Having troubles with sendmail and DNS... mail server behind a router

halborr · 02-18-2010, 04:40 PM

So I'm having troubles setting up a mail server...

First of all, anyone want to try to telnet into <snip> on port 25 and see if it's blocked? I don't think it is, but you never know.

How long does it usually take for MX records to get around? I've had this set up for about a day now and still don't see any MX records on any lookup site I go to.

I'm currently using slackware 12.2's default sendmail configuration. Should I change anything? I started sendmail on my laptop and got emails going within the LAN but I cannot send emails over WAN (i.e. to/from yahoo or google accounts).

Anything I'm missing here?

bathory · 02-18-2010, 04:54 PM

Hi,

The smtp port is closed from outside.
For the rest you can use intodns.com to check your dns settings.

Regards

tuxrules · 02-18-2010, 06:13 PM

As bathory indicated, port 25 is probably closed i.e. you cannot send email from your server port 25 to the outside world. Check your isp website for details. Most likely you can relay mail to your isp server which will take your email to outside world.

Hangaber · 02-18-2010, 06:40 PM

There's two parts here... you say there are issues with to AND from something such as yahoo. Chances are, you have two separate problems here.

For sending emails - checking the /var/log/maillog for a message and/or the queued files in /var/spool/mqueue should give a good starting point.

If you're not relaying outbound emails through an ISP email server..
[your pc does the DNS MX lookup for @yahoo.com and connects directly to the SMTP for yahoo.com...]
Then you may find that may ISPs and sites block mails coming directly from residential IP blocks. You may have to adjust your sendmail.mc (and create a sendmail.cf from this) to relay email through your ISP or another SMTP server.)

Some ISP's even block any outbound connection to destination port 25 to anything but their own mail servers.

For receiving emails (which would probably be more applicable to the DNS MX record); You can use 'dig -t MX' to check what the DNS record returns.

You can also ask other DNS servers what they resolve the record to...
dig @8.8.8.8 -t MX yoursite.com
(To ask "8.8.8.8" for the MX record for yoursite.com)

Likewise, if you have blocked port 25, or your ISP is blocking external connections to your port 25, you may have to set up another solution.

halborr · 02-19-2010, 05:56 PM

Sweet! I now have outgoing!

You were right, though, it seems I cannot recieve due to MX errors. I will continue working on this and come back with any more questions.

halborr · 02-21-2010, 10:07 PM

Alright, let's get some incoming mail working. I've opened up port 587 just for kicks and it doesn't work, although sendmail is listening on that port. I'm not quite sure what to look at. MX records are non-existent even though my registrar says they should be, but should that prevent me from receiving mail if the server name is specified (e.g. user@sample.mailhere.net)?

Anyone want to throw out some wild ideas to look at? Just might find something...

tuxrules · 02-22-2010, 07:20 AM

Quote:

Originally Posted by halborr

Alright, let's get some incoming mail working. I've opened up port 587 just for kicks and it doesn't work, although sendmail is listening on that port.

submission port (587) is mainly used by end users to submit mail to the server e.g. thunderbird, kmail users. If you are expecting emails on port 587, they won't come unless MUAs are configured to use your 587 port. Emails from outside world (other servers) come on port 25 so you need to open up port 25.

Quote:

Originally Posted by halborr

MX records are non-existent even though my registrar says they should be, but should that prevent me from receiving mail if the server name is specified (e.g. user@sample.mailhere.net)?

I think you absolutely need MX before you can receive mail. It doesn't matter if you specify the whole name, dns queries are made for mx records of your tld. If they don't exist, your mail will be rejected.

halborr · 02-23-2010, 03:53 PM

Quote:

submission port (587) is mainly used by end users to submit mail to the server e.g. thunderbird, kmail users. If you are expecting emails on port 587, they won't come unless MUAs are configured to use your 587 port. Emails from outside world (other servers) come on port 25 so you need to open up port 25.

So how would I get around this if my ISP blocks port 25?

tuxrules · 02-23-2010, 04:28 PM

Quote:

Originally Posted by halborr

So how would I get around this if my ISP blocks port 25?

ISPs usually don't block incoming on port 25 so you should be able to receive emails just fine. You are already able to relay emails through your ISP so I guess you're all set.

halborr · 02-23-2010, 04:59 PM

Alright. I'll just wait for help from my registrar about setting up MX records correctly. Muchas gracias!

bgeddy · 02-23-2010, 05:34 PM

Quote:

I think you absolutely need MX before you can receive mail. It doesn't matter if you specify the whole name, dns queries are made for mx records of your tld. If they don't exist, your mail will be rejected.

That's not the way it works for me! I have a domain hosted with DynDNS.com and no MX record exists for it. Dig doesn't return an MX record anyway. I can, however, receive mail on a server I run via that domain sent from outside. The domain is bgeddy.homelinux.org if anyone wants to check the MX record. This is quoted from the DynDNS website:

Quote:

Technically, a domain does not require MX records to receive email. By default, a sending mail server should attempt to deliver mail to the host itself if no MX record is present. For example, if a sending server is trying to deliver mail to user@domain.com, and domain.com has no MX records, it will try connecting to any mail server at domain.com itself.

However, it is highly recommended to create MX records for your domain, even if they seem redundant or unnecessary; in the above example, domain.com should still have at least one MX record set to domain.com itself to help ensure delivery, like so:

domain.com 43200 MX 10 domain.com

Some non-RFC-compliant servers will fail to deliver email for domains that lack MX records, including certain versions of Microsoft Exchange, and there is certainly no harm in creating redundant MX records for your domain. (Naturally, if you do not have a mail server for your domain at all, MX records are unnecessary.)

So it look like a MX record is not strictly needed. I know I can receive mail anyway.

halborr · 03-01-2010, 03:59 PM

Okay, so MX is set up correctly, and I still cannot recieve mail. I emailed my ISP and it turns out that they do not in fact block port 25. Hrm...

Code:

dnl# Custom, but from the default slackware config. To generate
dnl# the sendmail.cf file from this (perhaps after making some changes),
dnl# use the m4 files in /usr/share/sendmail/cf like this:
dnl#
dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc
dnl# cd /usr/share/sendmail/cf
dnl# sh Build config.cf
dnl#
dnl# You may then install the resulting .cf file:
dnl# cp config.cf /etc/mail/sendmail.cf
dnl#
include(`../m4/cf.m4')
VERSIONID(`setup for Slackware Linux')dnl
OSTYPE(`linux')dnl
dnl#DOMAIN(`bilbo.plrr.net')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# Uncomment the line below to send outgoing mail through an external server:
define(`SMART_HOST',`mail.cfu.net')
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
dnl# DAEMON_OPTIONS(`Port=submission, Name=MSA,M=Ea')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
dnl FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl

This is my current config.mc (compiled into .cf of course). Is there anything obviously wrong here? I'm forwarding port 25 to my machine. I'm not currently starting any special services in inetd.conf. Everything looks like it should work, but I cannot recieve...

BUMP.

Chuck56 · 03-01-2010, 05:23 PM

What's in your Cw file (/etc/mail/local-host-names)? Any mail destined for the domains listed would be accepted for local users.

halborr · 03-01-2010, 06:56 PM

Nothing. Right now I don't have time to look up the documentation (supposed to be writing a paper on Huck Finn), but can I put a wildcard in there or something? (or remove the need for that file altogether, unless it's advantageous to have it there for some reason?) Thank you, I did not look at that file before.

EDIT: Oh, it is the domains for the local machine. I see.

halborr · 03-01-2010, 09:10 PM

So I put in the top-level domain and the second level domain in local-host-names file as such:

Code:

plrr.net
bilbo.plrr.net

And it didn't change a thing. Did I do something wrong? Anyone else see something?