Re: AW: [suse-security] Why does sendmail deny relaying?
Hi,
uname -a : Linux homer 2.2.16-SMP #1 SMP Wed Aug 2 20:01:21 GMT 2000
i686 unknown
sendmail version: starting daemon (8.10.2): SMTP+queueing@00:30:00
(from mail log)
I also have a problem with relaying in sendmail.
I would like machines from domain a, b and c to be able to use my mail
server (SuSE Linux 7.0 Pro) to send mails to any other domain.
Initially I inserted domains a, b,and c into /etc/mail/relay-domains.
This allowed me to pass on mails from remote clients to one of the
listed domains.
Sending a mail to a domain not listed causes the following error to
appear in the sender's mail client:
An error occurred while sending mail
The mail server responded:
5.7.1
O PrivacyOptions=needmailhelo,novrfy,noexpn,noetrn,noverb
and restarted sendmail
I followed the instructions below and added domains A,B and C to access.db ie: a-sub-domain.a-domain ACCEPT I then ran the Makefile and restarted sendmail. I still get the relay error listed above. The only way I can seem to get round this is if I add domains A,B and C back into /etc/mail/relay-domains file. However, while I can then use my mail server to relay mail to those domains, I cannot relay to other un-listed domains. How can I specify that domains A,B and C are allowed to use my mail server to relay messages to any other domain on the Internet? I must be missing something fundamental here, but can't think what? Many thanks in advance regards Garry Roman Drahtmueller wrote:
If you put in access.db 212.121.144.197 ACCEPT
it will work.
Yes, and don't forget to hash the plaintextfile. Use the Makefile that I've put in the attachment. Place it in /etc/mail, go there and type make. Little gift from the 7.1 sendmail package...
Philipp
Thanks, Roman. -- - - | Roman Drahtmüller
// "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - - ------------------------------------------------------------------------ Name: Makefile Makefile Type: Plain Text (TEXT/PLAIN) Encoding: BASE64 Description: Makefile for /etc/mail
------------------------------------------------------------------------ --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
I've just had the same problem as you. Upgraded from 6.3 to 7.0 and mail
relaying broke, despite having an unchanged relay-domains. Having battled
with this for hours and out of a willingness to try ANYTHING I added my
internal domain to relay-domains in dot notation -- hey presto it worked.
Oh, I also commented out the Privacy line you mentioned to get rid of those
messages too ... why is the default behaviour of sendmail now to DNS lookup
every bloody system that mail comes in on?
This is the last straw .. I have disliked sendmail for some time now because
you have you reach sendmail-guru status before you can even start to fiddle
with anything that lives outside of rc.config ... time do dump [that]
garbage into the bit bucket and learn me some Postfix.
John
-----Original Message-----
From: garry@suse.com [mailto:garry@suse.com]On Behalf Of Garry Smith
Sent: 17 January 2001 14:19
To: suse-linux-e@suse.com
Cc: suse-linux-security@suse.com; garry.smith@computer.org
Subject: [SLE] Re: AW: [suse-security] Why does sendmail deny relaying?
Hi,
uname -a : Linux homer 2.2.16-SMP #1 SMP Wed Aug 2 20:01:21 GMT 2000
i686 unknown
sendmail version: starting daemon (8.10.2): SMTP+queueing@00:30:00
(from mail log)
I also have a problem with relaying in sendmail.
I would like machines from domain a, b and c to be able to use my mail
server (SuSE Linux 7.0 Pro) to send mails to any other domain.
Initially I inserted domains a, b,and c into /etc/mail/relay-domains.
This allowed me to pass on mails from remote clients to one of the
listed domains.
Sending a mail to a domain not listed causes the following error to
appear in the sender's mail client:
An error occurred while sending mail
The mail server responded:
5.7.1
O PrivacyOptions=needmailhelo,novrfy,noexpn,noetrn,noverb
and restarted sendmail
I followed the instructions below and added domains A,B and C to access.db ie: a-sub-domain.a-domain ACCEPT I then ran the Makefile and restarted sendmail. I still get the relay error listed above. The only way I can seem to get round this is if I add domains A,B and C back into /etc/mail/relay-domains file. However, while I can then use my mail server to relay mail to those domains, I cannot relay to other un-listed domains. How can I specify that domains A,B and C are allowed to use my mail server to relay messages to any other domain on the Internet? I must be missing something fundamental here, but can't think what? Many thanks in advance regards Garry Roman Drahtmueller wrote:
If you put in access.db 212.121.144.197 ACCEPT
it will work.
Yes, and don't forget to hash the plaintextfile. Use the Makefile that I've put in the attachment. Place it in /etc/mail, go there and type make. Little gift from the 7.1 sendmail package...
Philipp
Thanks, Roman. -- - - | Roman Drahtmüller
// "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - - ------------------------------------------------------------------------ Name: Makefile Makefile Type: Plain Text (TEXT/PLAIN) Encoding: BASE64 Description: Makefile for /etc/mail
------------------------------------------------------------------------ --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Sunday 21 January 2001 01:40, john wrote: [snip]
This is the last straw .. I have disliked sendmail for some time now because you have you reach sendmail-guru status before you can even start to fiddle with anything that lives outside of rc.config ... time do dump [that] garbage into the bit bucket and learn me some Postfix.
[snip] You won't regret it. Although Postfix has been around for some time, and is very stable the first official non-beta release will be issued in a couple of weeks. It is a very solid piece of software, written by a very clever man. Go for it ! Cliff
participants (3)
-
Cliff Sarginson
-
Garry Smith
-
john