SendMail SMTP Issues

10 posts / 0 new
Last post
#1 Wed, 10/15/2008 - 06:10
ptom98

SendMail SMTP Issues

Right, so this is the last problem I think I'm having before everything is set up and working...hopefully lol...and that's sending email from a client like Outlook.

SendMail is setup and is recieving and distributing emails fine from both local and external sources, senging internally is also fine but the problem comes when trying to send to an address outside, say 'someone@yahoo.com' when I try this i get the following error message;

The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'someone@yahoo.com'. Subject 'test', Account: 'test', Server: 'mail.mydomain.com', Protocol: SMTP, Server Response: '550 5.7.1 <someone@yahoo.com>... Relaying denied. IP name possibly forged [IP_ADDRESS]', Port: 25, Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79

Obviously that makes sense, so I thought to myself the most obvious course of action is to turn on Authorisation, so within SendMail Mail Server > Network Ports I ticked Require SMTP authentication. Within Outlook Express I've gone into the account settings and have ticked "My server requires authentication" and then ticked "Use same setting as my incoming mail server", but now when I try to send I get the following message;

The message could not be sent because the server rejected the sender's e-mail address. The sender's e-mail address was 'email@mydomain.com'. Subject 'test ', Account: 'test', Server: 'mail.mydomain.com', Protocol: SMTP, Server Response: '530 5.7.0 Authentication required', Port: 25, Secure(SSL): No, Server Error: 530, Error Number: 0x800CCC78

I'm a bit confused as to why that is displaying the error "Authentication Required"?

Anyone have any ideas? I'll keep hunting around for an answer, but would greatly appreciate a point in the right direction.

Wed, 10/15/2008 - 07:26
andreychek

Howdy,

Whenever that occurs, what do you see in the email logs (either /var/log/mail.log or /var/log/maillog)?

There may be a few relevant lines related to what exactly isn't working.
-Eric

Thu, 10/16/2008 - 02:58 (Reply to #2)
ptom98

Lol, can't believe I didn't think to look in there :S

Unfortunatly it doesn't really give me much info on whats going wrong.
If I do a Send and Recieve through Outlook Express (with one email in the Outbox) I get the following in the log;

<div class='quote'>Oct 16 11:29:09 mydomain dovecot: pop3-login: Login: user=&lt;test.mydomain&gt;, method=PLAIN, rip=[my ip address], lip=[server ip address]
Oct 16 11:29:09 mydomain dovecot: POP3(test.mydomain): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
Oct 16 11:29:11 mydomain sendmail[16964]: m9G7bfTx014958: to=&lt;root@mydomain.com&gt;, delay=03:49:29, xdelay=00:02:00, mailer=esmtp, pri=396103, relay=c13-ss-2-lb.cnet.com. [216.239.116.65], dsn=4.0.0, stat=Deferred: Connection timed out with c13-ss-2-lb.cnet.com.
Oct 16 11:29:11 mydomain sendmail[16964]: m9G32Bva012438: to=&lt;root@mydomain.com&gt;, delay=08:27:00, xdelay=00:00:00, mailer=esmtp, pri=934869, relay=c13-ss-2-lb.cnet.com., dsn=4.0.0, stat=Deferred: Connection timed out with c13-ss-2-lb.cnet.com.
Oct 16 11:29:11 mydomain sendmail[16964]: m9F7X7Hj007722: to=&lt;root@mydomain.com&gt;, delay=1+03:54:03, xdelay=00:00:00, mailer=esmtp, pri=4214965, relay=c13-ss-2-lb.cnet.com., dsn=4.0.0, stat=Deferred: Connection timed out with c13-ss-2-lb.cnet.com.
</div>

I'm a little confused as to what the &quot;Deferred: Connection timed out with c13-ss-2-lb.cnet.com.&quot; is doing in there, anyone have any ideas?

If I click on Send All within Outlook Express no new entries appear within the log, but I still get the error;

<div class='quote'>The message could not be sent because the server rejected the sender's e-mail address. The sender's e-mail address was 'email@mydomain.com'. Subject 'test ', Account: 'test', Server: 'mail.mydomain.com', Protocol: SMTP, Server Response: '530 5.7.0 Authentication required', Port: 25, Secure(SSL): No, Server Error: 530, Error Number: 0x800CCC78</div>

The one thing I have noticed with the maillog file, is that my domain is spelt wrong...let me give you an example (I've underlined and made red where this is mispelt);

Oct 16 11:29:09 [color=#FF0000]<u>mydomain</u>[/color] dovecot: pop3-login: Login: user=&lt;test.mydomain&gt;, method=PLAIN, rip=[my ip address], lip=[server ip address]

Does this matter? I'm guessing it probably does, but as to whether this is causing my current problem I doubt it...where would I need to change this to fix it?

Thu, 10/16/2008 - 04:42 (Reply to #3)
andreychek

Well, &quot;mydomain&quot; is probably coming from your hostname on your server.

I can't say if that's related to your issue or not, but it's certainly not going to help the matter ;-)

It's without a doubt possible to fix that within Virtualmin itself, though I'm not immediately seeing where that is.

I do know how to fix it from the command line though :-) If you log in over SSH, look at /etc/hostname, and /etc/hosts, and make sure each have your hostname/domain name listed correctly.

Now the daemons running need to be notified of the change. A reboot may be the easiest way to do that if you aren't live yet. If your box is live, you can probably get away with restarting these 3 daemons:

Virtualmin: /etc/init.d/webmin restart
Dovecot: /etc/init.d/dovecot restart
Postfix: /etc/init.d/postfix restart

At that point, try sending your email again -- any luck?

If not, the part from your mail log isn't really showing what's wrong -- those deferred messages aren't likely to be related to your issue. Are there other errors around the same timeframe as your attempt to send an email in the mail log?
-Eric

Thu, 10/16/2008 - 06:39 (Reply to #4)
ptom98

Yep, you're right about the hostname, changing it via Webmin is <b>Networking</b> &gt; <b>Network Configuration</b> &gt; <b>Host Addresses</b>

Unfortunatly that hasn't fixed the email issue. And on checking the logs, there's no other errors or warnings in any of the other logs around the same time.

Hmm, I've been reading up on the problem and am getting a rough idea of what I might need to do, so a ocuple of things. I've read up on the PAM Autentication and was just wondering if I need to add anything else to it, at the moment with Webmin both <i>smpt</i> and <i>sendmail.smtp</i> are setup and both include the system-auth (Common Authenitcation service), I'm presuming that this is all that's needed here?

Next I want to have a sit down and read through the link below;
<a href='http://www.joreybump.com/code/howto/smtpauth.html' target='_blank'>http://www.joreybump.com/code/howto/smtpauth.html</a>

Certainly on looking through my sendmail.mc file the parts mentioned in the link above, &quot;<i>define(`confAUTH_OPTIONS', `A p y')dnl</i>&quot; is commented out, but I'm a little wary of editing this file by hand and not entierly sure I need encrypted logins...or is it best to have encrypted logins?

Fri, 10/17/2008 - 04:32 (Reply to #5)
ptom98

My problem with it was that if I created user within VirtualMin it didn't to like to create the mapping with Postfix Mail, perhaps that's my own fault as you say swapping mail servers mid way isn't probably the best thing to lol.

But thankfully with a bit of messing around I've now got SendMail working with authentication.

Started by installing <b>sendmail-cf</b> so I could rebuild the sendmail configuration.
Then added the following lines into the <i>sendmail.cf</i> file;

[code:1]define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl[/code:1]

Then added the following just before the line of the file

<div class='quote'>LOCAL_CONFIG
ESASL_PATH=/etc/sasl2</div>

Rebuilt and restarted and all is looking good :)

Mon, 10/20/2008 - 18:12 (Reply to #6)
andreychek

I'm glad to hear you got it working!

If you find yourself struggling to get Postfix working in the future, please feel free to yell.

If Postfix doesn't work out of the box, that's definitely something we'd like to resolve so that no one else runs into the troubles you had.

Anyhow, glad it's working... have a good one!
-Eric

Mon, 05/04/2009 - 13:23 (Reply to #7)
mrwilder

Hi Ptom98,

I am in a similar situation to the one you resolved. I was able to switch to Postfix on one of our servers, but another server made it to production before I could make the switch so I'm stuck with sendmail.

Sendmail works fine from within the box (ie., mail from localhost to external recipients), but external clients get the Server Response 550: Relaying denied, hostname lookup failed.

If I telnet to the box and ehlo localhost, I see
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP

I do NOT see STARTTLS!

I don't know if this is the problem or the symptom (if the log level is wrong, for instance), but it looks like it may be my place to start.

Can you or anyone else who successfully got sendmail working describe what you did to start accepting external clients?

Thanks for your time!
Tony

Fri, 10/17/2008 - 02:03
ptom98

Still not having much luck with SendMail, so much so that I had a go with Postfix Mail Server, managed to get Authenticated Emails sending through SMTP in seconds, lol but with it not intergrating in with the whole Virtualmin Servers I can forsee it becoming a pain when creating new sites and users...plus I didn't really have that much time to look into it, so not entierly sure how to map it across to the current mail files.

What would people recommend, stick with SendMail or try looking at PostFix or QMail?

Fri, 10/17/2008 - 04:14 (Reply to #9)
andreychek

Well, I'll offer that Virtualmin works really well with Postfix. Postfix is actually the default email server Virtualmin sets up during an install. And Postfix is pretty nice to use :-)

I'm not really sure what you mean about it not integrating with Virtualmin though, it should integrate really well.

I'm not too experienced changing mail servers mid-game, I'm not sure that it's able to migrate all your email addresses and aliases from one to the other, you may need to do that manually.
-Eric

Topic locked