HPE Community
Operating System - Linux
1830222 Members
1959 Online
109999 Solutions
New Discussion

Strange sendmail/telnet problem

 
Phil Foxton
New Member

‎01-24-2003 03:05 AM

‎01-24-2003 03:05 AM

Strange sendmail/telnet problem

I have a strange problem which has just recently reared it's head. We have a mail relay within our DMZ, handling mail for our two internal mail servers. From the internal gateway, and from the firewall I can telnet to port 25 on mail.mailwatch.com and smtp.btclick.com. BUT I cannot from the mail relay, I keep getting connection time outs. Doing a tcpdump on the firewall whilst trying to connect from the relay shows me that the packets are coming into the firewall and going out, but not returning. Tcpdump also shows me that if I try any other mail server that we are not having problems with, the packets come in, go out and then come back.

Any ideas?

Thanks in advance

Phil
0 Kudos
Reply
6 REPLIES 6
U.SivaKumar_2
Honored Contributor

‎01-24-2003 03:17 AM

‎01-24-2003 03:17 AM

Re: Strange sendmail/telnet problem

Hi,

Can you connect to port 25 of your mail-relay from Internet ( from outside firewall ) or In other words , does your Mail relay receive mails from Internet ?.

Also Can you send mail from your intranet to Internet ?

In sendmail mail-relay server do this.
#netstat -an
What all IP address does the smtp (port 25) LISTENING ?.

When you tried telnet from Mail-relay server which host format you used to telnet o port 25.

DNS name ?
IP address ?

Try giving IP addresses of your External interface and then Internal Interface.

#telnet xx.xx.xx.xx 25

If it works now , But not with hostname

#telnet mail.mydomain.com 25

That means you have to configure proper DNS server entries in /etc/resolv.conf file .
And direct to use dns in /etc/nsswitch.conf file

pl come back with results

regards,
U.SivaKumar


Innovations are made when conventions are broken
0 Kudos
Reply
Phil Foxton
New Member

‎01-24-2003 03:37 AM

‎01-24-2003 03:37 AM

Re: Strange sendmail/telnet problem

Yes to all questions, other mail is going out ok, and we can receive mail from users on those addresses.

We can also send mails from the internal network to the relay in the DMZ, and to other users (we have a number of users on several sites and inter-office mail (via the internet) works fine. Also resolving the name is not a problem - trying just the ip address works as does using the FQDN.

I am rapidly approaching a forehead/wall interface sceanario....:-)

Phil
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎01-24-2003 08:36 AM

‎01-24-2003 08:36 AM

Re: Strange sendmail/telnet problem

run dig yahoo.com

Do you get an answer?

If so, DNS is fine.

If not, check /etc/resolv.conf and make schanges so you get propery dns resolution.

You do not however need DNS resolution to use a relay server.

This is done with /etc/sendmail.cf

There is a DS directive

DS
[IP of the relay server]

Make sure this is set. You might not be able to ping it, becasue many mail relay servers are also firewalls that won't accept ping.

So try this mail diagnostic command:

It will give you the data you need to resolve your problem.

sendmail -v -d38 targetemail@somedomain.com

Type in a single line

type in a period and then hit enter.

This will display on screen(you can redirect to a file) the informaiton you need to diagnose the problem.

If you see connection refused, your relay server isn't allowing you to relay mail.

P
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Phil Foxton
New Member

‎01-24-2003 08:46 AM

‎01-24-2003 08:46 AM

Re: Strange sendmail/telnet problem

Steven,

Thankyou for your reply, I tried as suggested, but as mentioned above, resolution of names is not a problem, and the server is not doing the relaying, it is the relay for 2 servers inside the internal network.

I tried sending myself as suggested an email and I got this :

sendmail -v -d38 phil.foxton@intelligent-ms.com
cdsfsdafdas
.
phil.foxton@intelligent-ms.com... Connecting to mail.intelligent-ms.com. via esmtp...
220 grpware.intelligent-ms.com ESMTP Sendmail 8.11.2/8.11.2; Fri, 24 Jan 2003 16:29:52 GMT
>>> EHLO scratchy.base.ims
250-grpware.intelligent-ms.com Hello mailer.intelligent-ms.com [10.10.10.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250-AUTH GSSAPI
250 HELP
>>> MAIL From: SIZE=12
250 2.1.0 ... Sender ok
>>> RCPT To:
250 2.1.5 ... Recipient ok
>>> DATA
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 h0OGTqH14925 Message accepted for delivery
phil.foxton@intelligent-ms.com... Sent (h0OGTqH14925 Message accepted for delivery)
Closing connection to mail.intelligent-ms.com.
>>> QUIT
221 2.0.0 grpware.intelligent-ms.com closing connection

I then tried sending one to a problem address and got this:
sendmail -v -d38 a.user@eu.irco.com
test email
.
a.user@eu.irco.com... Connecting to mail.mailwatch.com. via esmtp...
a.user@eu.irco.com... Deferred: Connection timed out with mail.mailwatch.com.


dig mail.mailwatch.com gave this:

; <<>> DiG 9.1.0 <<>> mail.mailwatch.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40315
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;mail.mailwatch.com. IN A

;; ANSWER SECTION:
mail.mailwatch.com. 1801 IN A 204.253.83.157

;; AUTHORITY SECTION:
mailwatch.com. 82564 IN NS jcs1a.faxsav.com.
mailwatch.com. 82564 IN NS dcs2.netmoves.com.
mailwatch.com. 82564 IN NS njs1.faxsav.com.
mailwatch.com. 82564 IN NS nys2.netmoves.com.

;; ADDITIONAL SECTION:
dcs2.netmoves.com. 88201 IN A 204.124.244.65
njs1.faxsav.com. 88201 IN A 204.124.245.9
nys2.netmoves.com. 88201 IN A 198.199.128.106
jcs1a.faxsav.com. 88201 IN A 209.67.18.65

;; Query time: 5 msec
;; SERVER: 192.168.200.1#53(192.168.200.1)
;; WHEN: Fri Jan 24 16:44:39 2003
;; MSG SIZE rcvd: 209

I get the same mail result if I try sending to the other mail server listed (mail0.allegro.net)

Any further ideas? (I have logged a call with BT and Easylink to see if the problem is at their end, but I don't hold out much hope!

Phil
0 Kudos
Reply
Ron Kinner
Honored Contributor

‎01-30-2003 03:23 PM

‎01-30-2003 03:23 PM

Re: Strange sendmail/telnet problem

If your firewall allows it try a traceroute to see where it goes wrong. Compare to a traceroute from the internal gateway.

Could your ISP have dropped your mailserver's ip address from its routing tables? (Does the mail server have a real address or is the firewall doing a NAT? IF it's Nat'd then this doesn't apply.)

When you did a tcpdump did you check that the sending address was correct?

Can you change the ip address on the mail server temporarily to see if that lets you telnet?

Ron
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎01-31-2003 06:14 AM

‎01-31-2003 06:14 AM

Re: Strange sendmail/telnet problem

A look at netstat -an or -rn might help.

I'd like to see the same thing from the mail router.

More important, you might have a problem on the relay server with who it allows to relay. Though that should produce a connection refused message.

If the mail router is a Symmantec gateway with anti-virus and all, keeping it fully patched is a must.

I spent on and off from August to January, working on a mail attachment script that should have worked unchanged from HP's web site. It did, right after the mail relay admin put the latest patch set in.

GRRRR

P
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.