Sendmail configuration 4

[nandak7]

Hi ALL,

I am new to Linux.I am trying to configure sendmail in redhat linux 9.0. Almost I am done with configuration. But when I tested I was not able to send and receive emails. Linux server is behind ISA firewall. I couldnt find any easy doumentation in web.The documentation in sendmail.org is more confusing.

How can I test sendmail server?. Can anyone send urls for good documentaion?. I published sendmail with ISA firewall. Also I created MX record in local DNS server. I did all basic changes in sendmail configuration. Still no luck.I going crazy with sendmail configuration. Can any one help me out to figure out the problem.

Thanks
Nanda

 

[Rhinokiller]

This sounds hokey but it actually makes sense.
Sometimes the size of some DNS-replies for hotmail.com don't fit in a UDP packet, so TCP is used for DNS. Check your firewall protecting your Sendmail box to see if it is blocking DNS-queries over TCP. This will cause Sendmail to time-out after a while, with the log message "Sender domain must resolve". The fix is simply to allow DNS queries over TCP.


There is no God, only 10001010

 

[nandak7]

I can able to send emails to all the domains only to the names which has been created in the linux box.For example I have a user name called user1 in my linux box.I can able to send emails to user1@yahoo.com or user1@hotmail.com or to any domain user1@xyz.com. But I cannot send emails from user1@mydomainname.com to user2@yahoo.com and also to other domains as user2. Since user2 username has not been created in linux box.Then How can I send emails to my friends. please let me know if I am confusing.

This is the error I get with return emails.

The following addresses had permanent fatal errors -----
nandak7@yahoo.com
(reason: 550 5.1.1 <nandak7@yahoo.com>... User unknown)
(expanded from: nandak7@yahoo.com)

----- Transcript of session follows -----
... while talking to [127.0.0.1]:
>>> DATA
<<< 550 5.1.1 <nandak7@yahoo.com>... User unknown
550 5.1.1 nandak7@yahoo.com... User unknown
<<< 503 5.0.0 Need RCPT (recipient)

Following are the errors when I try to send emails.

The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'nandak7@yahoo.com'. Subject 'test', Account: 'nanda', Server: 'mail.4westtexas.com', Protocol: SMTP, Server Response: '550 5.1.1 <nandak7@yahoo.com>... User unknown', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79

Thanks in advance
Nanda

 

[Rhinokiller]

Nandak7 check your DNS setup in resolv.conf (see above) and make sure you are querying a valid dns server.

There is no God, only 10001010

 

[rouse01]

Rhinokiller,
Long shot, but I wonder if he needs to check the 2000 server (from above post):

&quot;I have a local dns server in another box which has windows 2000 adv server + dns + domain +active directory enabled + acting as a firewall ( ISA ).&quot;

If he has an access db file allowing only his ip's to relay messages, then maybe something on the other side of the sendmail server (firewall) is blocking. Maybe win2K?
BTW what is ISA?

 

[Rhinokiller]

Rouse01,
I believe ISA is the firewall that is bundled with Windows 2000 Advanced Server. I am only familiar with the Cisco PIX, NetScreen & the std. Ipchains/Iptables run of the mill stuff so I cannot talk intelligently about ISA. I agree though that there are some DNS issues that need to be resolved here. The fact that Exchange worked doesn't exactly inspire confidence and I think nandak7 needs to check how his Linux box is resolving domain names.

There is no God, only 10001010

 

[nandak7]

I am able to send emails to any domain and also I can receive emails from any domain.Everything works good within our LAN.I cannot send emails to other domains from my home and I can receive emails from any domain.Also I can send emails to my own domain from home.when I send to other domains it says &quot;RELAYING DENIED&quot;.

So how can send emails to any domain from remote location?
Any help is appreciated

Thanks
Nanda

 

[Rhinokiller]

How R U connected when you are at home RAS/Dial-up ? VPN ?



There is no God, only 10001010

 

[nandak7]

I am not using RAS/DAIL-UP/VPN.I tried by using outlook express with internet connection.Do I need to use any of these?.

Nanda

 

[Rhinokiller]

Your mail server sits in a DMZ right ? How is this secured ?

There is no God, only 10001010

 

[Rhinokiller]

Nandak, you should not be able to relay mail through your server from outside your network. If you could, you'd be an open relay and that is not good. You must authenticate to your network either thru RAS/Dial-up or VPN and then you will be able to send mail to the outside world.
You could also ask your ISP for a static IP and set up relaying for that address on your mail server but that too is not very adviseable, source addresses are easy to spoof.
You need to look at some sort of secure remote access system to your netowrk.

There is no God, only 10001010

 

[Rhinokiller]

Afterthought:
Or set up IMAP and webmail/squirrelmail

There is no God, only 10001010

 

[nandak7]

I dont know which method to select ( dial-up / vpn /IMAP / webmail/squirrelmail to access email form remote location.Can anyone suggest me easy and secure method. My setup is,I am using ISA firewall and I published my sendmail server with ISA and sendmail server is located in internal network.
Any help is appreciated
Thanks
Nanda

 

[Rhinokiller]

Nandak7,
I am not familiar with your firewall setup but there should be a way to configure VPN, most if not all firewalls offer some kind of client to authenticate external users to a network via the firewall's &quot;outside&quot; or &quot;untrusted&quot; interface. You have a Windows server on the wire so setting up RAS seems like the simplest way to get this done if you are not familiar with firewalls. If you need to set this up for multiple users RAS can get expensive as you will need an access number with a hunt group behind it for roll over. Most TELCO's can set this up for you but in this scenario VPN is the preferred method. If it is just for you then I would go the RAS route with a POTS line & modem.

There is no God, only 10001010