Sendmail Fails to send emails from Linux server.

I m using free zoho mail client application (similar to microsoft outlook) on my mobile [android / ios] for all my emails to mohtashim@techx.com

I wish to only recieve emails from my Linux Server details of which are: techx 3.10.0-514.10.2.el7.x86_64 #1 SMP CentOS release 7.3.1611 (Core).

I try the below command to shoot an email from the Linux server to my zoho mail client's mohtashim@techx.com email id but the email does not show in my inbox.

[mohtashim@techx ~]$ echo "hello" | mail mohtashim@techx.com
You have new mail in /var/spool/mail/mohtashim

As soon as i fire this email command, the logs tail -f /var/log/maillog shows the following msg:

When i try mail command i do see the mail for mohtashim user on the Linux server as shown below:

[mohtashim@techx ~]$ mail
 N 39 mohtashim@techx.c  Sun Aug 27 21:34  19/710
& 39
Message 39:
From mohtashim@techx.com  Sun Aug 27 21:34:12 2017
Return-Path: <mohtashim@techx.com>
From: mohtashim@techx.com
Date: Sun, 27 Aug 2017 21:34:12 +0000
To: mohtashim@techx.com
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
Status: R

hello

I m using smtp.zoho.com to send out emails from the Linux box.

Below are a few important settings from /etc/mail/sendmail.mc

define(`SMART_HOST', `smtp.zoho.com')dnl
DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 465')dnl

Here are the firewall ports i have opened

[root@techx ~]# netstat -ntlp | grep sendmail
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      1733/sendmail: acce
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      1733/sendmail: acce
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      1733/sendmail: acce

telnet smtp.zoho.com <port_number> connects on port 587 and 465 only but does not connect on port 25.

I don't know why i don't receive the mail in my zoho application ?

Can you please help so that i can see the emails from my Linux server to my mobile zoho app ?

What kind of firewall settings does the linux box have? Is port 25 blocked in any way?

Can you please suggest how can i check this ?

You could try to connect to port 25 in telnet. If you can connect from a different machine, it's obviously not firewalled. If you can't connect even from the same machine, port 25 isn't being listened for.

I m able to telnet successfully to port 25,587 & 465 from a remote system.

[root@techx ~]telnet 45.77.141.129 25
Trying 45.77.141.129...
Connected to 45.77.141.129.
Escape character is '^]'.
220 techx.com ESMTP Sendmail 8.14.7/8.14.7; Wed, 6 Sep 2017 21:09:19 GMT

telnet 45.77.141.1229 587
Trying 45.77.141.129...
Connected to 45.77.141.129.
Escape character is '^]'.
220 Development_Digiklug ESMTP Sendmail 8.14.7/8.14.7; Wed, 6 Sep 2017 21:20:18 GMT


telnet 45.77.141.129 465
Trying 45.77.141.129...
Connected to 45.77.141.129.
Escape character is '^]'.
454 4.3.3 TLS not available: error generating SSL handle
Connection closed by foreign host.

Also, locally all the ports seems to be listening as shown below.

[root@development_techx ~]# netstat -ntlp | grep sendmail
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      1954/sendmail: acce
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      1954/sendmail: acce
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      1954/sendmail: acce

So, i don't think there is any issue with the firewall.

Can you please tell me what could be the issue with the sending of emails?

Hi,

You mention you've got your smart relay configured in sendmail.mc , but I wonder if it's actually gone live in your sendmail.cf (the real config file which is generated from the first one).

Could you see what output you get returned for:

grep ^DS /etc/mail/sendmail.cf

please (assuming that's the location of your sendmail.cf , naturally) ? Also, have you re-started Sendmail since you put the smart relay in place ?

Just a thought, as a discrepancy between your .mc and your .cf could potentially explain why Sendmail appears to be ignoring your smart relay, so to speak.

Here is the Output after restarting the smtp service

[root@development_techx mail]# grep ^DS /etc/mail/sendmail.cf
Output:
DS

Here is how I compile my /etc/mail/sendmail.mc

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

This is how i then restarted the smtp service

[root@development_techx mail]# service sendmail restart
Restarting sendmail (via systemctl):                       [  OK  ]

This is the command i use to send the email from the same server.

echo "hello" | mail mohtashim@techx.com

This is what i see in the mail logs.

Like i said before the mail is received locally by mohtashim user which can be checked using the mail command but the issue remains. The message is not delivered to the zoho email client configured on my mobile.

Here is the entry for /etc/mail/access

Connect:techx.com                    RELAY
Connect:localhost                       RELAY
Connect:127.0.0.1                       RELAY
Connect:development_techx            RELAY
Connect:45.77.141.129                    RELAY
192.168.0.0/24                          RELAY

I am able to receive all other emails but not the ones triggered / send by the server.

Can you please suggest where the problem lies ?

Hi,

OK, thanks. Well, that certainly confirms that there is a discrepancy between the macro and the config. If Sendmail was actually having its config properly re-generated, that DS line would read something like DSsmtp.zoho.com , but instead it's blank. Do you have the sendmail-cf package installed ? If not, that might explain why it's not re-building properly. Does your m4 command return any errors when you run it ?

Also, could you provide the output of the following commands, please ? These are to check if Sendmail is hard-configured to masquerade for any particular domains.

grep -i masq /etc/mail/sendmail.mc
grep ^DM /etc/mail/sendmail.cf
grep ^C\{M /etc/mail/sendmail.cf

Hopefully we'll get to the bottom of this soon. The main thing is to check that you have sendmail-cf installed. If you don't have it installed, then install it, try re-building your config, and see if things start to work.

I do not know how to check if sendmail-cf is pre-installed or not.

I however, tried installing it anyways. See the Output below.

[root@development_techx ~]# yum install sendmail-cf
Loaded plugins: fastestmirror, replace
base                                                                                                                                                  | 3.6 kB  00:00:00
centos-sclo-rh                                                                                                                                        | 2.9 kB  00:00:00
centos-sclo-sclo                                                                                                                                      | 2.9 kB  00:00:00
cwp                                                                                                                                                   | 2.9 kB  00:00:00
epel/x86_64/metalink                                                                                                                                  |  12 kB  00:00:00
epel                                                                                                                                                  | 4.3 kB  00:00:00
extras                                                                                                                                                | 3.4 kB  00:00:00
mariadb                                                                                                                                               | 2.9 kB  00:00:00
remi-safe                                                                                                                                             | 2.9 kB  00:00:00
Not using downloaded repomd.xml because it is older than what we have:
  Current   : Wed Aug 30 17:35:30 2017
  Downloaded: Sat Aug 26 05:24:20 2017
updates                                                                                                                                               | 3.4 kB  00:00:00
webtatic                                                                                                                                              | 3.6 kB  00:00:00
(1/2): epel/x86_64/updateinfo                                                                                                                         | 817 kB  00:00:01
(2/2): epel/x86_64/primary_db                                                                                                                         | 4.8 MB  00:00:02
Loading mirror speeds from cached hostfile
 * base: mirrors.kernel.org
 * epel: mirror.sfo12.us.leaseweb.net
 * extras: mirrors.kernel.org
 * remi-safe: mirrors.thzhost.com
 * updates: mirrors.kernel.org
 * webtatic: sp.repo.webtatic.com
Package sendmail-cf-8.14.7-4.el7.noarch already installed and latest version
Nothing to do

After this i ran

m4 /etc/mail/sendmail.mc > /etc/mailsendmail.cf

There is no output generated but i did make sure the command did not error using echo $? returning 0

I then restarted the smtp service but mail still does not work.

Seems the cf is still not generated properly.

1.
grep ^DS /etc/mail/sendmail.cf
DS

2. 
grep -i masq /etc/mail/sendmail.mc

dnl MASQUERADE_AS(`mydomain.com')dnl
dnl # masquerade not just the headers, but the envelope as well
dnl FEATURE(masquerade_envelope)dnl
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl FEATURE(masquerade_entire_domain)dnl
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl

3.
grep ^DM /etc/mail/sendmail.cf

No Output

4.
grep ^C\{M /etc/mail/sendmail.cf

No Output

Please suggest if you spot anything or need more info.

Hi,

Hmm, I'm afraid I'm not really sure why you're having this problem of your config not building correctly. At least we can be sure your Sendmail isn't masquerading as zoho.com or anything like that, so all it should need (all other things being equal, anyway) is the smart relay actually getting set.

Now, I wouldn't normally recommend this these days, but it is possible to edit the sendmail.cf file directly. This is usually a bad idea for two reasons: firstly because it's a lot easier to get things very badly wrong, and secondly because it puts the config out-of-sync with the macro, but that already seems to be broken anyway for some reason.

So, you could always try changing the DS line in your sendmail.cf so that it read:

DSsmtp.zoho.com

and then re-start Sendmail and see if it works. There should be no way at all that Sendmail can ignore your smart relay then.

Again, normally this is about as far from recommended procedure as it's possible to get, but since your Sendmail macro is somehow already broken anyway, you don't have much else to lose at this point by hand-hacking your sendmail.cf .

Oh, and one important thing: if you're going to do this, back up your sendmail.cf first !

I took a backup of sendmail.cf and then edited sendmail.cf using vi editor.

Added DSsmtp.zoho.com

grep ^DS /etc/mail/sendmail.cf
DSsmtp.zoho.com

I then restarted sendmail service as below.

service sendmail restart
Restarting sendmail (via systemctl):                       [  OK  ]

Once restarted i tried sending the email using the command

echo "httretrtr" | mail mohtashim@techx.com

but it still DOES NOT work.

I am sharing the maillog hoping it may help get pointers.

A system REBOOT also did not help

Hi,

OK, I�m starting to run out of ideas off the top of my head, but we�re not totally done yet. One further possibility: does your system believe that it is in fact smtp.techx.com or techx.com ? That�s one remaining possible explanation here.

So, some commands it might be useful to see the output of now include:

hostname 
grep -i techx /etc/hosts
grep hosts: /etc/nsswitch.conf
cat /etc/mail/service.switch

That last one might not exist, but it might - if it does, it would be interesting to see the contents, and it might well be our culprit.

Basically, at this point we�re now attempting to determine if your system believes it is in fact techx.com purely on the basis of hosts file entries, and also we want to see exactly how your system is configured to resolve hostnames when it encounters them.

Beyond that, I�m not sure what else to suggest. I�ve never known a smart relay entry to fail to work. Either something more fundamental is over-riding the behaviour of Sendmail, or it believes that it is in fact smtp.techx.com , and so is actually behaving correctly, so to speak.

EDIT: One last thing. What IP does your system resolve smtp.techx.com and techx.com to be, and are they in fact the same IP as your system ?

Note: Although my server is techx.xom we are using a third party external smtp mail server i.e smtp.zoho.com (which listens on port 587 while port 25 timesout when you do telnet to smtp.zoho.com)

There is nothing like smtp.techx.com anywhere as we are using external mail server smtp.zoho.com

Now answering your query. Please find the output below.

[root@development_techx ~]# hostname
development_techx
[root@development_techx ~]# grep -i techx /etc/hosts
127.0.0.1 techx.com
::1       Development_techx
127.0.0.1 autoreply.Development_techx
45.77.141.129     techx.com
127.0.0.1     localhost development_techx  techx.com Development_techx
#127.0.0.1     localhost localhost.localdomain  techx.com
45.77.141.129 techx.com
[root@development_techx ~]# grep hosts: /etc/nsswitch.conf
#hosts:     db files nisplus nis dns
hosts:      files dns myhostname
[root@development_techx ~]# cat /etc/mail/service.switch
cat: /etc/mail/service.switch: No such file or directory
[root@development_techx ~]# nslookup smtp.techx.com
Server:         108.61.10.10
Address:        108.61.10.10#53

** server can't find smtp.techx.com: NXDOMAIN

[root@development_techx ~]# nslookup techx.com
Server:         108.61.10.10
Address:        108.61.10.10#53

Non-authoritative answer:
Name:   techx.com
Address: 45.76.182.101

Based on this i realized that the /etc/hosts of my other server [45.76.182.101] also contains 127.0.0.1 techx.com and 45.76.182.101 techx.com and as you can see in the output above the nslookup to techx.com points to the other server and not the server we are dealing with.

If i change my server's /etc/hosts file entry form techx.com to dev.techx.com and then restart everything and try sending the Mail

echo "hello" | mail mohtashim@techx.com

it still fails but this time i get the following error in the the maillogs.

I then used the following script to send the email for better verbose.

more test.sh
#!/bin/sh
TO=mohtashim@techx.com

# -i  - do not treat special lines starting with "."
# -v  - use verbose mode (provide SMTP session transcript)
# -Am - use sendmail.cf (do not send via localhost:25) - requires root privileges
/usr/sbin/sendmail -i -v -Am -- $TO <<END
Subject: Delivery test
To: $TO

Delivery test.
END

The output:

Not sure is the bold red is concerning and a cause of failure.

Please suggest.

Hi,

Well done - yes, it was indeed the hosts file entry that would have been the issue. Now, your smart relay is working. But what this error indicates is that smtp.zoho.com requires you to log in or otherwise authenticate beofre you can send mail through it.

What this tells us is that smtp.zoho.com isn�t meant to act as a mail relay or smart host, but rather is just a server for customers to send mail through via a mail client. This is different from a server that can act as a smart host. The general idea of an SMTP smart host is that it takes mail from hosts that would otherwise be unable or unwilling to deliver mail straight to their target on the Internet via SMTP, and it deals with passing the e-mails on to their final destinations. This it would seem is not the configured purpose of smtp.zoho.com .

However, all is not lost. Sendmail can be configured to support this situation, by having a file that tells it how to log in to smtp.zoho.com . You will need a valid username and password for the Zoho e-mail service, and you�d also need to be sure that the maintainers of smtp.zoho.com would be happy for their service to be used as a smart relay. But if all of that is fine, then what you need to do is set up a file called /etc/mail/authinfo with the login details.

Now, one thing that worries me here is that your Sendmail setup for whatever reason seems to be largely ignoring your macro, and so unless /etc/mail/authinfo is already set up in your Sendmail configuration (and it very well may be - have a look and see if it�s mentioned in the .cf), then it�s going to be a very unpleasant job to hack this into working shape.

Anyway, the format of /etc/mail/authinfo (which would then need compiled via makemap hash /etc/mail/authinfo < /etc/mail/authinfo in the usual way) is:

AuthInfo:smtp.zoho.com "U:USERNAME" "P:PASSWORD" "M:PLAIN"

This sets up authentication for smtp.zoho.com , with the specified username and password, and tells it to use plain-text authentication (which may or may not be right - you�d have to know what kind of authentication is supported for the Zoho SMTP service).

In short: without a working Sendmail macro this could be a lot of work to get up and running. A better bet here is to find another host on your network that can actualy be configured to act as a genuine smart relay for your domain, and to just set Sendmail up to use that host as its smart relay rather than this external service.

Here is what i did.

Please suggest if i missed anything; still no luck though :(.

Step1:

[root@development_techx ~]#  makemap hash /etc/mail/default-auth-info</etc/mail/default-auth-info
[root@development_techx ~]# more /etc/mail/default-auth-info
AuthInfo:smtp.zoho.com "U:mohtashim@techx.com" "P:mypassword" "M:PLAIN"

Step2:
Enabled the below in /etc/mail/sendmail.cf

# default authentication information for outgoing connections
O DefaultAuthInfo=/etc/mail/default-auth-info

Step 3:
Restart sendmail service.

Below is the configuration from the sendmail.cf file.

[root@development_digiklug ~]# grep -i authinfo /etc/mail/sendmail.cf
O DefaultAuthInfo=/etc/mail/default-auth-info
###  authinfo: lookup authinfo in the access map
Sauthinfo
R$*             $: $1 $| $>D <$&{server_name}> <?> <! AuthInfo> <>
R$* $| <?>$*    $: $1 $| $>A <$&{server_addr}> <?> <! AuthInfo> <>
R$* $| <?>$*    $: $1 $| <$(access AuthInfo: $: ? $)> <>
R$* $| <?>$*    $@ no                           no authinfo available

Can you tell me if the above looks good ?

However it still fails with the same error as in my previous post.

@drysdalk: A better bet here is to find another host on your network that can actualy be configured to act as a genuine smart relay for your domain, and to just set Sendmail up to use that host as its smart relay rather than this external service.

Can you suggest any freeware and how to configure/install it so that we don't end up in a similar situation ?

---------- Post updated at 09:20 AM ---------- Previous update was at 03:51 AM ----------

UPDATE: One of the Admin had installed a software called as Jira on the same system and JIRA is able to send out emails to our email ID from info@dev.techx.com to mohtashim@techx.com.

I dont know how does it do that nor can i figure it out.

Anyways it will be great if i could find a solution to sending emails to mohtashim@techx.com from this server.

Hi,

Now that you've fixed your host file problem, you might not actually need the smart relay. What happens if you take it out (just going back to the blank DS line), but keep the hosts file changes you made ?

It still does not work. I will update the maillog in a few hrs.

Here is what I think.

1. I think we need to enable TLS in sendmail for zoho to work. Not sure how to do that if someone can help.

2. Would appreciate some document web resource that helps easily setup smart relay on Linux centos 7as an alternate incase zoho does not work.

3. Below is the configuration that helps softwares on my server to send out emails using the same zoho.

production: email_delivery: 
delivery_method: :smtp 
  smtp_settings: 
    address: smtp.zoho.com
    enable_starttls_auto: true
    port: 587
    domain: tech.com
    authentication: :login 
    user_name: mohtashim@techx.com
    password: redmine

Hi,

OK, thanks - it would be interesting to know exactly why this didn't work, and what precisely caused the mail delivery to fail, which we'll hopefully get clues about from your mail logs.

One thing I'm not 100% clear on is why you actually need a smart relay here. Ultimately, barring there being networking restrictions in place that prevent your host communicating over SMTP with the outside world, there's nothing a dedicated smart relay box can do that your own local Sendmail install can't. Unless as I say something is configured on your network to stop your own dev box sending mail to the Internet, then it shoud be perfectly capable of delivering e-mail via SMTP to any host without needing a relay.

Of course, other hosts may well still reject that mail for a variety of reasons (e.g. they think it resembles spam, your IP/network range has a poor reputation, your reverse DNS doesn't match your forward DNS, you've gotten yourself listed on an RBL like Spamhaus, etc, etc). So if that's the reason you need a smart host - your own dev box is being rejected by other Internet hosts - then you'd need a smart host on your network that had none of the problems of your dev box, which might actually be hard to do.

Do you have a corporate SMTP gateway or mail server that deals with the normal incoming and outgoing e-mail for your whole site ? If so, can you maybe configure your smart relay to be that host instead. I imagine that somewhere locally you already have a host that handles routine e-mail functionality, and it might well be capable of acting as a smart relay in that case (though it will probably need to be configured to allow the IP of your dev box to relay through it).

In my previous post i strongly believe that it is the missing TLS entries in the sendmail.mc or .cf that is causing the send mail not to work. The reason behind this conclusion is that SMTP email service for zoho is working on my same server with the below details.

production: email_delivery: 
delivery_method: :smtp 
  smtp_settings: 
    address: smtp.zoho.com
    enable_starttls_auto: true
    port: 587
    domain: tech.com
    authentication: :login 
    user_name: mohtashim@techx.com
    password: redmine

Removing the TLS entry enable_starttls_auto: true from SMTP fails the email service from working. However, i need help directions in enabling TLS on sendmail.

I was able to fix the relay host not being generated in the sendmail.cf file by fixing the syntax issue in the sendmail.mc file.

Please find the logs after the hosts file was fixed below with DSsmtp.zoho.com entry in the sendmail.cf & Mail NOT working below.

Attaching the sendmail.mc here.

Please suggest.

Hi,

Sorry for the delay in replying - glad you've gotten your Sendmail config generating correctly now at least. I'm afraid I can't really help you much further though, sorry. I've got no experience myself in setting up Sendmail to do what you're trying to do, as I've never had to set up a Sendmail box to do quite what you're trying to do.

From some Googling it seems it's certainly possible to get Sendmail to talk to an MSA rather than an MTA and authenticate against it using the authinfo mechanism previously discussed, but as you say you might need to get TLS and other things besides working for this to operate correctly. Perhaps others who have gone down this road and are reading this thread could advise you on how to proceed, if this is really something you absolutely have to do.

On that subject, though: again, is there a reason you have to do this, and pass the mail on to a server that is normally used for talking to mail clients and whatnot ? Why can't you just straight send this mail to its correct destination from your local server, without a relay or smart host or anything else in the way ? Or alternatively, is there not a mail server on site that already is set up to do e-mail correctly that you can just use as your smart relay, saving yourself all this trouble ?