sendmail cannot receive inbound mail

[blackboy]

Situation:

I'm using AT&T @Home (cable modem service). 4 computers are sharing the connection using a dsl router. The Internet IP we have got from AT&T is 12.123.456.789 (just an example). The router is sitting on 192.168.2.1 and I've a redhat 7.2 running on 192.168.2.20. I'm trying to setup a mail server on the redhat.

Problem:

I'm unable to receive inbound email from outside world. (say if i go to yahoo and use yahoo mail to send a email to user@12.123.456.789 I received nothing).

Investigation:

1. Outgoing email works fine

2. If i telnet into my server and send email to user@linuxhost.localdomain it works fine.

3. I telnet into my server and do "telnet localhost 25" I do get a response, however, if I go to outside world and do "telnet 12.123.456.789 25" it says connection refused. I've already opened port 25 on my dsl router (and use virtual server to redirect port 25 to my server) and redhat. I also have a web server and ftp server running, and if I do "telnet 12.123.456.789 80" from the outside world it is fine.

Could someone point me to what problem I'm having? I've spent a whole day reading documentation about MX, relay-domain, access..etc etc but I can't conclude what my problem is.

My /etc/mail/access file:

localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY

Any help appreciated. Thanks!

Thanks,
Albert.

 

[ifincham]

Hi,

First thing I'd check if you get connex refused is the redhat firewalling - you may have allowed port 25 thru the router but what about the packet filtering rules on the redhat box, i.e. the lokkit firewall ? You can check active rules with :

# /sbin/ipchains -L

and admin lokkit with :

# /usr/sbin/lokkit

If you change restart ipchains & network :

# /etc/rc.d/init.d/ipchains restart
# /etc/rc.d/init.d/network restart

Once you can telnet from outside to port 25 you know the basic IP connections are working and then its down to the sendmail config, etc.

Hope this helps

 

[abovebrd]

I would double check the sendmail conf file. Make sure it has been set to listen to 12.123.456.789 25
-Danny
techie@snoboarder.net

 

[blackboy]

ifincham,

Thanks. But I've disabled firewall on my redhat. Actually, for it to receive inbound mail, does it need to able to establish a connection on port 25? That is, if I cannot telnet into port 25 from another machine then sendmail will never work, am I right?

abovebrd,

But I need to receive mail from everyone in the world, not just from 12.123.456.789. So do I need to setup my config file to allow everyone access? Which file should I set this?

Thanks,
Albert.

P.s. I found that this machine is hacked overnight and my root passwd has been compromised. :< Couldn't believe it since it is there for just a week. Seems that my only option is going to format and install the thing again. If the hacker is reading this, just want to say &quot;pls don't hack it again&quot;. It is just a newbie experiencing machine (i.e. a toy) and you won't gain any satisfaction in hacking it. Plus there is nothing in it that would interest you. If you still choose to do so, pls at least send me an email letting me know how you did it so I can prevent it next time.

 

[abovebrd]

12.123.456.789 is a fictious IP address (Its not even an actually number)

Replace this IP with the actual IP address your using in DNS mx record. It sounds like sendmail does not know to listen on port 25 or the actual Ip address. I think by default it listens to localhost but you will need to edit the sendmail conf file to reflect the actual IP address you wish sendmail to listen on.

In regards to being hacked. Close all unneccessary services. Configure IP chains to protect the services you wish to run. Make sure the services are running are current rev levels.

Good luck


-Danny
techie@snoboarder.net

 

[blackboy]

abovebrd,

> 12.123.456.789 is a fictious IP address

Right it is a fake IP. Didn't want to post my real IP here to prevent ppl from hacking my machine. But..oh well...-.-'

As for sendmail conf, Which file should I edit? And what is the syntax? After reading the docs I found there are a lot of conf files and I'm still not sure which one does what.

Thanks,
Albert.

 

[ifincham]

Hi,



Yes, you need inbound port 25 to work as sendmail listens on that port and, even though you could change it, it would be not much use in practice as all the normal smtp servers out there use except the receiving smtp server to be listening on port 25.



On the config - the traditional sendmail config involves editing a macro file (normally called sendmail.mc but could be whatever you like) and creating the actual config read by sendmail (/etc/sendmail.cf) my passing the .mc file through the 'm4' macro pre-processor. After editing the .mc file you'd save the exiting config for fallback and create the new one like this :



# mv /etc/sendmail.cf /etc/sendmail.cf.old

(rename old config file)

# m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

(create new sendmail.cf based on the macro file)



To do this you have to have the 'sendmail-cf' rpm installed as well as the 'sendmail' one. (or equivalent for your distro - thats on redhat)



The bit in the macro file you need to check is this :



DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')



Obviously, that would have your external interface address - not 127.0.0.1 .



The latter is almost certainly your problem if you are not firewalled - so if its still set to the 127.0.0.1 install default change it to the correct IP address and do the 'm4' command shown above.



Hope this helps

 

[blackboy]

Thanks. This is the solution.

(Even though I've decided to shut the sendmail down..I couldn't deal with the security issues associated with this thing -.-)