
Originally Posted by johnpuppa (Post 5198006)
On the NoIp website there is a Mx record, where I simply put my hostname.
That is correct. An MX record should point to a host name, which in turn should point to the IP address of the mail server.
Quote:
Originally Posted by johnpuppa (Post 5198006)
Then I tried adding SPF as you have suggested.
I could receive some message from gmail.
Sending messages from my web server is impossible.. No I get this errors:
Code:
relay=mail1.no-ip.com[8.23.224.50]:25, delay=1.3, delays=0.08/0.01/1/0.22, dsn=5.7.1, status=bounced (host mail1.no-ip.com[8.23.224.50] said: 554 5.7.1 <myemail@gmail.com>: Relay access denied (in reply to RCPT TO command))
Did you attempt to send an e-mail from or via your mail server to a Gmail account when you got this error message?
Quote:
Originally Posted by johnpuppa (Post 5198006)
The mail delivery subsistem instead append this:
Code:
Google tried to deliver your message, but it was rejected by the server for the recipient domain freelife.zapto.org by mail1.no-ip.com. [8.23.224.50].

The error that the other server returned was:
554 5.7.1 <frank@freelife.zapto.org>: Relay access denied
This message says that one of Google's mail servers accepted a mail for delivery, but the mail server for the domain in question (the server the MX record points to) rejected the message.

The two errors seem to relate to two entirely different e-mails. Please state exactly what action generated these messages.

Quote:
Originally Posted by johnpuppa (Post 5198006)
I don't know where the mail1.no-ip.com come from.. I quite confused.. every post online seems not to help and I have tried different things, ending probably in a big mess..
If the error mentioning mail1.no-ip.com relates to an outbound message from your mail server, then either the recipient domain has an incorrect MX record or your server is configured to use the wrong Smart Host.

If the error relates to inbound mail to your domain, then either your MX record is pointing to the wrong server, or the changes you made haven't yet propagated to other DNS servers on the Internet (due to the old record being cached).

johnpuppa 07-03-2014 10:32 AM
Yes indeed the first scenario was a message delivery that I tried to send from my google account to my server.
The second error is something I received while trying to send a message from my server to google.

I have cleared the logs restart postfix and now here is the full log while trying to send a message from my web server:
Quote:
tail -f /var/log/maillog
Jul 3 16:21:43 darkstar postfix/postfix-script[6423]: starting the Postfix mail system
Jul 3 16:21:43 darkstar postfix/master[6425]: daemon started -- version 2.10.2, configuration /etc/postfix
Jul 3 16:22:38 darkstar postfix/pickup[6426]: BB908209A1: uid=1000 from=<frank>
Jul 3 16:22:38 darkstar postfix/cleanup[6446]: BB908209A1: message-id=<20140703152238.GA6441@darkstar.freelife.zapto.org>
Jul 3 16:22:38 darkstar postfix/qmgr[6427]: BB908209A1: from=<frank@freelife.zapto.org>, size=468, nrcpt=1 (queue active)
Jul 3 16:22:40 darkstar postfix/smtp[6448]: BB908209A1: to=<myemail@gmail.com>, relay=mail1.no-ip.com[8.23.224.50]:25, delay=1.5, delays=0.08/0/1.2/0.22, dsn=5.7.1, status=bounced (host mail1.no-ip.com[8.23.224.50] said: 554 5.7.1 <myemail@gmail.com>: Relay access denied (in reply to RCPT TO command))
Jul 3 16:22:40 darkstar postfix/cleanup[6446]: 5D9F6209B2: message-id=<20140703152240.5D9F6209B2@freelife.zapto.org>
Jul 3 16:22:40 darkstar postfix/bounce[6449]: BB908209A1: sender non-delivery notification: 5D9F6209B2
Jul 3 16:22:40 darkstar postfix/qmgr[6427]: 5D9F6209B2: from=<>, size=2412, nrcpt=1 (queue active)
Jul 3 16:22:40 darkstar postfix/qmgr[6427]: BB908209A1: removed
Jul 3 16:22:40 darkstar postfix/local[6450]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Jul 3 16:22:40 darkstar postfix/local[6450]: 5D9F6209B2: to=<frank@freelife.zapto.org>, relay=local, delay=0.08, delays=0.04/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to mailbox)
Jul 3 16:22:40 darkstar postfix/qmgr[6427]: 5D9F6209B2: removed
I read in another forum that the Nis warning is not so important, so I did not do any attempt to fix it..
As you can see I still get the annoying message "Relay access denied"

johnpuppa 07-03-2014 10:49 AM
Also I have another question, see for instance I have this noip account freelife.zapto.org. What the hostname of my machine should be?
Cause I noticed that it append it to the hostname changing it to: frank@myhostname.freelife.zapto.org Shouldn't it be avoided?


All times are GMT -5. The time now is 02:29 AM.