System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

sendmail problem -pls help me

rajesh73
Super Advisor

sendmail problem -pls help me

We have RHEL 5 server . i added this server in domain and mailrelay server. but we unable to send the mail. it is showing below error .pls help me this is urgent.

 

Error

[root@hn01 ~]# sendmail -q -v

 

Running /var/spool/mqueue/p9M3hVqq032284 (sequence 1 of 5)

<harish.h@rtech.com>... Connecting to mailrelay.rtech.com. via esmtp...

421 4.3.2 Service not available, closing transmission channel

>>> QUIT

<harish.h@rtech.com>... Deferred: 421 4.3.2 Service not available, closing transmission channel

9 REPLIES
Steven Schweda
Honored Contributor

Re: sendmail problem -pls help me

 
rajesh73
Super Advisor

Re: sendmail problem -pls help me

Hi,

sorry , please find the attached error report.

Matti_Kurkela
Honored Contributor

Re: sendmail problem -pls help me

It looks like there might be nothing wrong with your RHEL 5 server, but your mailrelay server is either not working or not configured to accept mails from your RHEL 5 server using the standard SMTP protocol.

 

(If it's a Microsoft Exchange server, it might be configured to accept mails using the proprietary Outlook protocol only - if that's the case, you'll need to have the mailrelay server administrator enable SMTP access.)

MK
rajesh73
Super Advisor

Re: sendmail problem -pls help me

Hi Matti_kurkela,
thanks for your suggestion. i already given a request to our network administrator to add the RHEL server to mailrelay . he also added . but still we are facing the error.

could you please confirm me this error only exchange server side or RHEL server side.

thanks
Matti_Kurkela
Honored Contributor

Re: sendmail problem -pls help me

According to your attachment, you get the same error message when using telnet to port 25. When you're testing with telnet, sendmail is not involved at all, so the message cannot come from the local sendmail.

 

The error message appears after the telnet command has output the "connected to <host>" and "Escape character is..." messages, so the message must come from the network connection.

 

The error message has the standard format of SMTP error messages: the error messages of the telnet command don't use that format. Obviously, whatever is at the other end of the connection is a mail server or some other application that is designed to handle mail using the SMTP protocol. It accepts your connection only to tell that it won't accept your mail, and then immediately closes the connection.

 

Unless you have configured a transparent SMTP proxy on your RHEL server, the problem must be outside the RHEL server. And a transparent proxy is a fairly advanced configuration: it's not likely you could have created one by accident. Anyway, run "iptables -L -vn -t nat" to be sure. Normally, it should display a set of empty tables, like this:

# iptables -L -vn -t nat
Chain PREROUTING (policy ACCEPT 262K packets, 23M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 160K packets, 16M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 569K packets, 61M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 529K packets, 53M bytes)
 pkts bytes target     prot opt in     out     source               destination    

 If the output contains more lines than that (especially lines mentioning "tcp dpt:25" or the IP address of the mailrelay server), then it would be possible that you have a transparent proxy in your RHEL server.  But if the output looks like my example above, the error definitely comes from somewhere outside your RHEL server.

 

It could be possible to install an email anti-virus server as a transparent proxy to protect the Exchange mail server. Do you know if something like this has been done? Your network administrators should definitely know, as setting up an external transparent proxy requires an advanced router/firewall configuration. If your network has such an anti-virus server, then the configuration of the anti-virus server needs to be changed to accept mail from your RHEL server.

MK
rajesh73
Super Advisor

Re: sendmail problem -pls help me

Hi,

Exactly your suggestion is very useful. now i turn off the iptables. now send mail working fine. but we unable to communication some database server.

again we turn on the iptables , we able to communicate data base servers, but send mail is not working.

please advice next step what can i do.
rajesh73
Super Advisor

Re: sendmail problem -pls help me

i want to share one small input , total we have 6 RHEL server. one is master node and remaining 5 is slave node. through ip forwarding concept it is working
Matti_Kurkela
Honored Contributor

Re: sendmail problem -pls help me

Apparently your iptables configuration needs to be modified to allow sendmail and the database server connections simultaneously. The best way would be to find someone at your site who has designed the current configuration and understands the network infrastructure at your site. He/she would probably be able to suggest the appropriate changes.

 

If nobody at your organization can help with this problem, find out if you're allowed to post your iptables configuration here for analysis. I would check very carefully before posting: posting your iptables configuration in a public forum (like this HP forum) could give out entirely too much information about the structure of your network and its possible weaknesses. If a company policy says that posting internal configuration information is not allowed, your only option to get help might be to hire someone who really understands iptables and have him/her sign the appropriate NDA before allowing him/her to work on the configuration.

 

Alternatively, you might have to learn iptables yourself, figure out what is going wrong in your current configuration, and fix it.

Here is a picture that describes when each individual IPtables table is used:

http://run.tournament.org.il/files/Pictures/IPTables.jpeg

 

You'll also need the iptables documentation:

http://www.netfilter.org/documentation/index.html#documentation-howto

MK
rajesh73
Super Advisor

Re: sendmail problem -pls help me

Hi Matti_kurkela,

Thanks for your message. first we check our internal team. after i revert back to you.

thanks .......