Jeffrey J. Kosowsky
2004-08-31 05:23:26 UTC
I have sendmail 8.12.10 running on my Fedora Core 1/Linux 2.4.20
machine.
For sending mail, I have no trouble sending mail from my server to
other users on the server or to external users (via Authinfo and my
ISP).
For receiving mail, I usually get mail from external users by having
them send mail to my ISP account and then using fetchmail to transfer
the mail to my local server accounts. However, to avoid the 5MB size
limit imposed by my ISP, I would also occassionally like to allow
others to send email directly to accounts on my sendmail server.
I have done the following:
1. Opened up port 25 on my hardware router/firewall
2. Opened up port 25 on my iptables software firewall
3. Set up (and ran makemap hash...) virtusertable:
***@mydomain.dyndns.ws me
When I send mail from an external webmail account to my account on my
local server, the mail bounces back and I get the following message in
my server maillog:
Aug 31 00:32:28 myserver sendmail[18740]: i7V4WSZu018740:
ruleset=check_rcpt, arg1=<***@mydomain.dyndns.ws>,
relay=web53902.mail.yahoo.com [206.190.36.212], reject=550 5.7.1
<***@mydomain.dyndns.ws>... Relaying denied. Proper authentication required.
Aug 31 00:32:28 myserver sendmail[18740]: i7V4WSZu018740:
from=<***@yahoo.com>, size=0, class=0, nrcpts=0, proto=SMTP,
daemon=MTA, relay=web53902.mail.yahoo.com [206.190.36.212]
This plus the fact that I can telnet to my sendmail server confirms
that there are no problems with firewalls and that the sendmail daemon
is indeed running.
So here are my questions:
1. Perhaps I am misunderstanding relaying, but I thought that *relaying* is
only when I am using my server to accept email from another machine and
then forward it on to third machine. I am only trying to allow mail
sent to an account on my server to be *delivered* to that account. Why
is relaying involved at all? (Am I misunderstanding the difference
between mail relay and delivery?)
2. Similarly why is authentication a problem here. Again I am only
trying to deliver mail on my server, not relay it. I thought that
the authentication lines were only for when I am trying to send
email externally to another machine via my ISP which requires smtp
authentication.
So more generally, what am I missing and what am I doing wrong here?
Thanks,
Jeff
-------------------------------------
Here are some of the potentially relevant lines in my sendmail.mc
file:
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db') dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')dnl JJK: added
FEATURE(`genericstable', `hash -o /etc/mail/genericstable.db')dnl JJK: added
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
FEATURE(masquerade_envelope)dnl
My 'access' file contains:
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
(this is based on my assumption that I only want to allow relaying
from my localhost).
machine.
For sending mail, I have no trouble sending mail from my server to
other users on the server or to external users (via Authinfo and my
ISP).
For receiving mail, I usually get mail from external users by having
them send mail to my ISP account and then using fetchmail to transfer
the mail to my local server accounts. However, to avoid the 5MB size
limit imposed by my ISP, I would also occassionally like to allow
others to send email directly to accounts on my sendmail server.
I have done the following:
1. Opened up port 25 on my hardware router/firewall
2. Opened up port 25 on my iptables software firewall
3. Set up (and ran makemap hash...) virtusertable:
***@mydomain.dyndns.ws me
When I send mail from an external webmail account to my account on my
local server, the mail bounces back and I get the following message in
my server maillog:
Aug 31 00:32:28 myserver sendmail[18740]: i7V4WSZu018740:
ruleset=check_rcpt, arg1=<***@mydomain.dyndns.ws>,
relay=web53902.mail.yahoo.com [206.190.36.212], reject=550 5.7.1
<***@mydomain.dyndns.ws>... Relaying denied. Proper authentication required.
Aug 31 00:32:28 myserver sendmail[18740]: i7V4WSZu018740:
from=<***@yahoo.com>, size=0, class=0, nrcpts=0, proto=SMTP,
daemon=MTA, relay=web53902.mail.yahoo.com [206.190.36.212]
This plus the fact that I can telnet to my sendmail server confirms
that there are no problems with firewalls and that the sendmail daemon
is indeed running.
So here are my questions:
1. Perhaps I am misunderstanding relaying, but I thought that *relaying* is
only when I am using my server to accept email from another machine and
then forward it on to third machine. I am only trying to allow mail
sent to an account on my server to be *delivered* to that account. Why
is relaying involved at all? (Am I misunderstanding the difference
between mail relay and delivery?)
2. Similarly why is authentication a problem here. Again I am only
trying to deliver mail on my server, not relay it. I thought that
the authentication lines were only for when I am trying to send
email externally to another machine via my ISP which requires smtp
authentication.
So more generally, what am I missing and what am I doing wrong here?
Thanks,
Jeff
-------------------------------------
Here are some of the potentially relevant lines in my sendmail.mc
file:
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db') dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')dnl JJK: added
FEATURE(`genericstable', `hash -o /etc/mail/genericstable.db')dnl JJK: added
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
FEATURE(masquerade_envelope)dnl
My 'access' file contains:
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY
(this is based on my assumption that I only want to allow relaying
from my localhost).