hello everybody,
this is my first post to this forum and i hope you had a nice weekend so far. furthermore, i hope this is the right place to ask this question...
i have a problem with my sendmail 8.12.9 configuration under redhat 7.2, which means i was not able to stop the server from relaying third party mail. i use STARTTLS and SMTP AUTH for relaying mails from my roaming users, other users are only able to send to local users. but it does not seem to work, or let's say: i must have made a mistake somewhere.
here is my sendmail.my and the access.db (cleartext, but i've edited the domain name and the ip-adresses... hope you understand). perhaps i've missed something very simple, but a feel like beeing blind...
sendmail.mc:
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`CERT_DIR',`/usr/share/ssl/certs')dnl
define(`confCACERT_PATH',`CERT_DIR')dnl
define(`confCACERT',`CERT_DIR/ca-bundle.crt')dnl
define(`confSERVER_CERT',`CERT_DIR/[edited].pem')dnl
define(`confSERVER_KEY',`CERT_DIR/[edited]l.pem')dnl
define(`confCLIENT_CERT',`CERT_DIR/[edited].pem')dnl
define(`confCLIENT_KEY',`CERT_DIR/[edited].pem')dnl
define(`confTLS_SRV_OPTIONS',`V')dnl
define(`confAUTH_OPTIONS', `p,y')dnl
define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl
FEATURE(dnsbl, `blackholes.mail-abuse.org', `Rejected - see FEATURE(dnsbl, `dialups.mail-abuse.org', `Dialup - see FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`delay_checks')dnl
EXPOSED_USER(`root')dnl
TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
MASQUERADE_AS(`[edited]')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`masquerade_envelope')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Cwlocalhost.localdomain
access.db:
To:[edited-domain].de RELAY
To:127.0.0.1 RELAY
To:localhost RELAY
To:localhost.localdomain RELAY
To:[edited-ip] RELAY
To:[editd-hostname] RELAY
last but not least, here's a piece of the maillog where the problem occures. i was not able to figure out why "ruleset=check_rcpt" does not occure when the spammail went through...
this is was should happen allways for unauthorised users trying to relay... (but does happen only sometimes):
Apr 25 23:32:57 [hostname] sendmail[6245]: h3PLWtVi006245: ruleset=check_rcpt, arg1=<theism2@sbcglobal.net>, relay=adsl-66-136-94-178.dsl.rcsntx.swbell.net [66.136.94.178], reject=550 5.7.1 <theism2@sbcglobal.net>... Relaying denied. Proper authentication required.
Apr 25 23:32:57 [hostname] sendmail[6245]: h3PLWtVi006245: from=<web242w7@verizon.net>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=adsl-66-136-94-178.dsl.rcsntx.swbell.net [66.136.94.178]
and this is what actually happens from time to time, giving me so much trouble:
Apr 26 14:20:41 [hostname] sendmail[1597]: h3QCKcmN001597:
from=<hottnbi4u@xoxofree.com>, size=3833, class=0,
nrcpts=68, msgid=<200304261220.h3QCKcmN001597@[my-
mailserver!].de>, proto=SMTP, daemon=MTA, relay=[my-
mailserver!] [ip-my-mailserver!]]
Apr 26 14:20:42 [hostname] sendmail[1599]: h3QCKcmN001597:
to=<nrwoodson@aol.com>,<rosemt3739@aol.com>,<angel18477@aol.
com>,<flkiskafl@aol.com>,<congaithoinay01@aol.com>,<janddewi
ng@aol.com>,<ffrodifrog@aol.com>,<jmcin39681@aol.com>,<littl
easianstar@a
ol.com>,<lazyguy139@aol.com>,<daqtwitdabooty04@aol.com>,<fma
ia5@aol.com>,<hrdliqur@aol.com>,<princessshrek2@aol.com>,<ho
bbieregan@aol.com>,<genarator4@aol.com>,<tanya1301@aol.com>,
<ant5454man@aol.com>,<witcherfw@aol.com>,<c1079@aol.com>,<po
ppyseed2@aol.com>,<pica35@aol.com>,<katiecem@aol.com>,<ruahi
ne@aol.com>,<marshallscowfarm@aol.com>,<tannercm@aol.com>,<m
lsmeg@aol.com>,<midomido39@aol.com>,<dockin1@aol.com>,<charl
es852@aol.com>,<xpmbx@aol.com>,<camay60@aol.com>,<dgarely@ao
l.com>,<ub1993@aol.com>,<deeperrhythm@aol.com>,<tdw018@aol.c
om>,<morajm@aol.com>,<bigbil3158556@aol.com>, [more],
delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=2040428,
relay=mailin-02.mx.aol.com. [64.12.136.89], dsn=5.0.0,
stat=Service unavailable
Apr 26 14:20:42 [hostname] sendmail[1599]: h3QCKcmN001597:
to=<lifeesp@aol.com>,<arhbev@aol.com>,<lcohrs@aol.com>,<guam
221@aol.com>,<sabdrap@aol.com>,<harrycolon@aol.com>,<cch5861
@aol.com>,<kempo05@aol.com>,<sbbether@aol.com>,<xomegagal@ao
l.com>,<mammysm@aol.com>,<txbatmugsy@aol.com>,<nspctrno9@aol
.com>,<murph1717@aol.com>,<betsrams@aol.com>,<thomasb653@aol
.com>,<falls15@ao
l.com>,<annp1001@aol.com>,<vpol41@aol.com>,<skillz8525@aol.c
om>,<sweet604@aol.com>,<skblackwel@aol.com>,<hstenken@aol.co
m>,<smustang1999@aol.com>,<adieb2@aol.com>,<petitefouine@aol
.com>,<apolk51534@aol.com>,<jookjoint5@aol.com>,<greenguardi
an@aol.com>,<old06@aol.com>, delay=00:00:01,
xdelay=00:00:01, mailer=esmtp, pri=2040428, relay=mailin-
02.mx.aol.com. [64.12.136.89], ds
n=5.0.0, stat=Service unavailable
Apr 26 14:20:42 [hostname]sendmail[1599]: h3QCKcmN001597:
h3QCKgmN001599: DSN: Service unavailable
Apr 26 14:20:44 [hostname] sendmail[1599]: h3QCKgmN001599:
to=<hottnbi4u@xoxofree.com>, delay=00:00:02,
xdelay=00:00:02, mailer=esmtp, pri=34857,
relay=xoxofree.com. [66.164.2.8], dsn=2.0.0, stat=Sent
(h3QCKcG29566 Message accepted for delivery)
everything i want to know is: whis was that last message accepted for delivery?
i would be glad if someone has an idea,
thank you!
this is my first post to this forum and i hope you had a nice weekend so far. furthermore, i hope this is the right place to ask this question...
i have a problem with my sendmail 8.12.9 configuration under redhat 7.2, which means i was not able to stop the server from relaying third party mail. i use STARTTLS and SMTP AUTH for relaying mails from my roaming users, other users are only able to send to local users. but it does not seem to work, or let's say: i must have made a mistake somewhere.
here is my sendmail.my and the access.db (cleartext, but i've edited the domain name and the ip-adresses... hope you understand). perhaps i've missed something very simple, but a feel like beeing blind...
sendmail.mc:
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`CERT_DIR',`/usr/share/ssl/certs')dnl
define(`confCACERT_PATH',`CERT_DIR')dnl
define(`confCACERT',`CERT_DIR/ca-bundle.crt')dnl
define(`confSERVER_CERT',`CERT_DIR/[edited].pem')dnl
define(`confSERVER_KEY',`CERT_DIR/[edited]l.pem')dnl
define(`confCLIENT_CERT',`CERT_DIR/[edited].pem')dnl
define(`confCLIENT_KEY',`CERT_DIR/[edited].pem')dnl
define(`confTLS_SRV_OPTIONS',`V')dnl
define(`confAUTH_OPTIONS', `p,y')dnl
define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl
FEATURE(dnsbl, `blackholes.mail-abuse.org', `Rejected - see FEATURE(dnsbl, `dialups.mail-abuse.org', `Dialup - see FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`delay_checks')dnl
EXPOSED_USER(`root')dnl
TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
MASQUERADE_AS(`[edited]')dnl
FEATURE(`masquerade_entire_domain')dnl
FEATURE(`masquerade_envelope')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Cwlocalhost.localdomain
access.db:
To:[edited-domain].de RELAY
To:127.0.0.1 RELAY
To:localhost RELAY
To:localhost.localdomain RELAY
To:[edited-ip] RELAY
To:[editd-hostname] RELAY
last but not least, here's a piece of the maillog where the problem occures. i was not able to figure out why "ruleset=check_rcpt" does not occure when the spammail went through...
this is was should happen allways for unauthorised users trying to relay... (but does happen only sometimes):
Apr 25 23:32:57 [hostname] sendmail[6245]: h3PLWtVi006245: ruleset=check_rcpt, arg1=<theism2@sbcglobal.net>, relay=adsl-66-136-94-178.dsl.rcsntx.swbell.net [66.136.94.178], reject=550 5.7.1 <theism2@sbcglobal.net>... Relaying denied. Proper authentication required.
Apr 25 23:32:57 [hostname] sendmail[6245]: h3PLWtVi006245: from=<web242w7@verizon.net>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=adsl-66-136-94-178.dsl.rcsntx.swbell.net [66.136.94.178]
and this is what actually happens from time to time, giving me so much trouble:
Apr 26 14:20:41 [hostname] sendmail[1597]: h3QCKcmN001597:
from=<hottnbi4u@xoxofree.com>, size=3833, class=0,
nrcpts=68, msgid=<200304261220.h3QCKcmN001597@[my-
mailserver!].de>, proto=SMTP, daemon=MTA, relay=[my-
mailserver!] [ip-my-mailserver!]]
Apr 26 14:20:42 [hostname] sendmail[1599]: h3QCKcmN001597:
to=<nrwoodson@aol.com>,<rosemt3739@aol.com>,<angel18477@aol.
com>,<flkiskafl@aol.com>,<congaithoinay01@aol.com>,<janddewi
ng@aol.com>,<ffrodifrog@aol.com>,<jmcin39681@aol.com>,<littl
easianstar@a
ol.com>,<lazyguy139@aol.com>,<daqtwitdabooty04@aol.com>,<fma
ia5@aol.com>,<hrdliqur@aol.com>,<princessshrek2@aol.com>,<ho
bbieregan@aol.com>,<genarator4@aol.com>,<tanya1301@aol.com>,
<ant5454man@aol.com>,<witcherfw@aol.com>,<c1079@aol.com>,<po
ppyseed2@aol.com>,<pica35@aol.com>,<katiecem@aol.com>,<ruahi
ne@aol.com>,<marshallscowfarm@aol.com>,<tannercm@aol.com>,<m
lsmeg@aol.com>,<midomido39@aol.com>,<dockin1@aol.com>,<charl
es852@aol.com>,<xpmbx@aol.com>,<camay60@aol.com>,<dgarely@ao
l.com>,<ub1993@aol.com>,<deeperrhythm@aol.com>,<tdw018@aol.c
om>,<morajm@aol.com>,<bigbil3158556@aol.com>, [more],
delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=2040428,
relay=mailin-02.mx.aol.com. [64.12.136.89], dsn=5.0.0,
stat=Service unavailable
Apr 26 14:20:42 [hostname] sendmail[1599]: h3QCKcmN001597:
to=<lifeesp@aol.com>,<arhbev@aol.com>,<lcohrs@aol.com>,<guam
221@aol.com>,<sabdrap@aol.com>,<harrycolon@aol.com>,<cch5861
@aol.com>,<kempo05@aol.com>,<sbbether@aol.com>,<xomegagal@ao
l.com>,<mammysm@aol.com>,<txbatmugsy@aol.com>,<nspctrno9@aol
.com>,<murph1717@aol.com>,<betsrams@aol.com>,<thomasb653@aol
.com>,<falls15@ao
l.com>,<annp1001@aol.com>,<vpol41@aol.com>,<skillz8525@aol.c
om>,<sweet604@aol.com>,<skblackwel@aol.com>,<hstenken@aol.co
m>,<smustang1999@aol.com>,<adieb2@aol.com>,<petitefouine@aol
.com>,<apolk51534@aol.com>,<jookjoint5@aol.com>,<greenguardi
an@aol.com>,<old06@aol.com>, delay=00:00:01,
xdelay=00:00:01, mailer=esmtp, pri=2040428, relay=mailin-
02.mx.aol.com. [64.12.136.89], ds
n=5.0.0, stat=Service unavailable
Apr 26 14:20:42 [hostname]sendmail[1599]: h3QCKcmN001597:
h3QCKgmN001599: DSN: Service unavailable
Apr 26 14:20:44 [hostname] sendmail[1599]: h3QCKgmN001599:
to=<hottnbi4u@xoxofree.com>, delay=00:00:02,
xdelay=00:00:02, mailer=esmtp, pri=34857,
relay=xoxofree.com. [66.164.2.8], dsn=2.0.0, stat=Sent
(h3QCKcG29566 Message accepted for delivery)
everything i want to know is: whis was that last message accepted for delivery?
i would be glad if someone has an idea,
thank you!