Sendmail general noob question...

[fred974]

Hi guys,

Why do all the tutorials/howtos I came across on the web have

sendmail_enable="NO"

Is there a major security reason for it?

I just added the following in my /etc/crontab to keep my system secure

# Daily check for security updates
@daily                                  root    freebsd-update cron

I then changed the /etc/aliases file with to get the email inside our own e-mail mailbox:

root: me@example.com

then did a make inside /etc/mail.

When I do mail root, I get no email. Could anyone help please? Thank you.

Fred

 

[SirDice]

Did you run newaliases(1) after you made changes to /etc/aliases?

 

[ondra_knezour]

Did you run newaliases(1) after you made changes to /etc/aliases?

Should not be needed, if I got the /etc/mail/Makefile right. Running make should call sendmail -bi the same way like newaliases does.

 

[fred974]

Yes, setting this (it's the default by the way) enables sendmail but only allows local submissions. Setting it to YES will make sendmail listen to external connections.


Did you run newaliases(1) after you made changes to /etc/aliases?

No I didn't ... I just ran newaliases -rebuilds but I am still unable to receive any email.

Have I missed anything else?

Here is my rc.conf file

sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

Thank you.

fred

 

[SirDice]

Remove all those sendmail entries from rc.conf. The default settings are fairly safe, it will only accept locally submitted mail.

 

[fred974]

Remove all those sendmail entries from rc.conf. The default settings are fairly safe, it will only accept locally submitted mail.

Sorry @SirDice, is this what you ask me to do:

#sendmail_enable="NO"
#sendmail_submit_enable="NO"
#sendmail_outbound_enable="NO"
#sendmail_msp_queue_enable="NO"

 

[SirDice]

Yes, then restart sendmail: service sendmail restart. Check if it's running and listening: sockstat -46 | grep sendmail. You should see something like this:

root     sendmail   938   3  tcp4   127.0.0.1:25          *:*

The settings you had before disabled sendmail completely. So there was nothing to submit mail to (sendmail_submit_enable) and nothing to pass it to an external mail server (sendmail_outbound_enable).

 

[fred974]

Thank you @SirDice,

If I comment all the setting as above, I cannot start sendmail as

Cannot 'start' sendmail. Set sendmail_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'.
root@beasty:/usr/home/sysadmin # service sendmail onestart

So I did a service sendmail onestarta and i did get root sendmail 2892 3 tcp4 127.0.0.1:25 *:*

But still no email.

mail root
Subject: test email
please work
EOT

Do I need to open a specific port on my home router?

 

[kpa]

There's a little snag with the integration between service(8) and the /etc/rc.d/sendmail script. If you don't have sendmail_enable set to YES you have do this instead to restart the sendmail(8) service:

cd /etc/mail
make restart

 

[fred974]

There's a little snag with the integration between service(8) and the /etc/rc.d/sendmail script. If you don't have sendmail_enable set to YES you have do this instead to restart the sendmail(8) service:

cd /etc/mail
make restart

Thanks for the reply @kpa. When I typed cd /etc/mail and make restart I get the following:

root@beasty:/etc/mail # make restart
Restarting:/etc/rc.sendmail: restart-mta: /var/run/sendmail.pid not found
/etc/rc.sendmail: restart-mspq: /var/spool/clientmqueue/sm-client.pid not found

 

[kpa]

That means that there was no sendmail(8) running, the "not found" messages are from make stop that the make restart command executes before doing make start.

Check with sockstat -l4 -p25 that the daemon is running.

 

[SirDice]

I don't think it was ever started. So a restart won't work. Try this: /etc/rc.d/sendmail start.

 

[fred974]

Ok... I'm not losing the plot! It looks like it is the third party mail host that does not accept my emails.

I have set a fixed IP address on the server but I take it it is only recognised a been fix at home Will and email to Zohoo mail resolve the issue or do I need to use something like no-ip?

Message 17:
From MAILER-DAEMON Fri Aug 30 14:17:08 2013
Date: Fri, 30 Aug 2013 14:17:08 GMT
From: Mail Delivery Subsystem <MAILER-DAEMON>
To: <sysadmin@beasty.example.co.uk>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
        boundary="r7UEH8CT001348.1377872228/beasty.example.co.uk"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)

This is a MIME-encapsulated message

--r7UEH8CT001348.1377872228/beasty.example.co.uk

The original message was received at Fri, 30 Aug 2013 14:17:07 GMT
from localhost [127.0.0.1]

   ----- The following addresses had permanent fatal errors -----
webmaster@example.co.uk
    (reason: 451 4.4.1 reply: read error from mx.zohomail.com.)
    (expanded from: <root@beasty.example.co.uk>)

   ----- Transcript of session follows -----
... while talking to mx.zohomail.com.:
>>> DATA
<<< 550 Mail rejected by <Zoho Mail> for policy reasons. We generally do not accept email from dynamic IP's as they are typically used to deliver unauthenticated SMTP e-mail to an Internet mail server. http://www.spamhaus.org maintains lists of dynamic and residential IP addresses. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please contact <support@zohomail.com> for email delivery information and support
451 4.4.1 reply: read error from mx.zohomail.com.
554 5.0.0 Service unavailable

--r7UEH8CT001348.1377872228/beasty.example.co.uk
Content-Type: message/delivery-status

Reporting-MTA: dns; beasty.example.co.uk
Received-From-MTA: DNS; localhost
Arrival-Date: Fri, 30 Aug 2013 14:17:07 GMT

Final-Recipient: RFC822; root@beasty.example.co.uk
X-Actual-Recipient: RFC822; webmaster@example.co.uk
Action: failed
Status: 4.4.2
Remote-MTA: DNS; mx.zohomail.com
Diagnostic-Code: SMTP; 451 4.4.1 reply: read error from mx.zohomail.com.
Last-Attempt-Date: Fri, 30 Aug 2013 14:17:08 GMT

--r7UEH8CT001348.1377872228/beasty.example.co.uk
Content-Type: message/rfc822

Return-Path: <sysadmin@beasty.example.co.uk>
Received: from beasty.example.co.uk (localhost [127.0.0.1])
        by beasty.example.co.uk (8.14.5/8.14.5) with ESMTP id r7UEH7CT001347
        for <root@beasty.example.co.uk>; Fri, 30 Aug 2013 14:17:07 GMT
        (envelope-from sysadmin@beasty.example.co.uk)
Received: (from root@localhost)
        by beasty.example.co.uk (8.14.5/8.14.5/Submit) id r7UEH7UW001346
        for root; Fri, 30 Aug 2013 14:17:07 GMT
        (envelope-from sysadmin)
Date: Fri, 30 Aug 2013 14:17:07 GMT
From: Ets IT Services <sysadmin@beasty.example.co.uk>
Message-Id: <201308301417.r7UEH7UW001346@beasty.example.co.uk>
To: root@beasty.example.co.uk
Subject: test

test

--r7UEH8CT001348.1377872228/beasty.example.co.uk--