[vox-tech] Sendmail question
Danny Webster
vox-tech@lists.lugod.org
Mon, 9 Jun 2003 22:17:36 -0700
I had the same exact problem with Red Hat 9.0 today(you can send mail
locally, just not beyond your LAN, right?). I made several changes, but I
think these were key(BTW, Red Hat was set on medium security):
1.) In the sendmail.mc, see where I first changed the Addr= from the
loopback address? Apparently that is wrong, you should just comment it out:
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
define(`confAUTH_OPTIONS', `A p')dnl
dnl # The following causes sendmail to only listen on the IPv4 loopback
address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl # address restriction to accept email from the internet or intranet.
dnl # DAEMON_OPTIONS(`Port=smtp,Addr=64.163.109.75, Name=MTA')
2.) That removed the original error, and replaced it with a RELAY error, so
I added an entry in the /etc/mail/access file:
[root@basiclab mail]# vi access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
192.168.0. RELAY
3.) But look at this segment in sendmail.cf:
[root@basiclab mail]# vi sendmail.cf
# Hosts for which relaying is permitted ($=R)
FR-o /etc/mail/relay-domains
That prompted me to create a relay-domains file with my local
network(192.168.0.) which seemed to clear up the problem. If any of these
settings are bad from a security standpoint, please, anyone suggest
something better!
Danny
----- Original Message -----
From: "Ehrhart, Jay" <ehrhart@ycoe.org>
To: <vox-tech@lists.lugod.org>
Sent: Monday, June 09, 2003 7:49 PM
Subject: [vox-tech] Sendmail question
> I am bringing up a Redhat 8.0 mail server with Sendmail. Named is running
on the box and name resolution works. I can get to the web and Nslookup
resolves. I can receive email after changing the DAEM_OPTIONS port=smtp,
Addr=my IP address so that it is listening on port 25 for mail connections.
I used the M4 utility to make the change.
>
> In the Network configuration I have two NIC cards and the loopback
127.0.0.1.
>
> My problem is I can not send mail. I get the following error in the log.
>
> Jun 9 09:01:28 free sm-msp-queue[13168]: h59G1Sik013168: to=root,
delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31873, relay=[127.0.0.1],
dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
>
> I can see that it is picking up the loop back address which maybe the
problem. Having never built a Linux mail server before though I don't know.
Is there a place where I change the loop back address or how the mail goes
out to the network interface IP address so the mail can get out?
>
> Thanks.
>
>
>
>
----- Original Message -----
From: "Ehrhart, Jay" <ehrhart@ycoe.org>
To: <vox-tech@lists.lugod.org>
Sent: Monday, June 09, 2003 7:49 PM
Subject: [vox-tech] Sendmail question
> I am bringing up a Redhat 8.0 mail server with Sendmail. Named is running
on the box and name resolution works. I can get to the web and Nslookup
resolves. I can receive email after changing the DAEM_OPTIONS port=smtp,
Addr=my IP address so that it is listening on port 25 for mail connections.
I used the M4 utility to make the change.
>
> In the Network configuration I have two NIC cards and the loopback
127.0.0.1.
>
> My problem is I can not send mail. I get the following error in the log.
>
> Jun 9 09:01:28 free sm-msp-queue[13168]: h59G1Sik013168: to=root,
delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31873, relay=[127.0.0.1],
dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
>
> I can see that it is picking up the loop back address which maybe the
problem. Having never built a Linux mail server before though I don't know.
Is there a place where I change the loop back address or how the mail goes
out to the network interface IP address so the mail can get out?
>
> Thanks.
>
>
>
>