[NBLUG/talk] Configuring sendmail to forward email via sonic.net
Ron Wickersham
rjw at alembic.com
Mon Aug 26 14:48:45 PDT 2013
On Mon, 26 Aug 2013, Todd Cary wrote:
> Ron -
>
> Here are the changes I did make to sendmail.mc:
>
> dnl #
> define(`SMART_HOST', `smtp.sonic.net')dnl
> dnl #
Todd,
ok, see you're using m4 to create your sendmail.cf file.
> MASQUERADE_AS(`aristesoftware.com')dnl
> MASQUERADE_DOMAIN(`aristesoftware.com')dnl
> FEATURE(masquerade_entire_domain)dnl
> FEATURE(masquerade_envelope)dnl
>
> Not sure if the masquerade is necessary though.
probably don't want masquerade here but it shouln't hurt anything.
> However one of the areas
> where I have a lack of knowledge is setting up the hosts file. Here is what
> I have:
>
> # Do not remove the following line, or various programs
> # that require network functionality will fail.
> 127.0.0.1 localhost.localdomain localhost
> ::1 localhost6.localdomain6 localhost6
> 127.0.0.1 localhost.localdomain localhost centos5
> 216.228.174.9 toddcary.com localhost
take out the localhost in the 216.228.174.9 line, localhost is just for
the loopback address 127.0.0.1, usually only have one line for 127.0.0.1
also, the entry should be for the host name along with the domain name,
so you would have whatever you call the machine when you created it,
(find that name using the command "hostname"). if the name is
centos5, then your hsots line would be:
216.228.174.9 centos5.toddcary.com centos5
> However in the maillog file, one of the error lines is still having the
> ctladdr set to <root at localhost.localdomain>
>
>
> Aug 24 12:47:10 localhost sendmail[2309]: r7LNUtVO020623:
> to=<todd at aristesoftware.com>, ctladdr=<root at localhost.localdomain> (0/0),
> delay=2+20:16:15, xdelay=00:00:01, mailer=relay, pri=6330367,
> relay=mail.sonic.net. [64.142.7.162], dsn=4.0.0, stat=Deferred: Temporary
> AUTH failure
after changing /etc/hosts kill and restart sendmail and send another
message and see if the ctladdr changes.
you can also force sendmail to use a given address by adding this
in your sendmail.mc file:
define(`confDOMAIN_NAME', `mail.example.net')dnl
changing mail.example.net to your mail server name.
can see the "status Deferred: Temporary AUTH failure" which sometimes
is associated with greymail filters on incomming mail, but in your case
the 2 days should be long enough for greymail to accept you.
the other thing regardless of using sendmail, postfix, etc. as your
MTA, is you should get the PTR record in the in-addr.arpa zone changed
to your machine name. (this is so-called reverse-DNS).
currently your PTR record is:
root at gvu-rtr~ 11 # dig -x 216.228.174.9
; <<>> DiG 9.4.2-P2 <<>> -x 216.228.174.9
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5065
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4
;; QUESTION SECTION:
;9.174.228.216.in-addr.arpa. IN PTR
;; ANSWER SECTION:
9.174.228.216.in-addr.arpa. 14400 IN PTR bc1749.bendcable.com.
;; AUTHORITY SECTION:
174.228.216.in-addr.arpa. 14400 IN NS tumalo.bendcable.net.
174.228.216.in-addr.arpa. 14400 IN NS sisters.bendcable.net.
;; ADDITIONAL SECTION:
tumalo.bendcable.net. 60 IN A 216.228.160.29
tumalo.bendcable.net. 60 IN AAAA 2610:1f0:1:1::3
sisters.bendcable.net. 60 IN A 216.228.160.30
sisters.bendcable.net. 60 IN AAAA 2610:1f0:1:1::4
;; Query time: 495 msec
;; SERVER: 10.42.2.1#53(10.42.2.1)
;; WHEN: Mon Aug 26 14:28:33 2013
;; MSG SIZE rcvd: 222
and to run an MTA on the public Internet, you need to have the PTR
record changed to your mail host name, so bd1749.bendcable.com must
be changed to centos5. (this is so-called reverse-DNS).
currently your PTR record is:
root at gvu-rtr~ 11 # dig -x 216.228.174.9
; <<>> DiG 9.4.2-P2 <<>> -x 216.228.174.9
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5065
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4
;; QUESTION SECTION:
;9.174.228.216.in-addr.arpa. IN PTR
;; ANSWER SECTION:
9.174.228.216.in-addr.arpa. 14400 IN PTR bc1749.bendcable.com.
;; AUTHORITY SECTION:
174.228.216.in-addr.arpa. 14400 IN NS tumalo.bendcable.net.
174.228.216.in-addr.arpa. 14400 IN NS sisters.bendcable.net.
;; ADDITIONAL SECTION:
tumalo.bendcable.net. 60 IN A 216.228.160.29
tumalo.bendcable.net. 60 IN AAAA 2610:1f0:1:1::3
sisters.bendcable.net. 60 IN A 216.228.160.30
sisters.bendcable.net. 60 IN AAAA 2610:1f0:1:1::4
;; Query time: 495 msec
;; SERVER: 10.42.2.1#53(10.42.2.1)
;; WHEN: Mon Aug 26 14:28:33 2013
;; MSG SIZE rcvd: 222
and to run an MTA on the public Internet, you need to have the PTR
record changed to your mail host name, so bd1749.bendcable.com must
be changed to centos5.toddcary.com (note that the in-addr.arpa
ip addresses are in reverse order 9.174.228.216.in-addr.arpa.
you will probaby need to request your ISP to change the PTR record
for you if you haven't had the in-addr.arpa zone delegated to you.
i wouldn't have expected sonic's MTA to give you a temporary error
with a non-matching PTR record, instead stating that your PTR record
doesn't match the HELO name or words to that effect.
these days mail servers are configured to disallow connections that
may be from a machine that is a spambot, so requre that all real
mail servers have their reverse DNS configured to state their host
name.
###
i think you are close to getting it running and now it is clear that
you are running a public MTA, and not running as a sonic.net customer
using the "mail message submission" port 587. your mail server is
going to be like any external mail server and use the standard port
25.
-ron
More information about the talk
mailing list