Sendmail stopped working after updates

I have a phpBB forum on a server. I setup Sendmail to enable the phpBB to SEND messages to users, (but no Incoming server setup. For that they have to use my Mail server. I also installed Evolution on thae same server, so I could send messages from that server if I wanted to do. That also worked fine.

It worked fine for months, but I started having problems after one of the many updates. I don’t even know which one broke it.

I feel it’s probably essier to sort out Evolution and then once it works to look at phpBB

If I try to send a message to myself using evolution I get this message

The reported error was “DATA command failed: Please try again later”.

In the mailog, I get this

Jun 11 12:44:13 localhost sendmail[331636]: 35BAiDMW331636: from=me@mydomain.com, size=568, class=0, nrcpts=1, msgid=e8af6328197664b87054d6ff7d0532cccee23fa6.camel@mydomain.com, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jun 11 12:44:13 localhost opendkim[1013]: 35BAiDMW331636: signing table references unknown key ‘default._domainkey.mydomain.com’
Jun 11 12:44:13 localhost sendmail[331636]: 35BAiDMW331636: Milter: data, reject=451 4.3.2 Please try again later
Jun 11 12:44:13 localhost sendmail[331636]: 35BAiDMW331636: to=me@mydomain.com, delay=00:00:00, pri=30568, stat=Please try again later

I have NO idea where ‘camel’ comes from!

And in /etc/opendkim.conf I have:
Socket inet:8891@localhost

systemctl status opendkim.service

Jun 10 03:17:08 rocky-86 opendkim[1013]: 35A1H8ms282464: no signing table match >
Jun 10 03:17:08 rocky-86 opendkim[1013]: 35A1H8ms282464: no signature data
Jun 11 00:00:02 rocky-86 opendkim[1013]: 35AM02Bo312871: no signing table match >
Jun 11 00:00:02 rocky-86 opendkim[1013]: 35AM02Bo312871: no signature data
Jun 11 00:00:11 rocky-86 opendkim[1013]: 35AM0BnB312891: no signing table match >
Jun 11 00:00:12 rocky-86 opendkim[1013]: 35AM0BnB312891: no signature data
Jun 11 03:50:11 rocky-86 opendkim[1013]: 35B1oAdP319562: no signing table match

Obviously something got updated that screwed it. Can anyone help?

Hello @Mikheil You didn’t say what version of Rocky Linux you are using. It might make a difference. Also, while I know that sendmail should still work, it might be smarter to move to postfix these days. It is more modern and secure. I don’t want to hijack your message and say “you should use this” though. Let us know what version of Rocky Linux you are using and then perhaps someone will be able to guide you in the right direction.

Sorry, v8.6 was the installation and all updates religiously applied.

No, I don’t really want a mail server, just something simple for the forum so if there’s for example a new competition somewhere I can post the info and send a message to the users so that can visit the site for details.

It worked 100%. The thought of starting all over with installing a new mail system and all the horrors I had with the real Postfix/dovecot mailserver on a different box. I shudder. I don’t run a server because I enjoy messing around with computers. Those days went when I retired frrom Novell. It’s only a service for a few people.

If I can’t fix it, I’d rather close down the site. It’s not that important.

I’m not sure if opendkim was updated (it’s an EPEL package, it’s unlikely it had a breaking change). I want to say look at your configuration for both sendmail and opendkim and see if something may have changed in that area or if you need to make adjustments. You may need to adjust some modes or the like.

As an aside, postfix doesn’t have to be part of a mail server, you can have it as a relay (it’s general default option). Postfix is the default MTA in enterprise linux. Just turning it on in most cases will just let mail flow immediately without any additional configuration. That’s why it was recommended to try it. In Rocky’s infra, we use postfix on our systems to forward mail from some of our apps (in particular, gitlab and gitea).

So what do I do? Uninstall Sendmail or just stop it loading? Do I also stop opendkim as well?

Then you say I only need to turn on Postfix with no additional setup?

I’m no linux Guru. I used to be a Novell eDirectory/ server/GroupWise specialist.

Some detailsed instructions would be nice. I use Linux because I hate Windows, not because I enjoy suffering with it.

If you want to switch to postfix…

systemctl disable sendmail --now
dnf install postfix -y
systemctl enable postfix --now

That would get you a working MTA immediately if you’re swapping from sendmail to postfix. However, that would be a basic postfix server without opendkim or anything additional you may want. So, if you want to continue using opendkim with postfix, you would just need to do a couple things (as a basic starting point).

% gpasswd -a postfix opendkim
% vi /etc/postfix/main.cf
# add to the bottom...
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
% systemctl restart postfix

While not specifically for 9, these should come close to postfix+opendkim configuration.

–

With that being said, if you continue to get rejection logs, you’ll need review your opendkim configuration.

That’s good to know. Thank you so much for giving me details instructions.

I actually went to Linuxbabe and looked at the Sendmail configuration (I used the Linuxbabe site to install sendmail in the first place)
His first step Check your hostname. I did this and one of the updates trashed it and I found my hostname FQDN had been changed to localhost.

I set it to the correct name and Sendmail started working again.

You see it’s this kind of stupid thing with Linux that stops the majority from dumping Windows and MacOS. I’ve been updating Novell servers since the 80s and Windows workstations and servers since Windows came out in the 90s. ONCE there was a problem with a Novell update and they pushed out a fix two days later.

I’ve never had a Windows update that actually BROKE something, but seems Linux updates do it a lot and the answer from the ‘gurus’ “You should check your updates in the test lab before applying them!”

One of the Fail2ban updates, broke it completely, I spotted it immediately and restored the last backup and disabled Fail2ban updates. It’s irritating things like this that put people off, who use computers as a tool and have no desire whatever to grapple with what’s under the hood.

You buy a car, you put in petrol and oils and drive. You don’t need to be an engineer to drive around.

People buy computers to do a job and they shouldn’t have to lab test everything and be expected to troubleshoot every time there’s an update. THAT is the job of the Linux ‘gurus’ who actually enjoy writing 256 character lines of command.

THAT is why the vast majority of people will never swap their Microshite box for Linux. It never seems to get simpler. Only more complex.

Most of the Internet is already running on Linux and BSD, as well as for mobile devices IOS and Android(Linux based), so Linux doesn’t need to take over the desktop. The reason why I had a Linux system break on me was when I was doing something stupid myself to see if I could break it and then fix it which I did more than once. The other reason was when I ran Arch Linux for a couple of years and an update broke something. It was just a small break, nothing that made your system unbootable but can be expected if you running a rolling release distribution. And I’ve never seen a RHEL system where the hostname was changed from the fqdn to localhost during an update, not even when I was running Rocky Linux 8 on my vps. I’d be curious to know which update that was, it would be interesting to try and replicate that on a test system?

I disagree with this statement. Linux is far far easier than like 20 years ago. More hardware support, not having to dig through config files to get wireless working, like when having to edit wpa_supplicant or whatever. Things these days just pretty much work, unless it’s something exotic (hardware).

Blindly following a howto without knowledge or not attempting to think about what is being done, then it’s not surprising when something doesn’t work. Each Linux distro is different, even between versions like EL7, EL8, EL9 - there are similarities yes, but package versions change, or packages disappear because they are obsolete or projects no longer being maintained. I’ve never had a system break from an update, and if it has, then the configuration was never properly applied in the first place.

Sendmail is a great example for this. If you edit sendmail.cf, then expect to lose changes since the changes should be applied to sendmail.mc. Posfix however is far easier, you apply to main.cf or master.cf and it never loses it’s configuration - unless someone overwrites the file without thinking when an update is made - however most distros apply it to rpmnew or dpkg-dist.conf (Debian/Ubuntu), so there shouldn’t be a chance of this. Although sometimes Debian/Ubuntu will ask if you want to overwrite the edited config file, and defaults to “no”. So theoretically it’s still possible.

If the hostname changed, then either it wasn’t applied to /etc/hostname or using the appropriate commands to edit it properly. Either that, or it was lost due to what I previously mentioned about sendmail.

You don’t need to be a computer expert to use Windows or Linux. If you are just writing documents, then it just works. If you want to configure a mail server, then you have to learn. And this is no difference for Windows - Microsoft Exchange still needs to be configured properly and I can guarantee trying to manage/maintain that will be far harder with it’s weird intricacies. You can get a very easy mail server by installing Zimbra - and you don’t need to go delving into the configuration files. It just works. If you choose another route, then you need to learn, it’s that simple really.

Just changing petrol/oil in a car isn’t going to be enough, and it will break too sometime in the future and then need to be fixed. And if you aren’t a mechanic, then it’s not going to be any different to when sendmail breaks for you. If you don’t learn to be a mechanic, you’ll need to take it to someone who can fix it. I guess the same with Windows/Linux, if you don’t know, then you need to get someone to do it who does know what to do.

I don’t want to get into a heated argument here, but my question to you, is: how does one learn? At school, you are given a book and you follow the instructions, algebra, trig, calculus and you trust the book to give you the information you need to perform a task. Whether that be dissecting a frog or calculating the area of a cone.

Whe I worked for Novell. We got course notes, and following the examples, we learned new things.

What you are saying is that one should never trust these books. I’m not sure where one is supposed to get the knowledge from. Mystic Meg or genetic imprint?

When I owned vehicles, right up until they started computerising them, I did all my own repairs. There were books out there that showed you step by step with pictures how to replace the main bearings, for example. When you’d done it once or twice. It was easy.

I used to regard the “how-to” articles as the equivalent of one of these books. How the hell else is one supposed to learn? Unfortunately, none of them ever work properly or something is missing like all the articles on installing and configuring Samba, none of which cover a computer in a domain. They all assume you are in a workgroup.

When I have a Windows problem, that I’ve never come across before. I hunt around on the web to find a TID that tells me how to fix it. Most often, they WORK.

MacOS runs in UNIX, but I download an application, and it installs. Try the same with Linux, and it usually doesn’t install, there’s a dependency problem, and it ends up half installed, but it doesn’t work.

I’m in my 83rd year. I use computers because I have to do for the work I do at home. I run a web server, because I belong to a small group of people that have the same ‘hobbies’ (I guess that’s what you call these things after you retire and are kicked onto the scrap heap) and I try to help them because I have information they don’t.

I don’t want to go in a two-week course to learn how to setup and troubleshoot version 8.1 of Rocky Linux and after I’ve finished, 3 months later, an update kills it, fail2ban stops working, mail stops working, logwatch stops working, and by some form of osmosis, I’m supposed NOT to rely on anything I find on the web. I’m just supposed to KNOW these things.

I have no desire to become a Lunix ‘guru’ of any flavour; all I want to do is run a web server. I suppose the easiest way is to just stop updating anything at all. then it won’t break.

BTW I tried installing Zimbra a while ago. It didn’t work either - dependency problems. I tried installing Roundcube. That didn’t work. I tried to install Postfix and Dovecot and had it not been for a really helpful member of this forum, I would never have got it working. That ended with us having an argument because I wanted a simple mail server and he wanted to add an extra dozen layers of complexity I didn’t need. So he also dumped me.

By going through the official documentation of the software you use since most software that is used has examples in their documentation also explains why and how something works. If then still necessary you can fill in the gaps with how-to’s since not all software is documented that well.

All the Windows errors I have seen in the past are far more cryptic than most Linux errors.

It’s called RHEL for a reason and with most enterprise software comes some form of training or self education and is required to keep up with current technology. I can’t expect since I know Linux to transition to a full blown Windows sysadmin without obtaining the needed knowledge to run Windows servers.

Then you are probably better off paying for a hosted setup where they manage all the technical aspects for you(including the delivering of mails sent by your forum) and you just manage the content of your forum. That way you can only focus on the part you are actually interested in, which is your hobby and the people that share the same hobby and the forum you use to share ideas and things about your hobby.

This. I used to manage/maintain a Zimbra server from like v5 all the way up to v8.x. So from 2006 to like a couple of years ago. I now use Zoho Mail, costs 1 GBP or 1 EUR for a 10GB mailbox. Whilst I have the technical knowledge and experience to continue maintaining a VM with Zimbra, I just decided I don’t need the hassle anymore. I leave that now to my mail hosting (Zoho), which has point and click to set up SPF, DKIM, etc. You could say laziness, but I have more time to concentrate on what is important to me. For the sake of 12 GBP or 12 euro per year, or more actually as I have 4 mailboxes there, it’s peanuts compared to my personal time which has far more value to spend on what I want to concentrate on.

That said, with Linux it’s no different than Windows, google will show up tons of results related to various things/articles that can help.

Not sure why your fail2ban broke, but assuming you copied jail.conf to jail.local rather than editing jail.conf then it shouldn’t break, since nothing changes jail.local as it simply doesn’t exist in any package, be it for EL or Debian based distros or any other distro for that matter.

So can you do POP3 with them?

Yep, IMAPS (993), POP3S (995), ActiveSync, send on SMTP with SSL (465), or TLS (587). Access to quarantine to release emails or block them completely. Or even let your users unblock their own quarantined messages (assuming they are able to tell whether it’s spam or not and not have them unblock everything without checking the mail content first).

Thanks, I will start a new thread when I have more time to explore moving domain etc…

I don’t want to get into a heated argument here, but my question to you, is: how does one learn?

I hardly post here and most of my Linux journey stopped after CentOS 7 but I could not help responding to this question.

I get it. It is like becoming a programmer. A million courses to show you how to write your first bit of code that produced “Hello World!” and then nothing else. Nadder, zilch, nothing.

For me, I was working in an MS environment but wanted cheap web servers and so, we used CentOS and it was a question of Googling just about everything until eventually things started to make sense.

You need an objective and then just work your way through.

There are courses of course (no pun intended) but things changed. For me the biggest change is when systemctl came in.

My new job doesn’t require such skills anymore but those around me are amazed when I end up on a linux based OS and I know my way around

Good luck and a pleasure reading someone who worked on Novell, I was NT4 personally