1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

unable to deliver..Remote host said: 550 5.1.1 <>... User unknown [RCPT_TO], sendmail

Discussion in 'Web and Network Services' started by c00kie, Dec 26, 2012.

  1. c00kie

    c00kie New Member

    Messages:
    163
    Likes Received:
    0
    hi

    I have a FreeBSD 9 VPS server with a hosting company. I'm using it as a web server with FAMP amongst other things installed on it. They give me minimal support with the admin of the server. I say minimal since anyting port or daemon related and 'fix it yourself' basically.

    I configured sendmail on the server some months ago and got it to work. I could send and receive emails both ways; from my server (shell) to google and vice versa.

    It's now suddenly stopped working. Emails sent from two web based mail clients, gmail and yahoo fail to reach my server. I'm trying to send a message from mygmail@gmail.com account to my FreeBSD machine admin@example.org which is configured through sendmail.

    Both report:
    Things don't suddenly stop working - what's happened?

    I look in my /var/log/maillog

    with the last few lines....
    Code:
    ...
    Dec 26 02:54:05 web sm-mta[52936]: qBQ7s5iG052936: from=<test@live.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=www.tfgapt.com [66.195.68.134]
    Dec 26 03:01:14 web sm-mta[52971]: qBQ81DqF052971: ruleset=check_rcpt, arg1=<therichsheickc@yahoo.com>, relay=79.161.3.142.static.lyse.net [79.161.3.142] (may be forged), reject=550 5.7.1 <therichsheickc@yahoo.com>... Relaying denied. IP name possibly forged [79.161.3.142]
    Dec 26 03:01:14 web sm-mta[52971]: qBQ81DqF052971: from=<test@live.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=79.161.3.142.static.lyse.net [79.161.3.142] (may be forged)
    ...
    Dec 26 03:59:14 web sm-mta[53125]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon IPv4: cannot bind: Address already in use
    Dec 26 03:59:14 web sm-mta[53125]: daemon IPv4: problem creating SMTP socket
    Dec 26 03:59:14 web sm-mta[53125]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon IPv4: server SMTP socket wedged: exiting
    Dec 26 03:59:17 web sm-mta[53142]: qBQ8xHPx053142: <admin@example.org>... User unknown
    Dec 26 03:59:17 web sm-mta[53142]: qBQ8xHPx053142: from=<mygmail@gmail.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=mail-ee0-f66.google.com [74.125.83.66]
    Dec 26 04:00:48 web sm-mta[53159]: qBQ90iUh053159: ruleset=check_rcpt, arg1=<therichsheickc@yahoo.com>, relay=CPE-120-146-193-153.static.vic.bigpond.net.au [120.146.193.153], reject=550 5.7.1 <therichsheickc@yahoo.com>... Relaying denied
    Dec 26 04:00:48 web sm-mta[53159]: qBQ90iUh053159: from=<test@live.com>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=IPv4, relay=CPE-120-146-193-153.static.vic.bigpond.net.au [120.146.193.153]
    
    
    With stuff like

    Code:
    NOQUEUE: SYSERR(root): opendaemonsocket: daemon IPv4: cannot bind: Address already in use
    <therichsheickc@yahoo.com>... Relaying denied. IP name possibly forged [79.161.3.142] (may be forged)
    

    Alarm bells start to ring. I know sendmail is a complex business and someting that I have very little knowledge of or
    experience with. You can only learn so much from the manual pages.


    My biggest fear is 'Is my sendmail daemon now being used as a spam bot?' In my naive sendmail configuration do I need
    to tighten security up somewhat? If so, what are some basic steps to take?

    My: /etc/mail/access

    Code:
    From:example.org		OK
    From:admin.example.org		OK
    
    /etc/mail/aliases

    Code:
    # Pretty much everything else in this file points to "root", so
    # you would do well in either reading root's mailbox or forwarding
    # root's email from here.
    
    root: user
    
    # Basic system aliases -- these MUST be present
    MAILER-DAEMON: postmaster
    postmaster: root
    ...
    # NETWORK OPERATIONS MAILBOX NAMES
    abuse:	root
    # noc:		root
    security:	root
    admin:		root
    
    
    /etc/mail/local-host-names

    Code:
    example.org
    admin.example.org
    localhost
    

    /etc/mail/virtusertable

    Code:
    admin@example.org	user
    

    Am I being over paranoid? And what steps should I take to get it working again?