I can receive mail but cannot send mail to other domains

[htaylor3]

I have an mx record for sixtaylors.com and here is my telnet output looking at hotmail on 25

> telnet mx2.hotmail.com 25
Server: 192.168.2.25
Address: 192.168.2.25#53

** server can't find telnet: NXDOMAIN
> q
Server: 192.168.2.25
Address: 192.168.2.25#53

** server can't find q: NXDOMAIN
> q
Server: 192.168.2.25
Address: 192.168.2.25#53

Am I missing something in my config? Maybe my ISP is blocking 25.... Any help will be appreciated!

Thanks,

Hank

BTW. My SSL issues are all good now, thanks again support staff!

[ScalixSupport]

Hi Hank,

The first problem is that you're trying to use the telnet command inside of an nslookup session which clearly won't work. Take a look at the nslookup man pages for usage information. A quick hint, type Ctrl-d to exit nslookup.

Okay, now use the telnet command to attempt to connect to the mx record you want to test against. Many consumer ISPs do block socket 25, so you may have to use their mail server as a smarthost.

Thanks,
Rachel

[htaylor3]

Here is my attempt to connect at Google mail. It looks like port 25 is good to me? I still can't get mail out though?
I'm stumped?

[root@mail ~]# telnet smtp1.google.com 25
Trying 216.239.57.25...
Connected to smtp1.google.com (216.239.57.25).
Escape character is '^]'.
220 smtp.google.com ESMTP
Connection closed by foreign host.
[root@mail ~]#

[ScalixSupport]

Hi Hank,

You're not giving us a lot to go on here. Have you checked your /var/log/maillog? What does it say there? Have you tried sending from the command line using plain old Unix mail? Were you able to send that way? Can you verify that sendmail is indeed running?

Thanks,
Rachel

[htaylor3]

OK,

From the command line, I get the mail at my gmail account. Still cannot send from the interface. I can't send to my work address because we filter for FQDN. Where do I make changes to make this work? Here is the output from maillog on the message I sent to gmail and my work account from the command line:
Jan 25 13:08:51 mail sendmail[14493]: k0PJ8prO014493: from=<root@mail.sixtaylors
.com>, size=357, class=0, nrcpts=2, msgid=<200601251908.k0PJ8nNI014492@mail.sixt
aylors.com>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Jan 25 13:08:51 mail sendmail[14492]: k0PJ8nNI014492: to=htaylor3@gmail.com,hank
_taylor@knaack.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:00, mailer=
relay, pri=60088, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k0PJ8prO0
14493 Message accepted for delivery)
Jan 25 13:08:54 mail sendmail[14498]: k0PJ8prO014493: to=<htaylor3@gmail.com>, c
tladdr=<root@mail.sixtaylors.com> (0/0), delay=00:00:03, xdelay=00:00:03, mailer
=esmtp, pri=150357, relay=gmail-smtp-in.l.google.com. [64.233.163.27], dsn=2.0.0
, stat=Sent (OK 1138216140 10si970484nzo)
Jan 25 13:08:55 mail sendmail[14498]: STARTTLS=client, relay=mail.chi1.etrn.com.
, version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Jan 25 13:08:55 mail sendmail[14498]: k0PJ8prO014493: to=<hank_taylor@knaack.com
>, ctladdr=<root@mail.sixtaylors.com> (0/0), delay=00:00:04, xdelay=00:00:01, ma
iler=esmtp, pri=150357, relay=mail.chi1.etrn.com. [63.144.80.38], dsn=4.2.0, sta
t=Deferred: 450 <hank_taylor@knaack.com>: Recipient address rejected: Greylisted
for 5 minutes
Jan 25 13:08:56 mail sendmail[14498]: STARTTLS=client, relay=mail.chi2.etrn.com.
, version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Jan 25 13:08:58 mail sendmail[14498]: k0PJ8prO014493: to=<hank_taylor@knaack.com
>, ctladdr=<root@mail.sixtaylors.com> (0/0), delay=00:00:07, xdelay=00:00:04, ma
iler=esmtp, pri=150357, relay=mail.chi2.etrn.com. [69.30.203.131], dsn=4.2.0, st
at=Deferred: 450 <hank_taylor@knaack.com>: Recipient address rejected: Greyliste
d for 5 minutes


When I try to send mail from the web interface, I simply gat a popup that says "Unable to send mail to: "anyone"@"outsidedomains.com"

Any ideas?

Thanks,

Hank

[ScalixSupport]

Hi Hank,

This is the key information:

When I try to send mail from the web interface, I simply gat a popup that says "Unable to send mail to: "anyone"@"outsidedomains.com"

Basically what that's saying is that SWA can't submit a message for delivery. There are two things to check. First, what is in your /etc/opt/scalix/webmail/partner.xml as your smtpServer? Perhaps you could post the first 40 lines or so of that file. Second, what is in your /var/opt/scalix/sys/smtpd.cfg file. Could you post that, along with your /etc/hosts file?

Thanks,
Rachel

[htaylor3]

Thanks Rachel

partner.xml

Last login: Wed Jan 25 12:52:21 2006 from 192.168.2.80
[root@mail ~]# cat /etc/opt/scalix/webmail/partner.xml
<?xml version="1.0" encoding="UTF-8"?>
<partner>
<features autoRefresh="true" calendar="true" checkAllFolders="false" maxAtta
chmentUploadKilobytes="10240" minCheckMailMinutes="3" rssClient="false" rulesWiz
ard="false" sortCoreFoldersToTop="true"></features>

<email domain="sixtaylors.com" imapServer="mail.sixtaylors.com" smtpServer="
mail.sixtaylors.com" userNameIncludesDomain="false"></email>

<!-- the mail store cache timer runs every timerInterval seconds and removes
mail
store connections that have not been used in longer than staleTime seco
nds.
To disable all mail store caching, set timerInterval to 0.

Setting timerInterval > 0 and staleTime == 0 means that all mail stores
will
be cleaned up everytime the timer runs, regardless of how long they hav
e
been inactive.

Setting timerInterval > 0 and staleTime > 0 means all mail stores older
than
staleTime will be cleaned up every timerInterval -->
<mail.store.cache connectionPoolSize="2" staleTime="900"></mail.store.cache>

<settings homeDir="/tmp" rulesWizardURL="http://mail.sixtaylors.com/Scalix/r
w"></settings>

<userDefaults addContactOnReply="false" addUnknowns="prompt" autoSpellCheck=
"false" defaultLocale="en_US" dirSearchOrder="system,personal" eventsPaneVisible
="true" foldersPaneVisible="true" includeMessageOnReply="true" isSignatureActive
="true" mailCheckInterval="10" messagePaneVisible="true" miniCalendarPaneVisible
="true" msgCompositionFontFamily="times new roman, new york, times, serif" msgCo
mpositionFontSize="3" newMailSound="" refSigID="random" refreshFolderList="" sho
wBcc="false" showFrom="false" signatureText="" stripJavascript="prompt" useRefSi
g="false" useRichText="true" useUKDateFormat="false"></userDefaults>

<ldapSources>
<ldapSource>
<type>system</type>
<server>mail.sixtaylors.com</server>
<port>389</port>
<basedn>o=scalix</basedn>
<displayname resourceID="addressbooksearch_title_system"
>System Directory</displayname>
<authtype>none</authtype>
<filter>(|(&amp;(cn=%s*)(mail=*))(&amp;(sn=%s*)(mail=*))(&amp;(gn=%s
*)(mail=*))(mail=%s*)(&amp;(omalias=%s*)(mail=*)))</filter>
<address_search>
<limit>100</limit>
<attribute_map>
<entry header="true">
<name resourceID="addressbooksea
rch_label_name">Name</name>
<dir_attribute>omcn</dir_attribu
te>
</entry>
<entry header="true" type="email">
<name resourceID="addressbooksea
rch_label_email">Email Address</name>
<dir_attribute>rfc822Mailbox</di


smtpd.cfg

RELAY accept 127.0.0.1
RELAY accept sixtaylors.com
RELAY Log_Reject ALL

# extra rules added to prevent open relay usage
RECIPIENT Log_Reject *@*@*
RECIPIENT Log_Reject *%*
RECIPIENT Log_Reject *!*
RECIPIENT Log_Reject *#*@*

hosts

[root@mail ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.2.25 mail.sixtaylors.com mail sixtaylors.com


Where did I screw the pooch?

Thanks,

Hank

[ScalixSupport]

Hi Hank,

Change your /etc/opt/scalix/sys/smtpd.cfg file so it reads more like:

Code: Select all

RELAY accept 127.0.0.1
RELAY accept .sixtaylors.com
RELAY accept 192.168.2.25
RELAY Log_Reject ALL

basically you're editing the sixtaylors.com line and adding a leading period and adding a specific relay accept line for your Scalix hosts IP address.

Now, stop and restart the smtp relay by typing:

Code: Select all

omoff -d0 smtpd
omon smtpd


Now try sending with SWA.

Thanks,
Rachel

[htaylor3]

Woo Hoo! There's that part!

Now: How do I set the fqdn so that companies like mine will not reject and graylist the email? Sendmail tries to send it from root. I believe that our relay will not accept from root to try and eliminate spam. Also, where do I turn on the rules wizard? (Sorry, my manual is at home) Your support has been stellar! We are being pressured to hop on a corporate backbone with exchange 2003, yada, yada, yada. I am pushing for other solutions. This may just be the one!

Thanks again Rachel and all.

-H-

[htaylor3]

Here is the output trying to reach my work address

Jan 25 13:50:16 mail sendmail[15018]: STARTTLS=client, relay=mail.chi1.etrn.com., version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Jan 25 13:50:18 mail sendmail[15018]: k0PJoBjC015009: to=<matt_mogenis@knaack.com>, delay=00:00:07, xdelay=00:00:03, mailer=esmtp, pri=181535, relay=mail.chi1.etrn.com. [63.144.80.38], dsn=4.2.0, stat=Deferred: 450 <matt_mogenis@knaack.com>: Recipient address rejected: Greylisted for 5 minutes
Jan 25 13:50:18 mail sendmail[15018]: k0PJoBjC015009: to=<hank_taylor@knaack.com>, delay=00:00:07, xdelay=00:00:03, mailer=esmtp, pri=181535, relay=mail.chi1.etrn.com. [63.144.80.38], dsn=4.2.0, stat=Deferred: 450 <hank_taylor@knaack.com>: Recipient address rejected: Greylisted for 5 minutes
Jan 25 13:50:19 mail sendmail[15018]: STARTTLS=client, relay=mail.chi2.etrn.com., version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Jan 25 13:50:19 mail sendmail[15018]: k0PJoBjC015009: to=<matt_mogenis@knaack.com>, delay=00:00:08, xdelay=00:00:04, mailer=esmtp, pri=181535, relay=mail.chi2.etrn.com. [69.30.203.131], dsn=4.2.0, stat=Deferred: 450 <matt_mogenis@knaack.com>: Recipient address rejected: Greylisted for 5 minutes
Jan 25 13:50:19 mail sendmail[15018]: k0PJoBjC015009: to=<hank_taylor@knaack.com>, delay=00:00:08, xdelay=00:00:04, mailer=esmtp, pri=181535, relay=mail.chi2.etrn.com. [69.30.203.131], dsn=4.2.0, stat=Deferred: 450 <hank_taylor@knaack.com>: Recipient address rejected: Greylisted for 5 minutes


Thanks,

-H-

[htaylor3]

BTW

If I send a mail from work to my scalix box, I can reply fine. If I send from scalix to work, it gets greylisted???

Thanks,

-H-

[ScalixSupport]

Hi Hank,

There's not a lot we can advise you here other than to check with etrn.com (the ISP that knaack.com uses) and find out what their policy is on black/greylisting sites. I can say that many ISPs will block messages coming from a host whose address is in a dynamic pool. I see that your host does resolve to what looks more like a pool address (xx-xx-xx-xx.client.yourisp.com). If it turns out that etrn.com won't do anything about it, you may need to setup your ISPs mail host as your smarthost and route all of your outbound mail through them.

Thanks,
Rachel

[htaylor3]

Thanks Rachel, I just got with them and it's all good. I also have the info to get rules set up. Now to work this thing hard!

Thanks again for all the help!

[ScalixSupport]

To enable the rules wizard in SWA, edit your /etc/opt/scalix/webmail/partner.xml file and chagne the line:

rulesWizard="false"

to

rulesWizard="true"

then stop and restart tomcat.

Thanks,
Rachel