sendmail not working for relaying messages
Rick Stevens
rstevens at vitalstream.com
Wed May 4 17:44:33 UTC 2005
Janu Sundaram wrote:
> Hello,
>
> I am trying to setup Outlook Express (email client to setup mail
> accounts) , when I try to send mails outside my domain like
> @mydomain.com <http://mydomain.com> ie to yahoo or gmail or hotmail,
> I get this error message
>
> "The message could not be sent because one of the recipients was>
> rejected by the server. The rejected e-mail address was
> 'janu at cs.unm.edu <mailto:janu at cs.unm.edu>'. Subject 'test',
> Account:'mail.relate24seven.com <http://mail.relate24seven.com><
> http://mail.relate24seven.com>> ',> Server: '65.103.191.30
> <http://65.103.191.30> < http://65.103.191.30>', Protocol: SMTP,
> Server> Response: '550 5.7.1> <janu at cs.unm.edu
> <mailto:janu at cs.unm.edu>>... Relaying denied', Port: 25,
> Secure(SSL): No,> Server Error: 550, Error Number: 0x800CCC79.
>
>
> When I use pine on the server , I can send mails to everyone and recieve
> from everyone.
>
> I can send mails to @relate24seven.com <http://relate24seven.com> in
> OE .If this is an OE problem , then I have the same problem with
> Thunderbird mail client too ; while sending emails it prompts fro
> password I type in the same password as used for incoming mail
> server which is the same as the outgoing one , and it does not work
>
> The following is the iptable file output :
> # Firewall configuration written by system-config-securitylevel
> # Manual customization of this file is not recommended.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-INPUT
> -A FORWARD -j RH-Firewall-1-INPUT
> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251
> <http://224.0.0.251> -j ACCEPT
> -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80
> -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
> 443 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21
> -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22
> -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23
> -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25
> -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
> 110 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
> 143 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
> 5901 -j ACCEPT
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> COMMIT
>
> When I try to do nmap localhost it shows this :
>
> PORT STATE SERVICE
> 21/tcp open ftp
> 22/tcp open ssh
> 25/tcp open smtp
> 80/tcp open http
> 110/tcp open pop3
> 111/tcp open rpcbind
> 113/tcp open auth
> 143/tcp open imap
> 443/tcp open https
> 631/tcp open ipp
> 3306/tcp open mysql
> 5900/tcp open vnc
> 10000/tcp open snet-sensor-mgmt
>
> But when I try nmap 65.103.191.30 <http://65.103.191.30>, it shows
> this :
> (The 1658 ports scanned but not shown below are in state: closed)
> PORT STATE SERVICE
> 23/tcp open telnet
> 80/tcp open http
>
>
>
> The following is the maillog output :
> May 4 11:08:10 relate24seven sendmail[7908]: j44I89Gq007908:
> ruleset=check_rcpt, arg1=<janu at cs.unm.edu <mailto:janu at cs.unm.edu>>,
> relay=nhpsde.heritage.unm.edu <http://nhpsde.heritage.unm.edu>
> [64.106.114.26 <http://64.106.114.26>], reject=550 5.7.1
> <janu at cs.unm.edu <mailto:janu at cs.unm.edu>>... Relaying denied
>
> May 4 11:08:10 relate24seven sendmail[7908]: j44I89Gr007908:
> ruleset=check_rcpt, arg1=<josh at relate247.com
> <mailto:josh at relate247.com>>, relay=nhpsde.heritage.unm.edu
> <http://nhpsde.heritage.unm.edu> [64.106.114.26 <http://64.106.114.26>],
> reject=550 5.7.1 <josh at relate247.com <mailto:josh at relate247.com>>...
> Relaying denied
>
>
> Any help with this?
Relay is denied by default. If you're sending from some specific
machines, you can edit /etc/mail/access and add lines such as:
Connect:www.xxx.yyy.zzz RELAY
replacing www.xxx.yyy.zzz with the IP address of the sending machine.
Restart sendmail after editing the file:
service sendmail restart
Sendmail will allow relay ONLY from those machines. You can also enter
the domain names of the machines into /etc/mail/relay-domains, but
that's a bit less secure.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Consciousness: that annoying time between naps. -
----------------------------------------------------------------------
More information about the users
mailing list