Sendmail, why is SMART_HOST not showing as relay?

mfoley · 12-17-2019, 11:36 PM

Man, I'm accumulating email problems faster than I can find solutions!

I'm using Sendmail on host "hiram". I have SMART_HOST configured as novatec-inc.com, which is a completely different host. As recently as December 14, maillog entries showed novatec-inc.com as the relay. Here's an entry from DEC 8th:

Code:

Dec  8 06:03:04 hiram sm-mta[1178]: xB8B32mP001171: to=<stocksmith@hotmail.com>, delay=00:00:02, xdelay=00:00:01, mailer=relay, pri=120560, relay=novatec-inc.com. [184.57.60.212], dsn=2.0.0, stat=Sent (xB8B338f010909 Message accepted for delivery)

Here's an entry from today:

Code:

Dec 17 23:59:08 hiram sm-mta[26857]: xBI4x5cS026851: to=<stocksmith@hotmail.com>, delay=00:00:03, xdelay=00:00:02, mailer=esmtp, pri=99494, relay=hotmail-com.olc.protection.outlook.com. [104.47.45.33], dsn=2.0.0, stat=Sent (<CAKEYyvBkXkNDRTfEaWtjiwhU5Q5kRPS_5qK4R=_2oa0s1WQk5Q@mail.gmail.com> [InternalId=6601794235926...d.protection.outlook.com] 17559 bytes in 0.285, 60.036 KB/sec Queued mail for delivery -> 250 2.1.5)

Same recipient, 4 days later, not using SMART_HOST. Why? Both sending host "hiram" and relay host novatec-inc.com are servers I manage. I've checked everything I can think for settings on both. I can't figure out where else to look.

Before, when it was relaying properly, I could watch the maillog on novatec-inc.com and see the messages coming in from "hiram". Now, I can watch messages going out from "hiram", but nothing happens on novatec-inc.com.

sendmail.cf:

Code:

Djhiram.novatec-inc.com
DSnovatec-inc.com

Bottom line, "hiram" IS NOT relaying through novatec-inc.com. Can someone give me some ideas?

RandomTroll · 12-19-2019, 09:39 PM

I don't know the answer, but I notice in the first

Quote:

mailer=relay

, while the second has

Quote:

mailer=estmp

. I looked at my maillog and see that sendmail used my smart host only 6 times and that the mailer was never esmtp, always relay (except for internal mail). Either something is different about how you're sending the message or the routing has changed.

I also notice that the second message was only queued, the first sent. Is there an entry for the second confirming arrival?

mfoley · 12-20-2019, 05:06 PM

Quote:

Originally Posted by RandomTroll

I don't know the answer, but I notice in the first mailer=relay, while the second has mailer=estmp. I looked at my maillog and see that sendmail used my smart host only 6 times and that the mailer was never esmtp, always relay (except for internal mail). Either something is different about how you're sending the message or the routing has changed.

I believe the difference between the "mailer=relay" and "mailer=estmp" is exactly my point. The first message used novatec-inc.com as the relay, whereas the 2nd connected directly with the hotmail.com server. The question is why? As far as I know, I've changed nothing. If I have, I don't know what it would have been. The computers are still at the same IPs in both cases, and the same ISPs.

Quote:

I also notice that the second message was only queued, the first sent. Is there an entry for the second confirming arrival?

No, I don't see that it was delivered. Very likely because it is connecting directly to hotmail.com from the local host with no proper public FQDN and no rDNS (which is one of the main reasons I used a SMART_HOST in the first place). If it will help figure out the problem, my sendmail.mc is:

Code:

include(`../m4/cf.m4')
VERSIONID(`$Id: hiram.mc,v 1.0 2017/02/16 05:49:48 root Exp root $')dnl
OSTYPE(`linux')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`SMART_HOST',`novatec-inc.com')dnl
define(`confTO_IDENT', `0')dnl
define(`confDOMAIN_NAME', `hiram.novatec-inc.com')dnl
define(`confBAD_RCPT_THROTTLE',`1')dnl
define(`confCONNECTION_RATE_THROTTLE',`3')dnl
define(`confDEAD_LETTER_DROP',`/dev/null')dnl
define(`confDOUBLE_BOUNCE_ADDRESS',`nobody')dnl
define(`confDF_BUFFER_SIZE',`16384')dnl
define(`confXF_BUFFER_SIZE',`16384')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`lookupdotdomain')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl', `dul.dnsbl.sorbs.net')dnl
FEATURE(`delay_checks',`friend',`n')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
INPUT_MAIL_FILTER(`opendkim', `S=inet:8891@localhost')
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`t, b, j, _, {daemon_name}, {if_name}, {if_addr}')dnl
define(`confMILTER_MACROS_HELO',`s,{tls_version},{cipher},{cipher_bits},{cert_subject},{cert_issuer}')dnl
define(`confMILTER_MACROS_ENVRCPT',`r, v, Z')dnl
INPUT_MAIL_FILTER(`milter-bcc',`S=local:/var/run/milter-bcc.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
FEATURE(`relay_entire_domain')dnl
EXPOSED_USER(`root')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

This problem is driving me crazy and causing a lot of problems with mail delivery.

RandomTroll · 12-20-2019, 05:24 PM

You lean on a weak reed if you expect me to help. I always dispatch my messages with

Code:

sendmail -v

which allows me to watch. Maybe that will show you something. If the relayer refuses to relay your message sendmail will try to make a direct connection, I think. You can ask at https://groups.google.com/forum/?fro....mail.sendmail I've never gotten a useful answer there but others seem to have

RandomTroll · 12-20-2019, 07:43 PM

I set RELAY_MAILER.

mfoley · 12-21-2019, 11:28 AM

Quote:

Originally Posted by RandomTroll

You lean on a weak reed if you expect me to help. I always dispatch my messages with

Code:

sendmail -v

which allows me to watch. Maybe that will show you something. If the relayer refuses to relay your message sendmail will try to make a direct connection, I think. You can ask at https://groups.google.com/forum/?fro....mail.sendmail I've never gotten a useful answer there but others seem to have

Thanks RandomTroll. LQ expertise has usually proven the best for me.

Quote:

Originally Posted by RandomTroll

I set RELAY_MAILER.

Could you elaborate? Where do you set RELAY_MAILER and what do you set it to?

I think at this point I'm simply going to restore the system back to where is was a few weeks ago when it all worked and start over. I've compared with other systems I manage doing relaying and I simple cannot figure out the differences.

mfoley · 12-21-2019, 01:51 PM

OK, I got medieval on this system! I restored everything to the end of November when I did not have this problem. After doing so, the problem went away and relaying via novatec-inc.com started working again! I've checked all mail related configs in /etc/mail and they are identical with before the restore. Conclusion: the problem (probably) does not relate to sendmail configs.

What's different?

My pre-December network setup had this host ("hiram") configured as a behind-the-firewall host on a 192.168.0.0/24 subnet. Another host, I'll call it "router", at 192.168.0.1 was Internet facing with a public IP. All Internet requests for "hiram" arrived at "router" and were routed via iptables configs to "hiram". This included ports 25,22 and 80. "hiram" was configured to solict a DHCP IP and was 192.168.0.5. Router's public IP was configured in SMART_HOST novatec-inc.com's /etc/mail/access as RELAY.

The "new", non-working-relay, configuration simply removed "hiram" from being a member of the 192.168.0.0/24 subdomain and connected directly to the Internet with it's own public IP. Yes, the novatec-inc.com host did have hiram's IP configured in /etc/mail/access as a RELAY.

That's it!

Does anyone have any idea why that change would cause sendmail to NOT use the SMART_HOST relay novatec-inc.com? Current (now working) sendmail.mc is shown above.

RandomTroll · 12-21-2019, 09:56 PM

Quote:

Originally Posted by mfoley

Where do you set RELAY_MAILER and what do you set it to?

Quote:

define(`confRELAY_MAILER', `whateveritis.com')

define(`RELAY_MAILER_ARGS', `TCP $h 587')

in sendmail.mc.

Quote:

Originally Posted by mfoley

OK, I got medieval on this system! I restored everything to the end of November when I did not have this problem. After doing so, the problem went away and relaying via novatec-inc.com started working again!

What you changed made the difference: surprise.

Quote:

Originally Posted by mfoley

What's different?

Trying to figure out somebody else's routing is a headache I won't choose. Note I suggested it was a routing problem.

mfoley · 12-22-2019, 10:30 PM

RandomTroll: I'll check out the RELAY_MAILER macros. I looked at some of these when you first mentioned it but nothing struck me. I'll make a second pass at it.

Meanwhile, I've created a new, virgin Slackware host, "labrat", with the same public IP the problem host "hiram" used to have, and a new sendmail.mc with only those settings shown below. No access.db, no virusertable.db, no local-host-names, no aliases, no mailertable, NOTHING! Hopefully, as basic as you can get. I've tested sending a message to a 3rd host and this config did in fact route via the SMART_HOST.

So now I'll add the various /etc/mail config elements back one-by-one until I see where it breaks. I'll post back results here. It may take some time, but I need to get to the bottom of this because the "problem host" is a production computer and needs to work.

Code:

define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`SMART_HOST',`novatec-inc.com')dnl
define(`confTO_IDENT', `0')dnl
define(`confBAD_RCPT_THROTTLE',`1')dnl
define(`confCONNECTION_RATE_THROTTLE',`3')dnl
define(`confDEAD_LETTER_DROP',`/dev/null')dnl
define(`confDOUBLE_BOUNCE_ADDRESS',`nobody')dnl
define(`confDF_BUFFER_SIZE',`16384')dnl
define(`confXF_BUFFER_SIZE',`16384')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`lookupdotdomain')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl', `bl.spamcop.net')dnl
FEATURE(`delay_checks',`friend',`n')dnl 
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
EXPOSED_USER(`root')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

shawkbuner · 01-05-2020, 11:49 PM

Got it. Thanks by the way for the decompiling.