cannot send to a bunch of ISPs such as Yahoo....

[bangsters]

I can't get the scalix box to send emails to yahoo and other major ISPs....i have the PTRs set and I can receive the emails, but I cannot send them. at first I get a 553 error that it does not relay...after that I added relay to the hsphere mailserver to allow the mailserver to relay..now i don't get any 553 errors, but the emails just disappear and do not reach the destination....

my setup is as follows:

3 servers:
ISP router NATs to these boxes depending on the port.
server1 is the main server, win2k3 (without DNS, just for local network) using NAT
server2, scalix box, using NAT
server3, ASSP box, using NAT

there is a fourth server where the domain/zone is setup and have there an A record that points to the scalix box, and also an MX record that points to the scalix box. this is also the hsphere box where I set relaying to allow to the scalix box.

Am I missing something here? Please advice as it's been over 24 hours downtime now and we cannot send out emails....

P.S. I have the exact same setup with some other clients but using a different mailserver, and I'm not experiencing this issue with those boxes...

[Valerion]

Check the sendmail log on the Scalix box to see if the messages have been processed there, and if there are any errors in that file.

If the messages have been sent onwards to another machine (IP and name will be in the sendmail log) you will have to either check in its config or check with the relevant administrator to find out what happened to it. If it passed fine out of your organisation, there's not much you can do.

[bangsters]

i tried sending a bunch of emails with delivery receipts, and I've been getting delivery confirmation...however when i go to my yahoo mailbox nothing shows up, not even in the junk mail, same goes for other emails :(

[les]

I can't get the scalix box to send emails to yahoo and other major ISPs....i have the PTRs set and I can receive the emails, but I cannot send them. at first I get a 553 error that it does not relay...after that I added relay to the hsphere mailserver to allow the mailserver to relay..now i don't get any 553 errors, but the emails just disappear and do not reach the destination....

my setup is as follows:

3 servers:
ISP router NATs to these boxes depending on the port.
server1 is the main server, win2k3 (without DNS, just for local network) using NAT
server2, scalix box, using NAT
server3, ASSP box, using NAT

there is a fourth server where the domain/zone is setup and have there an A record that points to the scalix box, and also an MX record that points to the scalix box. this is also the hsphere box where I set relaying to allow to the scalix box.

Am I missing something here? Please advice as it's been over 24 hours downtime now and we cannot send out emails....

P.S. I have the exact same setup with some other clients but using a different mailserver, and I'm not experiencing this issue with those boxes...

that's not quite clear exactly what you want or how you are setup.......

some assumptions...can you clarify...

1. scalix is your only mail server.
2. all other servers send mail via the scalix server.
3. when other servers send mail to internal accounts on the scalix server it works.
4. when other servers send mail via scalix server to external accoutns it gets realy denied.

Most likely you need to allow smtp relay for your internal subnet.

By default out of the box scalix will relay only for 127.0.0.1and yourdomain.com (which you entered in install).
Scalix Connector in outlook uses MAPI so it needs no additional relay entries.

However if you have imap based clients, or just send via smtp then you need to allow them to relay.

If you internal subnet is 192.168.1.0/24 then you could allow relaying form the entire subnet by....

vi /var/opt/scalix/xx/s/sys/smtpd.cfg

and adding RELAY lines in the appropriate section such as...

RELAY accept 192.168.1.

then do an omof -d0 smtpd and an omon smtpd

If you want to be more specific, i.e. only allow relaying from the other two servers then add multiple specific RELAY lines.

RELAY accept 192.168.1.1
RELAY accept 192.168.1.2
etc...

if you added additional domain you will also need to add relay lines to the smtpd.cfg file.

p.s.

also recommend you add your domain names (just the domain part) to /etc/mail/local-hostnames for sendmail and restart sendmail.

Hope that helps.

[bangsters]

ok let me clarify.

our domain is hosted with a webhost...but we are not utilizing their mailserver, instead we have our own scalix server on our network. hence on the webhost provider, our domain is configured, but the mx record is pointing to our scalix box.

this has been working for months, then all of a sudden we cannot send out. we can send internally and externally to some email accounts...we can receive emails...i can login from an external network to the scalix webmail also....

...any ideas?

btw thanks for the help guys!

EDIT: why is it when i remove mail relay from the webhost provider i cannot send emails from the scalix server and get a 553 error? shouldn't the scalix server be able to send it's own emails out? i mean when sending out it's not going to the webhost server (hsphere cluster) but sending directly right? if i enable mailrelay from the webhost I don't get the 553 error but the email still does not get to the destination...shouldn't scalix be able to work as a standalone server? how come it's forwarding to the hsphere server to relay?

for this scalix server, it's only for a single domain, domain123.com which has it's ptr set, and mx records set to point to this scalix box.... :(

[BaldBoy]

ok let me clarify.
EDIT: why is it when i remove mail relay from the webhost provider i cannot send emails from the scalix server and get a 553 error? shouldn't the scalix server be able to send it's own emails out? i mean when sending out it's not going to the webhost server (hsphere cluster) but sending directly right? if i enable mailrelay from the webhost I don't get the 553 error but the email still does not get to the destination...shouldn't scalix be able to work as a standalone server? how come it's forwarding to the hsphere server to relay?
for this scalix server, it's only for a single domain, domain123.com which has it's ptr set, and mx records set to point to this scalix box.... :(

Maybe the problem is right here. Your Scalix box appears to rely on a "smart-host" which actually is the hsphere cluster. In fact when you remove mail relay feature from your webhost provider your emails are blocked with SMTP 553 error.
I'd check your sendmail.cf to verify the presence of a smart-host.

Maybe what's going on is the following:

• your Scalix box sends outgoing emails to the relay server (hsphere)
• hsphere tries to deliver messages but for some reason (which can be later analyzed) is bounced back
• so hsphere tries to deliver the error reply to your sender address but, as many providers do, they do not check MX pointing for domain: they consider it "local" as it's configured as an locally hosted domain.
• but at this point there is no mailbox configured on hsphere for your domain (as you manage them on your local server) or maybe there are but you can't access them (or forgot them): upon this assumption we can take evidence of two cases. In the first one (no mailbox) error reply is bounced back and forth locally on hsphere mail server until it reaches maximum number of hops and gets dropped. In the second one error replies are delivered to mailboxes living on hsphere but you should do a POP connection to read them. Your duty to check with hsphere which is the case.

Talking about the problems which may lead to a missing delivery of your emails through hsphere relay server we can imagine it may be due to :

• hsphere IPs have fallen into a blacklist or ...
• your domain does not have a proper configured SPF record which includes hsphere relay server

Hope this helps to troubleshoot the problem.

[bangsters]

thanks!

how do i remove the smart-relay?

as for these:

* hsphere IPs have fallen into a blacklist or ...
* your domain does not have a proper configured SPF record which includes hsphere relay server

I can send emails from this mailserver :), I can send to yahoo and all the major ISPs with this hsphere mailserver.

[les]

thanks!

how do i remove the smart-relay?

as for these:

* hsphere IPs have fallen into a blacklist or ...
* your domain does not have a proper configured SPF record which includes hsphere relay server

I can send emails from this mailserver :), I can send to yahoo and all the major ISPs with this hsphere mailserver.

scalix uses sendmail to send all mail to external sources. Thus it is sendmail which decides whether to deliver via a smart host or not.

This is done in /etc/mail/sendmail.mc

but also relaying can be dependant on MX records (another setting in sendmail.mc).

i still think we are missing some of the picture....it would help if you posted your sendmail.mc file and smtpd.cfg from scalix.

it would also help to know your domain name so we can see what it resolves to in the world.

I think there is some confusion with where mail and MX records should be...

Is hsphere, your host provider also controlling your internet connection? If you were going to use a smart host you should use the smtp server provided by the internet connection provider. Your hosting company may be a different isp and soemtimes they dont let you forward mail via there smtp server if you are coming from another isp subnet.

hsphere may do there own internal filtering of sorts also.

Please post your config files and domain MX records so we can see get a clear picture.

[bangsters]

hi.

i have a default sendmail installation, never changed it yet....i opened the sendmail.mc as you suggested but I can't find there anything about the relaying....can you point me to the right direction?

[Valerion]

You're looking for

dnl define(`SMART_HOST', `smtp.isp.com')dnl

The dnl in the beginning indicates a comment, and in this case all mail would be sent to smtp.isp.com (exceptions can be made in mailertable)

[bangsters]

so if i want to disable smart-relay, i should affix dnl at the beginning right?

EDIT: it seems it's already disabled....so how come it's still relaying? all my other setups with my other clients don't seem to have this problem tho... and they have the exact config except they're not using scalix...i think i'm missing one config i need to change to disable relaying...btw, even the scalix settings are default :)

thanks guys!

[Valerion]

Check in the sendmail.cf for a line that starts with DS

eg.

DSsmtp.isp.com

This should read

DS

The sendmail.mc is just a file that's used to re-generate the sendmail.cf, which is the actual config file used. You can recreate the sendmail.cf by

cd /etc/mail
make

Also check for me that /etc/mail/mailertable is empty, then run make after that as well to ensure the hashed file it creates (mailertable.db) is empty too.

[bangsters]

it says DS only..

mailertable is empty. mailertable.ds is not, it has a bunch of characters...

please advice.

thanks