Sendmail quirk

Giorgos Keramidas keramida at ceid.upatras.gr
Thu Mar 27 17:31:33 PST 2003


On 2003-03-27 18:13, Tuc wrote:
>>> Nothing earth shattering, right?
>>
>> No SMART_HOST.
>
> Nope, never had one before. Prefer to do my delivery myself.

Without meaning to sound ironic or harsh, you are probably beginning
to find out why this is not a good idea anymore.  It probably was a
few years back.  Not now...

>> Do you have a static IP address, or are you using a
>> dynamic IP address?
>
> Yes. Depends where I am, what I'm doing. In this case my IP is NAT
> at the firewall. I send dozens of emails every day, NEVER seen this
> happen.

Use your ISPs mail gateway as a SMART_HOST.  The fact that you haven't
seen this happen until now doesn't necessarily mean that it cannot
happen now or in the future.

A lot of people set their mail servers up to block incoming messages
from hosts that don't match a strict collection of criteria.  Examples
include:

  - Hosts with DNS resolution problems are blocked.
  - Hosts with DNS mismatches in forward/reverse lookups are blocked.
  - All dialup hosts are blocked.
  - All mail servers listed in a blacklist are blocked.

There are some of the criteria used by people in an effort to protect
their mail spools from spammers.

> I also have the same config on a server with a dedicated IP on the
> public Internet at all time. Same problem there.
>
> > What version of Sendmail are you running?
>
> 	8.12.8 on both.

Seems fairly recent.  Are you running Sendmail in setuid mode?  The
output of `mail -v' here is very different from what you posted:

  : $ mail -v keramida at freebsd.org
  : Subject: TEST
  : no useful text
  : .
  : EOT
  : keramida at freebsd.org... Connecting to localhost.localnet. via relay...

The above line is the important part.  Sendmail tries to do local
delivery using SMTP to localhost (in an effort to deliver the message
from /var/spool/clientmqueue to /var/spool/mqueue).  Your output is
very different, hinting at a setuid Sendmail setup.  Is that true?

Another good question is why your mail server uses a fake HELO name:

  : Delivered-To: keramida at ceid.upatras.gr
  : Received: (qmail 2585 invoked from network); 27 Mar 2003 23:09:50 -0000
  : Received: from wallstreet34.kickstartusa.com (HELO himinbjorg.ttsg.com) (65.105.161.248)
  :   by diogenis.ceid.upatras.gr with SMTP; 27 Mar 2003 23:09:50 -0000
  : Received: (from tuc at localhost)
  :         by himinbjorg.ttsg.com (8.12.8/8.12.8) id h2RNDjco004607;
  :         Thu, 27 Mar 2003 18:13:45 -0500 (EST)
  :         (envelope-from tuc)

Your address (and hostname) are under the kickstartusa.com domain.

This means that you shouldn't let your messages go out with a bogus
name in your MTA's HELO command (himinbjorg.ttsg.com in this instance)
because many mail servers will block all mail from you.  The only mail
server that will accept all mail from you is the one of your ISP,
i.e. the mail gateway of kickstartusa.com.

- Giorgos



More information about the freebsd-questions mailing list