HPE Community
Operating System - Linux
1827808 Members
12436 Online
109969 Solutions
New Discussion

Re: sendmail does not !

 
Huc_1
Honored Contributor

‎11-20-2003 05:13 AM

‎11-20-2003 05:13 AM

sendmail does not !

I am having a real fight with sendmail the environment is

sendmail-8.12.8-9.90 on a Redhat 9.0 kernel 2.4.20-20.9

this sendmail is only for a local mail delivery nothing fancy here

Sometime ago after upgrading from 7.2 to 9.0 I noticed that I did not receive anymore mails

service sendmail at boot is flagged OK

so after some searching I found loads of messages like the following in /var/log/maillog

sendmail[1514]: hAK9hIeh001514: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30065, relay=[127.0.0.1]
[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]

At first I checked all sendmail files in old mail directory (/etc/) theses have moved upgrade and are now in /etc/mail as it should be all those files looked good

I then turn my attention to port smtp (25) i am still using ipchains here but this worked before so there no reason it should not work now ...this is always seen as close no matter what is in sendmail.fc

in /etc/hosts localhost is there I can ping this see it with ifconfig.

I try-ed lots of different m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

In fact I have an other linux 9.0 (also migrated to from 7.2 to 9.0) I copied the sendmail.mc
from there and created a sendmail.cf from that no luck ! it works on one system not on the other ? ... the only differences I see are as follow-es (from /var/log/maillog)

sendmail[6530]: hAKAo0vw001852: to=, ctladdr= (0/0), delay=00:00:02, xdelay=00:00:00, mailer=local, pri=30688, dsn=2.0.0, stat=Sent

why is one dsn=2.0.0 and the other dsn=4.0.0

I am probably failing to see the obvious here and I am looping, I never have been a sendmaid
expert but would like some help to get me on the way.


J-P
Smile I will feel the difference
0 Kudos
Reply
21 REPLIES 21
Alexander Chuzhoy
Honored Contributor

‎11-20-2003 05:16 AM

‎11-20-2003 05:16 AM

Re: sendmail does not !

I guess the problem is that in up to redhat 7.3 the configuration file was in /etc/ i.e
/etc/sendmail.cf
but starting from 8.0 it is
/etc/mail/sendmail.cf
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎11-20-2003 05:19 AM

‎11-20-2003 05:19 AM

Re: sendmail does not !

OK sorry I didn't read till the end (so tipical).
What's the entry of /etc/mail/access ?
did you try to telnet to port 25
and -is there an answer?
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎11-20-2003 05:26 AM

‎11-20-2003 05:26 AM

Re: sendmail does not !

try to execute the following:
telnet ip_address 25
helo test
mail from: huc@yyyy.mydom
rcpt to: root@yyyy.mydom
data
test message
.
quit

of course instead of writing just oress on it.... :)
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 05:26 AM

‎11-20-2003 05:26 AM

Re: sendmail does not !

Dont worry I do the same fly over questions, then opps!

Yes I tryed but port 25 always and up closed after I service sendmail restart with a new sendmail.cf

in /ztc/mail/access

localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY

J-P
Smile I will feel the difference
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-20-2003 05:27 AM

‎11-20-2003 05:27 AM

Re: sendmail does not !

Maybe your /etc/mail/access file got stomped on. Right now it appears your server can not relay off itself.

Or if you are using smart relay DS in sendmail.cf

Is relay authorized by hostname or ip address.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 06:02 AM

‎11-20-2003 06:02 AM

Re: sendmail does not !

Sorry for delay, but here is some more

telnet localhost 25

telnet: connect to address 127.0.0.1: Connection refused

Because port close

DS is null

I have attached sendmail.mc (in fact this is default one because figure t should work ... it does on the second linux !)

Perhaps some could send me an even more basic one ?

Smile I will feel the difference
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 06:06 AM

‎11-20-2003 06:06 AM

Re: sendmail does not !

oppp submit before attach ...

J-P
Smile I will feel the difference
0 Kudos
Reply
K.C. Chan
Trusted Contributor

‎11-20-2003 06:23 AM

‎11-20-2003 06:23 AM

Re: sendmail does not !

Huc,
There is a slight change on how sendmail is run on RH8-9. The easiest way I know of is start up sendmail, this starts up sendmail which listen on localhost and responsible for recieving, and a mail queue client which is responsible for sending mail. The spool dir is now /var/spool/mqueue and /var/spool/clientmqueue. Both sendmail daemon listen on locahost. One for dequeueing /var/spool/mqueue and the other for /var/spool/clientmqueue. Correct me if I am wrong, this is how I understand and got my to work.

If you feel you don't want to start up sendmail service then you need to do this on /etc/mail/submit.cf, edit "Ds" smart relay to forward mail to your mail server. Then you have to make sure all your cron messages are not going to root@localhost; otherwise it will be bounce back because there is no sendmail listening on localhost(Unless you start up sendmail offcourse, which listen on localhost by default).
Reputation of a thousand years can be determined by the conduct of an hour
0 Kudos
Reply
Alexander Chuzhoy
Honored Contributor

‎11-20-2003 06:37 AM

‎11-20-2003 06:37 AM

Re: sendmail does not !

Hey Huc! locate this line in your sendmail.mc file:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
and remove "Addr=127.0.0.1," from it.
Then
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
and then
service sendmail restart



Best regards...
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 07:04 AM

‎11-20-2003 07:04 AM

Re: sendmail does not !

Alexander I tryed this but no luck

When I start service sendmail and then do an nmap localhost i don't even get port 25 close ... port 25 is not there ...

I am going to try DS smart relay now

Will get get back to you with results

J-P
Smile I will feel the difference
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-20-2003 07:10 AM

‎11-20-2003 07:10 AM

Re: sendmail does not !

Diagnostic:

sendmail -v -d8 -d38 person@yourdomain.com
Type some text
.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 07:33 AM

‎11-20-2003 07:33 AM

Re: sendmail does not !

Connecting to [127.0.0.1] via relay...
jphuc@whatever... Deferred: Connection refused by [127.0.0.1]

I also tryed DS smart relay host in sendmail.cf

... Yesterday I could at least get to a stage
where nmap localhost would give port 25 as closed ... Dont get this far now ...

Boy am I glad this is not a very important system

... I wonder if this is not more an Ipchain problem ... because I have an other system that works and I have compared both the only diff i see now is one run ipchains the other iptables apart from that ??? well don't know

J-P
Smile I will feel the difference
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 07:50 AM

‎11-20-2003 07:50 AM

Re: sendmail does not !

Thank all for your help here I will grab some sleep now and ponder on this (will have a serious read at sendmail.doc ) and probably turn to iptables if I find the time ... I am getting stuborn on this one...

Hey SEP, pass the last 100 mark nearly there !
I am already rejoycing for you ..

J-P
Smile I will feel the difference
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-20-2003 10:07 AM

‎11-20-2003 10:07 AM

Re: sendmail does not !

OK could not leave it at that well i am a stubborn b......
could not let it rest !

Found it in fact I turn off ipchains and turn on to iptables
same result ... then i started looking at file security

It hit me I had been trying/testing out Bastille
on this node ... week prior to migrate 7.3 to 9.0

Review bastille decided to invoke bastille -r (revert)

I will have to turn it on again after but this is a test node right !

Well sendmail now works ! (received a lots of mail)

A lesson I shall not forget !

Thank you all, you have great merit for supporting/helping such an i....

J-P
Smile I will feel the difference
0 Kudos
Reply
Jerome Henry
Honored Contributor

‎11-21-2003 01:46 AM

‎11-21-2003 01:46 AM

Re: sendmail does not !

I'm discovering your thread. Whow, what an adventure !
That's why in fact (sorry Steven) I do not like Bastile too much, I feel it too 'turning you to a mind where you close your machine too much'.
Could you post what did exactly Bastille stop in your machine ?
Tks
(of course 0)
J
You can lean only on what resists you...
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-21-2003 02:09 AM

‎11-21-2003 02:09 AM

Re: sendmail does not !

Oops ! I hit the 3 pts bottom, I dont know what has been wrong with ITRC forums, but I could not reach until, now !

I will invetigate and post finding here, I dont have much time right now, but will get to the bottom.., not to urgent because this is a home test system.

J-P
Smile I will feel the difference
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-21-2003 04:01 AM

‎11-21-2003 04:01 AM

Re: sendmail does not !

When you let Bastille touch sendmail, you have to test immediately. I've had problems with what it does to sendmail and BIND over the past 15 months I've used it.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-21-2003 04:11 AM

‎11-21-2003 04:11 AM

Re: sendmail does not !

Yes I gave you our point to get there hourra Hourra

And yes you always said thar bastile is for the carefull and it probaly me, just sloppy on thar one ...

I am realy please to see you as a salad head !!

J-P
Smile I will feel the difference
0 Kudos
Reply
Patrick Van Humbeeck
Valued Contributor

‎11-26-2003 02:35 AM

‎11-26-2003 02:35 AM

Re: sendmail does not !

Hi Huc,

Good to see you fixed the problem already, just a little trick that you could have used to spare some time investigating the firewall side of things :

netstat -alpnt | grep sendmail would have shown you if sendmail was listening on port 25 or not, so you could have skipped the fw tests if it wasn't even listening on the port behind the fw.

Rgds,

Patrick
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎11-26-2003 04:14 PM

‎11-26-2003 04:14 PM

Re: sendmail does not !

Why when you try and relay do you get these results:

Connecting to [127.0.0.1] via relay...
jphuc@whatever... Deferred: Connection refused by [127.0.0.1]

I also tryed DS smart relay host in sendmail.cf

A deffered connection means the relay host is not accepting relay. I wonder why the relay would be going through the loopback port. Its not going to get anywhere like that.

Just a shot here, by try and do DS relay like this:
DS
[ip address of relay server]

save sendmail.cf

service sendmail restart

Make sure the IP address of this server is configured for relay in the server you are trying to relay off off. If its a Unix box add the IP of this box to the /etc/mail/access file.

Then do whatever you do to generate the hash databases and restart the sendmail daemon.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Huc_1
Honored Contributor

‎11-27-2003 02:45 AM

‎11-27-2003 02:45 AM

Re: sendmail does not !

Hi, Steven.
I have had little time to research on this because I am now actively seeking new job, and this get the priority, but in short on this home system there are 2 network cards (internet:eth0,lan:eth1) this system sole role is connect to outside world on denamd from other nodes on my LAN, on eth0 all is closed,on eth1 ssh is open and on localhost ssh and ipp are open . this setup used to run on 7.2 and ipchains I invoke a script by hand to enable masquerading when I need access to outside world from a node on the LAN.

This node run's the bare minimum services.

Now at some point after a full backup I installed and configured Bastille on this node to test/try bastille out and to make this even safer.

This gave me now problem what so ever all still ran as expected, used this for a few months ... then upgraded to 7.2 to 9.0 this did not cause any particilar problem, for most of the services, only sendmail got broken I saw this on at the console of the system (this one of the places where Bastille redirect mail messages/error), but this I put up to later check because, I only use this to deliver local mails, and have other system script to check my system/log...

Then when I wanted to get ride of this problem I found I could not get sendmail to start !! I got it to work when I undid Bastille !

It now work well that is I start it by hand once in a while, when I want to read local system mail !

and now if I do an nmap localhost I get
25/tcp open smtp
before I undid Bastille this only came up as close or did not show at all after service start sendmail.

I have had a look in the /var/log/Bastille/action-log

the only thing I pick-up is the following
{Fri Feb 21 12:48:04 2003} Didn't chkconfig_off bastille-firewall because we couldn't open /etc/rc.d/init.d/bastille-firewall

what That means I have not had time to check yet.

I will rerun bastille after a full backup will do this 1 step at a time when I have a little more time just to see if I can find why ?

I suppose there is a lock-down (close) of smtp some where ! because /etc/rc.d/init.d/bastille-firewall did not or could not run .

Humm !! a little long for a short resume !

J-P
Smile I will feel the difference
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.