Sendmail: Helo command rejected: Host not found

mfoley · 07-12-2017, 02:06 PM

I'm having a problem sending to a particular recipient. My messages get reject with the error:

Code:

Jul 12 14:50:49 mail sm-mta[25572]: v6BMdEdB023525: to=<dovecot@dovecot.org>, ctladdr=<mfoley@mail.hprs.local> (1000/100), delay=20:11:35, xdelay=00:00:00, mailer=esmtp, pri=4548076, relay=dovecot.org. [94.237.25.159], dsn=4.7.1, stat=Deferred: 450 4.7.1 <mail.hprs.local>: Helo command rejected: Host not found

I tried sending this message manually using a `telnet smtp` session. I entered "HELO mail.hprs.local" and after I entered "RCPT to: dovecot@dovecot.org" I go the "Helo command rejected: Host not found" message.

When I did the same thing using "HELO mail.ohprs.org" I didn't get that error and my message apparently sent OK.

Now, mail.hprs.local is the actual local host and domain name of this computer. mail.ohprs.org is the public domain name. It seems to me that the recipient server is rejecting the message because it can't find mail.hprs.local -- which of course it wouldn't.

How can I get the public FDQN into my mail dialog? In my sendmail.rc file I have:

MASQUERADE_AS(`ohprs.org')dnl
MASQUERADE_DOMAIN(`ohprs.org')dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`always_add_domain')dnl

but that obviously isn't getting the job done.

Suggestions?

scasey · 07-12-2017, 07:45 PM

Not familiar with sendmail...I use another MTA. But, generally speaking, you probably don't want to try to fool foreign servers into thinking you're some other domain/server, and maybe you can't.

Configure your server to use the other server to send your mail instead. Maybe someone who knows sendmail will provide help on how to do that. Looks doable to me in web searches, but the responses are all Greek to me...

This thread may help, too.

mfoley · 07-12-2017, 09:44 PM

I'm not using an 'other server'. mail.hprs.local is the mail server's local Active Directory FDQN. I.e. local LAN. mail.ohprs.org is the public FDQN and is what has the SSL Certificate. I need external mail servers to see mail.ohprs.org, not mail.hprs.local. I've set ohprs.org as the domain in MASQUERADE_AS, but that doesn't appear to be working.

Yes, I'll need some sendmail expertise on this.

JJJCR · 07-12-2017, 09:56 PM

Have you bump to this link: https://www.cyberciti.biz/tips/sendm...ion-howto.html

and this link also: https://www.bonusbits.com/wiki/HowTo...n_Masquerading

Good luck!

mfoley · 07-13-2017, 10:22 AM

I've used some of those settings in JJJCR's links. Still having problems. I've set:

Code:

define(`confHELO_NAME', `mail.ohprs.org')dnl
MASQUERADE_AS(`ohprs.org')dnl
MASQUERADE_DOMAIN(`ohprs.org')dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`always_add_domain')dnl
dnl#EXPOSED_USER(`root')dnl

An I still get:

Code:

   ----- The following addresses had permanent fatal errors -----
<rover@novatec-inc.com>
    (reason: 553 5.1.8 <rover@novatec-inc.com>... Domain of sender address root@mail.hprs.local does not exist)

and on the target server maillog:

Code:

Jul 13 11:15:50 server sm-mta[32690]: STARTTLS=server, relay=mail.ohprs.org [98.102.63.107], version=TLSv1.2, verify=FAIL, cipher=DHE-RSA-AES256-GCM-SHA384, bits=256/256
Jul 13 11:15:50 server sm-mta[32690]: v6DFFoFL032690: ruleset=check_rcpt, arg1=<rover@novatec-inc.com>, relay=mail.ohprs.org [98.102.63.107], reject=553 5.1.8 <rover@novatec-inc.com>... Domain of sender address root@mail.hprs.local does not exist
Jul 13 11:15:50 server sm-mta[32690]: v6DFFoFL032690: from=<root@mail.hprs.local>, size=20282, class=0, nrcpts=0, proto=ESMTPS, daemon=MTA, relay=mail.ohprs.org [98.102.63.107]

This message was sent from root. I can send the message from a non-root user, or from root using mailx if I specify -r sender.

Other ideas?

Laserbeak · 07-13-2017, 01:02 PM

Your sendmail is set up to check the domain of the sender's e-mail through DNS or whatever name lookup software you have.

This is a good thing, otherwise spammers would be using your mail server to send out spam.

If you really want to send e-mail from <mfoley@mail.hprs.local> can you try add mail.hprs.local to the /etc/hosts file of the sendmail server? So you'd add a line to /etc/hosts:

Code:

127.0.0.1   mail.hprs.local

replacing 127.0.0.1 with your IP address.

or, if they are the same machine, you can have both lines.

bathory · 07-14-2017, 02:23 AM

Quote:

This message was sent from root. I can send the message from a non-root user, or from root using mailx if I specify -r sender

Looks like root is still EXPOSED. Check sendmail.cf for "C{E}root" and comment it out.

You can also add:

Code:

MASQUERADE_DOMAIN(mail.hprs.local)dnl

in sendmail.mc, rebuild sendmail.cf and restart sendmail