Sendmail not using aliases (or wrong domain)

Hello,

I've tried all the sendmail hackery I know of and can't figure this out. I have one VM of about 15 that doesn't send out email correctly. The hostname is cb.domain.com, it's in DNS with a CNAME to domain.com (which has an A record). This is the only difference I can think of. It runs a Tomcat app that is proxied by the web server. My @domain.com email is handled by Google.

I have this in my /etc/mail/aliases (and I've rebuilt it many times):

Code:
josh: josh@domain.com
root: josh

I've also tried with
Code:
root: josh@domain.com
but that didn't help. If I test this out (new to me), I get:

Code:
cb# sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> 3,0 josh
canonify           input: josh
Canonify2          input: josh
Canonify2        returns: josh
canonify         returns: josh
parse              input: josh
Parse0             input: josh
Parse0           returns: josh
ParseLocal         input: josh
ParseLocal       returns: josh
Parse1             input: josh
Parse1           returns: $# local $: josh
parse            returns: $# local $: josh
> 3,0 root
canonify           input: root
Canonify2          input: root
Canonify2        returns: root
canonify         returns: root
parse              input: root
Parse0             input: root
Parse0           returns: root
ParseLocal         input: root
ParseLocal       returns: root
Parse1             input: root
Parse1           returns: $# local $: root
parse            returns: $# local $: root

This doesn't seem right to me, there's no @domain.com in there anywhere... DNS lookups work, and this is my /etc/resolv.conf (10.3.0.1 is the router):

Code:
cb# cat /etc/resolv.conf
search domain.com
nameserver 10.3.0.1
nameserver 4.2.2.2
nameserver 8.8.8.8
nameserver 4.2.2.3
nameserver 8.8.4.4

This is (most of) my /etc/hosts:

Code:
cb# grep -Ev '^(#|$)' /etc/hosts
::1     localhost       localhost.my.domain
127.0.0.1       localhost       localhost.my.domain
...
10.3.0.18       cb.domain.com  cb

I tried setting Dj in /etc/mail/submit.cf to cb.domain.com, in case it was thinking that it should receive @domain.com email (which it shouldn't), but that didn't help so I reverted that.

I am NOT running the "normal" sendmail MTA, just sm-mta (the default setup for FreeBSD 9).

This is what I get in the logs when I run periodic daily:

Code:
Dec 31 11:27:45 cb sendmail[16274]: qBVGRjZA016274: from=josh, size=441, class=0, nrcpts=1, msgid=<201212311627.qBVGRjZA016274@cb.domain.com>,
 relay=root@localhost
Dec 31 11:27:45 cb sendmail[16324]: qBVGRj7c016324: from=josh, size=1722, class=0, nrcpts=1, msgid=<201212311627.qBVGRj7c016324@cb.domain.com>,
 relay=root@localhost
Dec 31 11:27:45 cb sm-mta[16327]: qBVGRj0v016327: from=<josh@cb.domain.com>, size=2039, class=0, nrcpts=1,
 msgid=<201212311627.qBVGRj7c016324@cb.domain.com>, proto=ESMTP, daemon=Daemon0, relay=localhost [127.0.0.1]
Dec 31 11:27:45 cb sm-mta[16326]: qBVGRjj6016326: from=<josh@cb.domain.com>, size=758, class=0, nrcpts=1,
 msgid=<201212311627.qBVGRjZA016274@cb.domain.com>, proto=ESMTP, daemon=Daemon0, relay=localhost [127.0.0.1]
Dec 31 11:27:45 cb sendmail[16274]: qBVGRjZA016274: to=root, ctladdr=josh (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30441,
 relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (qBVGRjj6016326 Message accepted for delivery)
Dec 31 11:27:45 cb sendmail[16324]: qBVGRj7c016324: to=root, ctladdr=josh (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31722,
 relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (qBVGRj0v016327 Message accepted for delivery)
Dec 31 11:27:47 cb sm-mta[16330]: STARTTLS=client, relay=aspmx.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-SHA, bits=128/128
Dec 31 11:27:47 cb sm-mta[16331]: STARTTLS=client, relay=aspmx.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-SHA, bits=128/128
Dec 31 11:27:50 cb sm-mta[16330]: qBVGRj0v016327: to=<root@cb.domain.com>, delay=00:00:05, xdelay=00:00:05, mailer=esmtp, pri=32039,
 relay=aspmx.l.google.com. [74.125.131.26], dsn=5.1.1, stat=User unknown
Dec 31 11:27:50 cb sm-mta[16331]: qBVGRjj6016326: to=<root@cb.domain.com>, delay=00:00:05, xdelay=00:00:05, mailer=esmtp, pri=30758,
 relay=aspmx.l.google.com. [74.125.131.26], dsn=5.1.1, stat=User unknown
Dec 31 11:27:50 cb sm-mta[16330]: qBVGRj0v016327: qBVGRo0v016330: DSN: User unknown
Dec 31 11:27:50 cb sm-mta[16331]: qBVGRjj6016326: qBVGRoj6016331: DSN: User unknown
Dec 31 11:27:51 cb sm-mta[16330]: qBVGRo0v016330: to=<josh@cb.domain.com>, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=33063,
 relay=aspmx.l.google.com. [74.125.131.26], dsn=2.0.0, stat=Sent (OK 1356971271 u10si43459811vdv.144)
Dec 31 11:27:51 cb sm-mta[16331]: qBVGRoj6016331: to=<josh@cb.domain.com>, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=31782,
 relay=aspmx.l.google.com. [74.125.131.26], dsn=2.0.0, stat=Sent (OK 1356971271 o8si43466719vdv.129)

And in Google I get two postmaster bounce emails (the DSNs).

As I said, I have over a dozen VMs that work just fine, but they aren't in DNS proper, just hosts, and Puppet distributes most of these files, so the config should be the same. I've done diff -r on /etc/mail to make sure there are no other or lingering changes, and it's back to defaults, but still doesn't work.

I suspect that the DNS entry is what is messing it up, but I don't know how, and I don't know how I can set it so that it works either way (for hosts with DNS, and hosts without).

What else should I check or try?

Thanks,
Josh

P.S. God I wish FreeBSD used Postfix in base. :p
 
Hmmm, that's correct, it's a local user, but wouldn't the alias "redirect" the mail elsewhere?

The issue I'm seeing (maybe I didn't explain it well, or at all?) is that the nightly emails are sent to the wrong address and "bounce". They are sent to root, which should go to my GMail address, but instead go to root@cb.domain.com. This ends up hitting GMail, presumably because of the domain.com MX, which says "no user root" and bounces, creating a DSN on the server, which then goes back to GMail...

What I'm looking for is for root's email to go directly to my GMail, via direct alias or to josh, which is in turn an alias for my GMail account. This works on the other VMs, without modification, so I'm not sure why it doesn't here.
 
The alias "redirect" should work as you expect.

Try to run sendmail from the command line # sendmail -bt -d21.12
This will give you detailed information about rewriting of addresses. You can take the output and go step by step through your sendmail.cf to see how sendmail is rewriting your addresses
 
I tried that, but can't follow what it says (below)... I don't see anything that suggests it's reading /etc/mail/aliases. I did find out that the sm-msp daemon (local submit daemon) doesn't use submit.cf or freebsd.submit.cf, it uses sendmail.cf. I re-tried setting Dj and other stuff but it still didn't help... Argh!

I'm going to remove the hostname from DNS and see if that fixes it...then it's set up the same as the other VMs...

Code:
cb# sendmail -bt -d21.12
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> 3,0 root
canonify           input: root
-----trying rule: $@
----- rule fails
-----trying rule: $*
-----rule matches: $: $1 < @ >
rewritten as: root < @ >
-----trying rule: $* < $* > $* < @ >
----- rule fails
-----trying rule: @ $* < @ >
----- rule fails
-----trying rule: $* [ IPv6 : $+ ] < @ >
----- rule fails
-----trying rule: $* : : $* < @ >
----- rule fails
-----trying rule: : include : $* < @ >
----- rule fails
-----trying rule: $* : $* [ $* ]
----- rule fails
-----trying rule: $* : $* < @ >
----- rule fails
-----trying rule: $* < @ >
-----rule matches: $: $1
rewritten as: root
-----trying rule: $* ;
----- rule fails
-----trying rule: $* < $+ : ; > $*
----- rule fails
-----trying rule: $* < $* ; >
----- rule fails
-----trying rule: $@
----- rule fails
-----trying rule: $*
-----rule matches: $: < $1 >
rewritten as: < root >
-----trying rule: $+ < $* >
----- rule fails
-----trying rule: < $* > $+
----- rule fails
-----trying rule: < >
----- rule fails
-----trying rule: < $+ >
-----rule matches: $: $1
rewritten as: root
-----trying rule: @ $+ , $+
----- rule fails
-----trying rule: @ [ $* ] : $+
----- rule fails
-----trying rule: @ $+ : $+
----- rule fails
-----trying rule: $+ : $* ; @ $+
----- rule fails
-----trying rule: $+ : $* ;
----- rule fails
-----trying rule: $+ @ $+
----- rule fails
-----trying rule: $+ < $+ @ $+ >
----- rule fails
-----trying rule: $+ < @ $+ >
----- rule fails
-----trying rule: $- ! $+
----- rule fails
-----trying rule: $+ . $- ! $+
----- rule fails
-----trying rule: $+ ! $+
----- rule fails
-----trying rule: $* % $*
----- rule fails
-----trying rule: $* @ $* @ $*
----- rule fails
-----trying rule: $* @ $*
----- rule fails
-----trying rule: $*
-----rule matches: $@ $> Canonify2 $1
Canonify2          input: root
-----trying rule: $* < @ localhost > $*
----- rule fails
-----trying rule: $* < @ localhost . domain . com > $*
----- rule fails
-----trying rule: $* < @ localhost . UUCP > $*
----- rule fails
-----trying rule: $* < @ [ $+ ] > $*
----- rule fails
-----trying rule: $* < @ @ $=w > $*
----- rule fails
-----trying rule: $* < @ @ $+ > $*
----- rule fails
-----trying rule: $* < @ $+ . UUCP > $*
----- rule fails
-----trying rule: $* < @ $+ . . UUCP . > $*
----- rule fails
-----trying rule: $* < @ $* $=P > $*
----- rule fails
-----trying rule: $* < @ $* $~P > $*
----- rule fails
-----trying rule: $* CC $* $| $* < @ $+ . $+ > $*
----- rule fails
-----trying rule: $* CC $* $| $*
----- rule fails
-----trying rule: $* $| $* < @ $* > $*
----- rule fails
-----trying rule: $* $| $*
----- rule fails
-----trying rule: $* < @ $=w > $*
----- rule fails
-----trying rule: $* < @ $=M > $*
----- rule fails
-----trying rule: $* < @ $={VirtHost} > $*
----- rule fails
-----trying rule: $* < @ $* . . > $*
----- rule fails
Canonify2        returns: root
rewritten as: root
canonify         returns: root
parse              input: root
-----trying rule: $*
-----rule matches: $: $> Parse0 $1
Parse0             input: root
-----trying rule: < @ >
----- rule fails
-----trying rule: $* : $* ; < @ >
----- rule fails
-----trying rule: @ < @ $* >
----- rule fails
-----trying rule: < @ $+ >
----- rule fails
-----trying rule: $+ < @ >
----- rule fails
-----trying rule: $*
-----rule matches: $: < > $1
rewritten as: < > root
-----trying rule: < > $* < @ [ $* ] : $+ > $*
----- rule fails
-----trying rule: < > $* < @ [ $* ] , $+ > $*
----- rule fails
-----trying rule: < > $* < @ [ $* ] $+ > $*
----- rule fails
-----trying rule: < > $* < @ [ $+ ] > $*
----- rule fails
-----trying rule: < > $* < $* : $* > $*
----- rule fails
-----trying rule: < > $*
-----rule matches: $1
rewritten as: root
-----trying rule: < > $*
----- rule fails
-----trying rule: $* < @ . $* > $*
----- rule fails
-----trying rule: $* < @ $* . . $* > $*
----- rule fails
-----trying rule: $* < @ $* @ > $*
----- rule fails
-----trying rule: $* @ $* < @ $* > $*
----- rule fails
-----trying rule: $* , $~O $*
----- rule fails
-----trying rule: $* < @ > $*
----- rule fails
-----trying rule: < @ $=w . > : $*
----- rule fails
-----trying rule: $- < @ $=w . >
----- rule fails
-----trying rule: < @ $+ >
----- rule fails
-----trying rule: $* $=O $* < @ $=w . >
----- rule fails
-----trying rule: $-
-----rule matches: $: $( dequote $1 $) < @ *LOCAL* >
rewritten as: root < @ *LOCAL* >
-----trying rule: < @ *LOCAL* >
----- rule fails
-----trying rule: $* $=O $* < @ *LOCAL* >
----- rule fails
-----trying rule: $* < @ *LOCAL* >
-----rule matches: $: $1
rewritten as: root
Parse0           returns: root
rewritten as: root
-----trying rule: < @ >
----- rule fails
-----trying rule: $*
-----rule matches: $: $> ParseLocal $1
ParseLocal         input: root
-----trying rule: $* < @ $+ . REDIRECT . >
----- rule fails
-----trying rule: $* < @ $+ . REDIRECT . > < i >
----- rule fails
-----trying rule: $* < @ $+ . REDIRECT . > < $- >
----- rule fails
ParseLocal       returns: root
rewritten as: root
-----trying rule: $*
-----rule matches: $: $> Parse1 $1
Parse1             input: root
-----trying rule: $* < @ [ $+ ] > $*
----- rule fails
-----trying rule: $* < @ [ $+ ] > $*
----- rule fails
-----trying rule: $* < @ [ $+ ] : > $*
----- rule fails
-----trying rule: $* < @ [ $+ ] : $- : $* > $*
----- rule fails
-----trying rule: $* < @ [ $+ ] : $+ > $*
----- rule fails
-----trying rule: $+
-----rule matches: $: < ! > $1
rewritten as: < ! > root
-----trying rule: < ! > $+ < @ $={VirtHost} . >
----- rule fails
-----trying rule: < ! > $+ < @ $=w . >
----- rule fails
-----trying rule: < @ > $+ + $+ < @ $* . >
----- rule fails
-----trying rule: < @ > $+ + $* < @ $* . >
----- rule fails
-----trying rule: < @ > $+ + $* < @ $* . >
----- rule fails
-----trying rule: < @ > $+ + $+ < @ $+ . >
----- rule fails
-----trying rule: < @ > $+ + $* < @ $+ . >
----- rule fails
-----trying rule: < @ > $+ + $* < @ $+ . >
----- rule fails
-----trying rule: < @ > $+ < @ $+ . >
----- rule fails
-----trying rule: < @ > $+
----- rule fails
-----trying rule: < ! > $+
-----rule matches: $: $1
rewritten as: root
-----trying rule: < error : $- . $- . $- : $+ > $*
----- rule fails
-----trying rule: < error : $- $+ > $*
----- rule fails
-----trying rule: < $+ > $+ < @ $+ >
----- rule fails
-----trying rule: $=L < @ $=w . >
----- rule fails
-----trying rule: $+ < @ $=w . >
----- rule fails
-----trying rule: $* < @ $+ > $*
----- rule fails
-----trying rule: < $+ . > $*
----- rule fails
-----trying rule: < $+ > $*
----- rule fails
-----trying rule: < $~[ : $* > $*
----- rule fails
-----trying rule: < $+ > $*
----- rule fails
-----trying rule: $* < @ $* > $*
----- rule fails
-----trying rule: $* < @ $* > $*
----- rule fails
-----trying rule: $=L
----- rule fails
-----trying rule: $+
-----rule matches: $# local $: $1
rewritten as: $# local $: root
Parse1           returns: $# local $: root
rewritten as: $# local $: root
parse            returns: $# local $: root
 
Yep, works fine without DNS in effect. # sendmail -bt shows the exact same thing.
 
Oops, looks like I did the cmd tag wrong...but I can't edit my own posts. Sigh.
 
So it appears to work when the DNS name for the host is an A record, and when it isn't in DNS at all, but not when it's a CNAME record...
 
Yeah, I understand that. I'm referring to the hostname in DNS. The host is cb.domain.com (domain replaced), and I'm talking about the cb.domain.com record--not the MX for domain.com (which isn't a CNAME, neither is domain.com itself).
 
Back
Top