Sendmail is running but not sending

Rocky Linux General
1

I configured sendmail in Rocky on my VirtualBox machine, just as on my CentOS 7 physical box.

Sendmail on the virtualbox machine will not send emails. Before I stay up til 2am again, is this because of virtualbox? The last entry in the maillog states service not available, but when I check sendmail service, it is running.

Nov 1 11:48:27 finaidrocky sendmail[4215]: 1A1ImRU0004215: from=marc, size=13, class=0, nrcpts=1, msgid=202111011848.1A1ImRU0004215@finaidrocky.finaid.wwu.edu, relay=root@localhost
Nov 1 11:48:28 finaidrocky sendmail[4215]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1.3, verify=FAIL, cipher=TLS_AES_256_GCM_SHA384, bits=256/256
Nov 1 11:48:28 finaidrocky sendmail[4216]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1.3, verify=NOT, cipher=TLS_AES_256_GCM_SHA384, bits=256/256
Nov 1 11:48:28 finaidrocky sendmail[4216]: 1A1ImRAh004216: from=marc@finaidrocky.finaid.wwu.edu, size=321, class=0, nrcpts=1, msgid=202111011848.1A1ImRU0004215@finaidrocky.finaid.wwu.edu, proto=ESMTPS, daemon=MTA, relay=localhost [127.0.0.1]
Nov 1 11:48:28 finaidrocky sendmail[4215]: 1A1ImRU0004215: to=frommm@wwu.edu, ctladdr=marc (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30013, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (1A1ImRAh004216 Message accepted for delivery)
Nov 1 11:48:28 finaidrocky sendmail[4218]: 1A1ImRAh004216: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=120321, relay=smtp.wwu.edu [140.160.248.194], dsn=4.0.0, stat=Deferred: 421 4.3.2 Service not available

[root@finaidrocky sbin]# systemctl status sendmail
● sendmail.service - Sendmail Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/sendmail.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2021-11-01 14:37:50 PDT; 31min ago
Process: 2994 ExecStart=/usr/sbin/sendmail -bd $SENDMAIL_OPTS $SENDMAIL_OPTARG (code=exited, status=0/SUCCESS)
Process: 2989 ExecStartPre=/etc/mail/make aliases (code=exited, status=0/SUCCESS)
Process: 2988 ExecStartPre=/etc/mail/make (code=exited, status=0/SUCCESS)
Main PID: 2996 (sendmail)
Tasks: 1 (limit: 4826)
Memory: 3.5M
CGroup: /system.slice/sendmail.service
└─2996 sendmail: accepting connections

Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1KmXD1002311: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1>
Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1KV7BI003125: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1>
Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1IKXrj003283: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1>
Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1I1R0u002994: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1>
Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1HsoYi002866: to=marc.fromm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (10>
Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1IPZG0003361: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1>
Nov 01 14:37:50 finaidrocky.finaid.wwu.edu sendmail[2997]: 1A1ImRAh004216: to=frommm@wwu.edu, ctladdr=marc@finaidrocky.finaid.wwu.edu (1000/1>
Nov 01 14:39:02 finaidrocky.finaid.wwu.edu sendmail[3019]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1.3, verify=NOT, cipher=TLS_>
Nov 01 14:39:02 finaidrocky.finaid.wwu.edu sendmail[3019]: 1A1Ld26q003019: from=financialaid@wwu.edu, size=923, class=0, nrcpts=1, msgid=<20211>
Nov 01 14:39:02 finaidrocky.finaid.wwu.edu sendmail[3021]: 1A1Ld26q003019: to=frommm@wwu.edu, delay=00:00:00, xdelay=00:00:00, mailer=relay, pr>

2

Hi,

To me it looks like it can’t access the relay server (smtp.wwu.edu)

I’ve checked that host with:

https://www.yougetsignal.com/tools/open-ports/

Looks like smtp ports are closed (25, 465 & 587). Is this a private relay server? If not I would double check your sendmail config.

Regards Tom.

3

@tjdoyle it’s at the university. On my centos7 box I don’t recall configuring any ports for smtp. Anyway to check if VirtualBox is blocking sendmail?

4

Hi,

How is virtualbox configured for the network?

Thanks Tom.

5

@tjdoyle I had to use bridge adapter to get ssh to work.
Capture

6

@whichiso Is the CentOS box behind the same router as your VirtualBox? This is old-school, and may require you to install telnet but try to telnet from both machines to the relay (either the IP or the hostname) and try the ports normally open for email. Most relays only allow trusted hosts to relay through them:

telnet 140.160.248.194 25 (for port 25) #or specify 587, or 465
Trying 140.160.248.194...
Connected to smtp.wwu.edu .
Escape character is '^]'.
220 smtp wwu.edu ESMTP

That shows a successful connection. If you get that on the CentOS machine but not on the VirtualBox machine, AND they are both using the same router for outbound, then there is probably something wrong with the VirtualBox setup, though from my vantage point, it looks as if the mail server simply is refusing your connection.

7

@sspencerwire I installed Rocky on real hardware and sendmail worked fine. VB is what’s giving me all the headaches.
I ran telnet on both VB and real box for curiosity.
Real Box

telnet smtp.wwu.edu 25
Trying 140.160.248.194…
Connected to smtp.wwu.edu.

telnet smtp.wwu.edu 25
Trying 140.160.248.194…
Connected to smtp.wwu.edu.
Escape character is ‘^]’.
421 4.3.2 Service not available
Connection closed by foreign host.

8

Hi,

So telnet works on both?

What is the host machine virtual box is running on?

Thanks Tom.

9

@tjdoyle the telnet only works on the real hardware, not on the VB machine. the VB is running on a windows 10 machine on same network as the real hardware Rocky machine.

10

@whichiso which is odd, because this says that telnet connects to both and then the service (the mail server you’re connecting to) is bouncing the connection:

Connected to smtp.wwu.edu.
Escape character is ‘^]’.
421 4.3.2 Service not available
Connection closed by foreign host.

I’m wondering if it can’t establish a reverse connection to your VirtualBox container through the Windows hardware. (proxy block, or some other firewall blocking??)

11

@whichiso, I’m trying to remember everything I’ve forgotten about sendmail. It’s been a while since I’ve used it in production. Try this: can you (from your CentOS install) telnet to sendmail running on your VirtualBox? I’m going to guess that you cannot. If not, try messing with the Windows firewall settings to open port 25 through the bridged network. (you can use port 587 if you want, too, but to me 25 will give you the results you are looking for) If no connection from CentOS, see if the mail logs show you any additional information on the CentOS machine. The mail server you are connecting to needs to be able to respond back to you, and if it can’t, the connection will end there.

1 Like
12

@sspencerwire I tried creating an inbound rule in windows fire wall for port 25 and port forwarding in a NAT adapter in VB network settings, but SMTP still doesn’t work. I had to use a second adapter in VB for the NAT, since Bridge adapter port forwarding is greyed out.

13

@whichiso Can you temp-disable the firewall on the Windows box completely and then test from CentOS box to the VirtualBox IP? I’m sure Windows doesn’t give you any logs to look at (not a Windows user for at least 15 years). Even with the firewall disabled, there’s a chance that this traffic isn’t getting into the Windows machine at all, but it would be worth a try.

14

My guess is that it is working, but the receiving server is denying your request to relay/accept the mail. It isn’t a firewall issue, or at least not one that telnetting the server will help you fix, because you are sending it outbound from the server. Not going into the server. Many mail servers won’t recognize your request unless your reverse lookup points to and IP that is also registered to an MX record for your domain that you are sending from.

15

@sspencerwire and @synack2 I’ll need to revisit this when I can. It would be nice to get virtualbox Rocky to send mail, but at least it’s working on real hardware.

@synack2 since I’m using a valid static ip address on the VB Rocky, just like those on the real hardware, I would think it would be in the domain.

16

I am going to make some assumptions, tell me if I am wrong on any of them.

  1. You work at a company or organization that has firewall (We will say Cisco, but any enterprise grade firewall will do the same) and multiple outside static IP addresses

  2. You have port 25 mapped in that firewall to your real mail server (or onsite spam filtering device) so it can receive mail.

  3. You have your normal traffic NAT’d out another outside IP address (Cisco calls this traffic “overloaded” on the outside interface IP address)

  4. When this is the case, when your actual mail server is talking to other mail servers, the router will look in its NAT table and see that a particular IP address has a inbound port mapping. It will then NAT or “overload” all of its outbound traffic over that IP address.

  5. When your Virtual server goes to hit the outside world, it is going out the interface IP address where the general web traffic goes, not the servers mapped outside IP address.

  6. The remote server does a reverse lookup on that IP address and verifies that is resolves to an A record that matches a MX record for you DNS Domain Name.

For example on your real server 98.72.12.2 ----> Reverses to → mail.company.com —> MX Lookup for comapny.com → returns two records mail.company.com and mail2.company.com → IT allows the connection.

On your new server → 98.72.12.1 – Reverses to – someisp.com – MX Lookup → mail.company.com mail2.company.com – doesn’t match → Drops Connection

Reverse Pointer records have to be setup by your ISP, but the MX and A records are setup on your DNS name by you.

17

It actually looks like your current record is set to wwu-edu.mail.protection.outlook.com
So you must be relaying all of your outbound mail through them as well

Your firewall is probably configure to only accept inbound port 25 connections from the servers at outlook.com

[tom@localhost ~]$ dig mx wwu.edu

; <<>> DiG 9.11.26-RedHat-9.11.26-6.el8 <<>> mx wwu.edu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52381
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;wwu.edu. IN MX

;; ANSWER SECTION:
wwu.edu. 20839 IN MX 10 wwu-edu.mail.protection.outlook.com.

;; Query time: 25 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Nov 03 20:52:50 EDT 2021
;; MSG SIZE rcvd: 87

[tom@localhost ~]$

18

If I understand all your insights, the VB Rocky contacts the mail server, but when the mail server replies back, it’s actually replying to the PC running the VB Rocky.

19

@synack2 @whichiso, I made a slightly different assumption. My assumption was that since your CentOS hardware (which I assume is behind the same firewall, ISP, etc.) is allowed, that that IP address was allowed by the receiving mail server and that regardless of the IP you have set on your VB machine, that the IP advertised to the world is the same and allowed, that the problem would be in return traffic to your VB machine. That may be a wrong assumption. I’m totally aware of the requirements that most receiving email servers have for propper reverse IP and just as importantly, DNS TTL, but figured that this was out of play, as the CentOS box was working as expected. shrugs :slight_smile: