For security reason sendmail
is by default configured to accept connection from local system (127.0.0.1), to avoid open mail relay problem. But,
How do I force sendmail to accept mail from the internet?
The article at http://www.cyberciti.biz/tips/sendmail-is-only-accepting-connections-from.html says, to remove the Addr=127.0.0.1
part from
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
to
DAEMON_OPTIONS(`Port=smtp,Name=MTA')dnl
will "force to accept connection from any host". I've done that:
$ grep smtp /etc/mail/sendmail.mc
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
MAILER(`smtp')dnl
However, looks like I still unable to accept incoming emails from the Internet. So commented it out as suggested by moonpoint:
$ grep smtp /etc/mail/sendmail.mc
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
dnl DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
MAILER(`smtp')dnl
% make
Updating databases ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/databases...
Creating /etc/mail/relay-domains
# Optional file...
Updating Makefile ...
Reading configuration from /etc/mail/sendmail.conf.
Validating configuration.
Creating /etc/mail/Makefile...
Updating sendmail.cf ...
The following file(s) have changed:
/etc/mail/sendmail.cf /etc/mail/local-host-names
** ** You should issue `/etc/init.d/sendmail reload` ** **
% /etc/init.d/sendmail reload
* Reloading Mail Transport Agent (MTA) sendmail [ OK ]
However, I think it is not working as expected, because previously at least I get "Relaying denied" error, but now, when I tried to send email to my system via google, nothing happened for about 10 minutes now. Trying to troubleshoot the problem myself, I refer to http://support.moonpoint.com/blog/blosxom/2015/04/04#smtp-telnet-commands and tried to connect my server using telnet
. But immedately, I get "Connection refused" error:
$ telnet xpt.mydomain.org 25
Trying 104.243.xx.xx...
telnet: Unable to connect to remote host: Connection refused
Removing that dnl
so as to revert back to what I got before, I am now able to at lest connect:
$ telnet xpt.mydomain.org 25
Connected to xpt.mydomain.org.
Escape character is '^]'.
220 mail.xpt.mydomain.net ESMTP Sendmail 8.14.4/8.14.4/Debian-2.1ubuntu4; Sun, 14 Jun 2015 22:16:13 -0400; (No UCE/UBE) logging access from: my.remote.domain
if I want to accept incoming emails from the Internet, what shall I do?
Update: I have already configured sendmail to be the mail server for my LAN, and thought I have configured sendmail to accept email for the relevant domain name I am using for email on the server, but this is what I got:
% sendmail -bv [email protected]
[email protected]... deliverable: mailer relay, host mail.myisp.com, user [email protected]
Now I know it is not (actually it was configured with another dynamic dns name that I have), so I change it to xpt.mydomain.org. And now it looks OK:
% sendmail -bv [email protected]
[email protected]... deliverable: mailer local, user me
However, using an external email account to send email to my system, I got:
Delivery to the following recipient failed permanently:
[email protected]
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain xpt.mydomain.org by xpt.mydomain.org. [104.243.xx.xx].
The error that the other server returned was:
550 5.7.1 <[email protected]>... Relaying denied
----- Original message -----
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=0rLnzRsn....
OK, I'm glad that spammers can't use my Sendmail Server for email Relaying, but I don't get emails either.
So how can I avoid the open mail relay problem, while allowing connections from all LAN hosts to send mails and receive emails from anyone as well?
Update2: Trying to further troubleshoot the problem myself, I pushed it further, to test the full SMTP protocol using telnet
. What's strange is that I didn't get "Relaying denied" error when using telnet
:
...
mail from: [email protected]
250 2.1.0 [email protected]... Sender ok
rcpt to: [email protected]
550 5.7.1 [email protected]... Relaying denied
rcpt to: [email protected]
250 2.1.5 [email protected]... Recipient ok
Data
354 Enter mail, end with "." on a line by itself
This is a test message.
.
250 2.0.0 t5F2ItI0008331 Message accepted for delivery
quit
221 2.0.0 mail.xpt.mydomain.net closing connection
Connection closed by foreign host.
So now everything is working fine now. Thanks a lot moonpoint!!!
Thanks
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 13.10
Release: 13.10
Codename: saucy
$ apt-cache policy sendmail-bin
sendmail-bin:
Installed: 8.14.4-2.1ubuntu4
Candidate: 8.14.4-2.1ubuntu4
Version table:
*** 8.14.4-2.1ubuntu4 0
500 http://us.archive.ubuntu.com/ubuntu/ saucy/universe amd64 Packages
100 /var/lib/dpkg/status
PS. A bit more on why I want to do that -- all I want to do is to enable my sendmail server to accept mail from the internet, for my personal use. I had tried to follow these 5 easy steps several times,
How to set up a simple mail server on Debian in 5 easy steps
http://cnedelcu.blogspot.ca/2014/01/how-to-set-up-simple-mail-server-debian-linux.html
But in the end, they never worked, and I don't even know what went wrong. So I think the easiest way is to enable my sendmail server instead.
postfix
. All that I want to know is how to accept incoming emails from the Internet for sendmail, and avoid the open mail relay problem, while allowing connections from all LAN hosts to send mails, which I haven't found a clear/concise answer yet.