Sendmail: stat=Deferred: Operation timed out with [127.0.0.1]

Discussion related to network/web services such as Apache, BIND Sendmail, etc.

Sendmail: stat=Deferred: Operation timed out with [127.0.0.1]

Postby ghostcorps » 08 Feb 2012, 14:30

Hi Guys,

I have recently discovered that sendmail is not able to send mail out of my server.

Looking at [file]/var/log/maillog[/file] I can see that it is trying, but it is timing out:

Code: Select all
Live Server    from=www    size=219    class=0    nrcpts=1    msgid=<201202081242.q18Cgw15058253@domain.com.au>          relay=www@localhost   
Live Server    to=address@mail.com    ctladdr=www (80/80)    delay=00:01:16    xdelay=00:01:16    mailer=relay    pri=30219    relay=[127.0.0.1] [127.0.0.1]    dsn=4.0.0    stat=Deferred: Operation timed out with [127.0.0.1]


I have a server at home which works fine, comparing the [file]/usr/local/etc/php.ini[/file] and [file]/etc/mail/sendmail.cf[/file] shows nothing different between them in the mail settings.

Code: Select all
Home Server    from=<www@domain.net>    size=478    class=0    nrcpts=1    msgid=<201202081256.q18CuUZn027418@domain.net>    proto=ESMTP    daemon=Daemon0    relay=localhost [127.0.0.1]   
Home Server    to=address@mail.com    ctladdr=www (80/80)    delay=00:00:00    xdelay=00:00:00    mailer=relay    pri=30217    relay=[127.0.0.1] [127.0.0.1]    dsn=2.0.0    stat=Sent (q18CuU1R027419 Message accepted for delivery)




I am using FreeBSD 8.1, the webserver is a jailed server, and I am using IPFW. I think I have confirmed that it is not IPFW by stopping it and running the test.

The test consists of creating a page as below and browsing to it, it should automatically send an email to the specified address:

Code: Select all
<?php

    $send_html_messages = "no";
    $adminmail="sender@mail.com"; //change to your adminmail
   $useremail="address@mail.com"; //change to your own personal mail
    $subject = "subject test";
    $content = "test content";
        $xheaders = "From: " . $adminmail . " <" . $adminmail . ">\n";
        $xheaders .= "X-Sender: <" . $adminmail . ">\n";
        $xheaders .= "X-Mailer: PHP\n"; // mailer
        $xheaders .= "X-Priority: 6\n"; // Urgent message!
        if ($send_html_messages == "yes") {
                $xheaders .= "Content-Type: text/html; charset=iso-8859-1\n"; // Mime type
        }
        mail("$useremail","$subject","$content",$xheaders);
?>



Could anyone please suggest some other options to trouble shoot this?

Thanks :)
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby SirDice » 08 Feb 2012, 14:41

A jail doesn't have a [file]lo0[/file] interface with 127.0.0.1 attached to it.
Senior UNIX Engineer at Unix Support Nederland
Experience is something you don't get until just after you need it.
User avatar
SirDice
Old Fart
 
Posts: 16185
Joined: 17 Nov 2008, 16:50
Location: Rotterdam, Netherlands

Postby ghostcorps » 08 Feb 2012, 20:54

Thanks SirDice! I did not know that but why then do I get a response from 127.0.0.1 when I ping localhost?

That doesn't mean I can't do it though does it? The simplest thing I can think of is to change the sendmail config to use the local ip as the relay instead of localhost, or am I way off track? I have never had to setup sendmail before.

Or do I need to route the mail through the host somehow?
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 09 Feb 2012, 02:31

I have found this guide HERE, but it is 9 years old. How accurate is it?


You need to run a sendmail MSP process in the jail, and modify the
configuration so that it submits the message to your main server
(presumably in your host environment, although it could live in
another jail) via it's external IP address.

Try this, in the jail:

# cd /etc/mail
# cp freebsd.submit.mc submit.mc
# vi submit.mc

here, change the last line from

FEATURE(`msp', `[127.0.0.1]')dnl

to

FEATURE(`msp', `[smtp.example.com]', `MSA')dnl

Obviously, you want to replace 'smtp.example.com' with the hostname of
your mailserver -- or it's IP address. You need the [square brackets]
as they stop sendmail trying to look up MXes in the DNS and instead
deliver straight to the named machine. Now rebuild the .cf and
install it:

# make
# make install

In /etc/rc.conf in the jail set the following so that only the
sendmail MSP process gets started:

sendmail_enable="NO"
sendmail_msp_queue_enable="YES"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"

and you can start sendmail up from within /etc/mail by:

# make restart

Oh, and make sure port 587 on the mail server isn't firewalled off
from the jail environment...

The problem is that the loopback interface isn't really shared between
jail and host environment -- a daemon listening on 127.0.0.1 in the
host won't pick up connections to 127.0.0.1 in the jail, which is
exactly how the MSP tries to communicate with the MTA process.


[Edit:] I notice some of the paths have changed, and I expect I will find some other cosmetic things. But in principle it should work yeh?
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 09 Feb 2012, 02:52

I have completed the steps and confirmed sendmail is running on the host and mqueue is on the webserver:

Host
Code: Select all
[/etc/mail]# /etc/rc.d/sendmail status
sendmail is running as pid 68419.
sendmail_submit is running as pid 68419.
sendmail_clientmqueue is running as pid 68422.


Webserver
Code: Select all
[/etc/mail]# /etc/rc.d/sendmail onestatus
sendmail is not running.
sendmail_clientmqueue is running as pid 68446.


Does this look like what should be expected?

I have used the hosts ip address in submit.mc, but it is still timing out.

This is my firewall entry:
Code: Select all
$IPF 200 allow all from x.x.x.3 to x.x.x.2 587
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 09 Feb 2012, 04:28

I have noticed that the relay in the jailed servers' 'from' log is: 'relay=www@localhost' but the: 'to' log reports: Operation timed out with x.x.x.2.

Should I be changing the relay address anywhere other than in [file]submit.mc[/file]?
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 09 Feb 2012, 10:07

I have decided to try useing the ISP's relay instead 'mail.domain.com', just to test which side the error may lay on.

This gets me a little bit further, but now I get this error:

Code: Select all
to=postmaster, delay=00:00:05, xdelay=00:00:05, mailer=relay, pri=32551, relay=mail.domain.com. [x.x.x.1], dsn=5.0.0, stat=Service unavailable


I assume this is because I need to configure the permissions, am I correct?
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby SirDice » 09 Feb 2012, 10:40

Lots of updates and changes in the meantime :)

The last message tries to email the postmaster on that mail relay. It's possible this is blocked by a spam filter at the ISP.

What you could do is configure sendmail correctly on the host and have the jails submit their mail there.
Senior UNIX Engineer at Unix Support Nederland
Experience is something you don't get until just after you need it.
User avatar
SirDice
Old Fart
 
Posts: 16185
Joined: 17 Nov 2008, 16:50
Location: Rotterdam, Netherlands

Postby ghostcorps » 09 Feb 2012, 11:35

Thanks for getting back to me. I have been working on this pretty solidly and find most of my previous comments become redundant pretty quickly, but the way I see it is that if someone else has the problem they can at least get some ideas from my fumbling. I am learning though :)

Ideally I would like to get sendmail relaying through the host, but using the ISPs relay is just to get the mail moving so I can take my time sorting it out. I have spoken with the ISP and they said that simply adding the relay address to the sendmail conf should work.


I can confirm that the host can send mail:

Code: Select all
#echo "Test" | mail me@gmail.com


Results in a succesfull delivery.

HOST[file]/var/log/maillog[/file]
Code: Select all
Feb  9 06:03:28 HOST sendmail[30426]: q19B3NuN030426: to=xxxxx@gmail.com, ctladdr=admin (1002/1002), delay=00:00:05, xdelay=00:00:05,]
 mailer=relay, pri=30031, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (q19B3S8l030427 Message accepted for delivery)
Feb  9 06:03:29 advoy sm-mta[30429]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-SHA,
 bits=128/128
Feb  9 06:03:29 advoy sm-mta[30429]: q19B3S8l030427: to=<xxxxxxxx@gmail.com>, ctladdr=<admin@HOST.domain.com> (1002/1002), delay=00:00:01,
 xdelay=00:00:01, mailer=esmtp, pri=30356, relay=gmail-smtp-in.l.google.com. [74.125.91.26], dsn=2.0.0, stat=Sent (OK 1328786226
 k8si931734qcy.9)


This is what happens with the same test on the jail using the ISPs relay:

Code: Select all
[/etc/mail]# echo "Test" | mail me@gmail.com
[/etc/mail]# /usr/local/www/apache22/data/dead.letter... Saved message in /usr/local/www/apache22/data/dead.letter


JAIL[file]/var/log/maillog[/file]
Code: Select all
Feb  9 11:08:30 JAIL sm-msp-queue[30110]: q1932t6V068411: to=postmaster, delay=08:03:14, xdelay=00:00:33, mailer=relay, pri=2315662,
 relay=mail.JAIL.com. [x.x.x.x], dsn=5.0.0, stat=Service unavailable
Feb  9 11:08:30 JAIL sm-msp-queue[30110]: q1932t6V068411: q19AbkpV030110: return to sender: Service unavailable
Feb  9 11:08:31 JAIL sm-msp-queue[30442]: q1932t7H068411: to=postmaster, delay=08:02:54, xdelay=00:00:04, mailer=relay, pri=2326660,
 relay=mail.JAIL.com. [x.x.x.x], dsn=5.0.0, stat=Service unavailable
Feb  9 11:08:31 JAIL sm-msp-queue[30442]: q1932t7H068411: q19B88oa030442: return to sender: Service unavailable
Feb  9 11:08:34 JAIL sm-msp-queue[30442]: q1932t7H068411: Losing ./qfq1932t7H068411: savemail panic
Feb  9 11:08:34 JAIL sm-msp-queue[30442]: q1932t7H068411: SYSERR(smmsp): savemail: cannot save rejected email anywhere


My [file]rc.conf[/file] is as follows:

JAIL: [file]/etc/rc.conf[/file]
Code: Select all
sendmail_enable="NO"
sendmail_msp_queue_enable="YES"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"


The host is just using the default values so I have no entries.
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 11 Feb 2012, 21:14

Looking at another test via the php mail form it seems to be sort of working, it appears that the rejection notice was delivered to the postmaster, but it can not identify the user 'www':

JAIL [FILE]/var/log/maillog[/FILE]
Code: Select all
56]: q1C0Buub085456: from=www, size=219, class=0, nrcpts=1, msgid=<201202120011.q1C0Buub085456@DOMAIN.com>, relay=www@localhost
56]: q1C0Buub085456: to=ME@gmail.com, ctladdr=www (80/80), delay=00:00:02, xdelay=00:00:02, mailer=relay, pri=30219, relay=mail.DOMAIN.com. [216.130.191.1], dsn=5.1.3, stat=User unknown
56]: q1C0Buub085456: q1C0Buuc085456: DSN: User unknown
56]: q1C0Buuc085456: to=www, delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31243, relay=mail.DOMAIN.com. [x.x.x.x], dsn=5.0.0, stat=Service unavailable
56]: q1C0Buuc085456: q1C0Buud085456: return to sender: Service unavailable
56]: q1C0Buud085456: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=32267, relay=mail.DOMAIN.com. [x.x.x.x], dsn=2.0.0, stat=Sent (ok 1329006343 qp 67991)


Do I need to map this user to the www on the host via [file]/etc/mail/virtualusertable[/file]?
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 12 Feb 2012, 01:43

I've found a couple more things:

1) The relay my ISP gave me is not open, despite their insistence that it was. I believe this explains the 'user unknown' error.
2) The host will respond to telnet on port 25 locally ie. [FILE]host#telnet localhost 25[/FILE], but not from any other location. I tried this with the FW down also.
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 12 Feb 2012, 02:50

I assume I should have the access file configured as follows?

HOST
[file]/etc/mail/access[/file]
Code: Select all
JAIL.IP                   RELAY
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 12 Feb 2012, 06:08

I have gone back to testing with the external relay just so I know that the client is working at least.

This is the result of the test:


Code: Select all
[CMD="[root@webserver /etc/mail]# echo "Test" | sendmail -v me@gmail.com"][/CMD]
me@gmail.com... Connecting to mail.DOMAIN.com. via relay...
220 mail2.HOSTING.net ESMTP
>>> EHLO DOMAIN.com
250-mail2.HOSTING.net
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN CRAM-MD5
>>> MAIL From:<webserver@DOMAIN.com> SIZE=5
250 ok
>>> RCPT To:<me@gmail.com>
>>> DATA
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)
503 RCPT first (#5.5.1)
>>> RSET
250 flushed



My interpretation is that it works as a client, but the relay is not open.

Add this to the fact that I know the host can send mail.


So the issue lays somewhere in the middle. Why would traffic from the jail not reach the host? The access file looks correct, I have built it in and restarted. I don't imagine I should need [FILE]/etc/mail/virtusertable[/FILE] or [file]/etc/mail/local-host-names[/file] should I?
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby lbol » 12 Feb 2012, 16:04

To relay from your jail through your host you need to add

Code: Select all
jail_IP  RELAY


to [FILE]/etc/mail/access[/FILE] on your host

To activate the access db entry

[CMD="#"]cd /etc/mail[/CMD]
[CMD="#"]makemap hash access < access[/CMD]

You may than need to restart sendmail on host
lbol
Junior Member
 
Posts: 58
Joined: 29 May 2010, 14:03

Postby ghostcorps » 13 Feb 2012, 01:06

lbol wrote:To relay from your jail through your host you need to add

Code: Select all
jail_IP  RELAY


to [FILE]/etc/mail/access[/FILE] on your host

To activate the access db entry

[CMD="#"]cd /etc/mail[/CMD]
[CMD="#"]makemap hash access < access[/CMD]

You may than need to restart sendmail on host


Thanks Ibol :)

I have tried this but to make the changes I used:

Code: Select all
#make
#make install
#make restart


I have tried your method to be sure :) but to no avail...
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 13 Feb 2012, 02:11

I've had an idea... how do I set the address that the relay server listens on? I have a feeling it is only listening to 127.0.0.1.

[edit]: I just added the clients ip to [file]/etc/mail/local-host-names[/file] and restarted sendmail, this did not help either.
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 13 Feb 2012, 03:50

I have observed that the host responds to [FILE]telnet localhost 25[/FILE] and that the client is not listening at all.

[FILE]netstat -a[/FILE] gives me this:

Code: Select all
Proto Recv-Q Send-Q  Local Address          Foreign Address       (state)
tcp4       0      0  localhost.DOMAIN.smtp  *.*                    LISTEN


And the relay does not respond to an external request on port 25.
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

Postby ghostcorps » 13 Feb 2012, 04:44

In the end I just cleaned up my hosts file and rebuilt sendmail :r

Don't know what this means, but I am getting these in my logs.
Code: Select all
r
Feb 13 04:16:41 webserver sendmail[22892]: My unqualified host name (webserver) unknown; sleeping for retry
Feb 13 04:17:42 webserver sendmail[22892]: unable to qualify my own domain name (webserver) -- using short name


But at least it works now! :D
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42

change on /etc/mail/submit.mc

Postby linthon » 06 Jul 2012, 10:03

Hi there,

I have the same problem,
then I try to change line on /etc/mail/submit.mc

FEATURE(`msp', `[127.0.0.1]')dnl
to
FEATURE(`msp', `[your_smtp_server_ip/hostname]')dnl


it works
linthon
Junior Member
 
Posts: 1
Joined: 06 Jul 2012, 09:57

Postby ghostcorps » 07 Jul 2012, 02:01

linthon wrote:Hi there,

I have the same problem,
then I try to change line on /etc/mail/submit.mc

FEATURE(`msp', `[127.0.0.1]')dnl
to
FEATURE(`msp', `[your_smtp_server_ip/hostname]')dnl


it works


Thanks :)

This was already done at some point, but was too long ago to remember any details about when or why... Still there have been no troubles with mail since :)
FreeBSD 9.2 RELEASE
ghostcorps
Member
 
Posts: 272
Joined: 01 May 2009, 07:42


Return to Web & Network Services

Who is online

Users browsing this forum: No registered users and 1 guest