Four emails from you this morning. Let me summarize what I think I know.
The app server can communicate with sendmail on the majordomo server, but
the primary mail gateway in your dmz cannot? Yet you can receive email
from the gatewsy, not "to" your list? The restrict_post value of your
list.config file is empty. Does taboo_headers contain anything? In the
majordomo.cf file there are also places that can match patterns to reject
mail, but none of them would give the error you are seeing. I have to
"assume" your testing used a "real" address for mail from instead of the
"example" <application @
appserver .
hostname> too. This "invalid" address
might be checked by sendmail and verified by reverse DNS before any other
process on the system has a chance to see the email.
I would start next with troubleshooting sendmail. Majordomo is not doing
the rejection, sendmail is. Assuming you have a fairly vanilla sendmail.cf
file, and you are not using LDAP or other database for authorization
integration to SMTP, see if your /etc/mail/access file for entries matching
your network or your DMZ. Maybe you need to specifically allow your email
gateway host access.
Did you say once before that you checked the files in /etc/mail for any
setting that may be causing the errors? Files to check are virtusertable,
mailertable, and most importantly access. When testing sendmail with the
telnet commands, make sure to do several tests, using differing HELO/EHLO
hostnames, MAIL FROM (real and fake) users, and RCPT TO known good and bad
accounts, then visit the logs to see the differences as well as what you
observed with telnet. These tests should be performed at the local server
and any gateway servers between you and the internet, as well as any other
server or workstation on the local network then might communicate with the
SMTP service on the majordomo server.
Sharma, Vikas wrote:
John, would it be possible for you to tell me the steps to check this
problem?
-----Original Message-----
From: Linn, Dr John A. [mailto:j .
linn @
abdn .
ac .
uk]
Sent: Wednesday, March 25, 2009 8:44 AM
To: Sharma, Vikas
Subject: RE: Problem with Majordomo bonzo
I would look in your sendmail configuration at the place this message is
generated as it looks like it is a sendmail config problem. Perhaps you
have restricted delivery to only those in the system alias file and not
the majordomo list alias file.
John
-----Original Message-----
From: majordomo-users-owner @
greatcircle .
com
[mailto:majordomo-users-owner @
greatcircle .
com] On Behalf Of Sharma,
Vikas
Sent: 25 March 2009 12:30
To: Daniel Liston
Cc: Majordomo-Users @
GreatCircle .
COM
Subject: Re: Problem with Majordomo bonzo
I did one more thing. As I said earlier that whenever our application
server is sending emails to majordomo it is bouncing back with error:
"<<< 553 5.3.0 <capplication @
appserver .
hostname>... You do not have
permission send to this address
550 5.1.1 listname @
your .
domain .
.
.
User unknown"
When I did the telnet on port 25 on my majordomo server as per given
steps by you and tried to send email, it was successful.
But when I tried to send email via our gateway server with telnet (which
is in DMZ and the bridgehead for sending emails inside our domain),
after entering rcpt to:listname @
your .
domain, I got the same error "You
do not have permissions send to this address".
I hope it'll help to narrow down my issue.
Thanks,
Vikas
-----Original Message-----
From: Daniel Liston [mailto:dliston @
sonny .
org]
Sent: Wednesday, March 18, 2009 4:12 PM
To: Sharma, Vikas
Cc: Majordomo-Users @
GreatCircle .
COM
Subject: Re: Problem with Majordomo bonzo
This seems to be much more specific than just "outside your domain".
Let us "trace back" the email that comes into majordomo.
1. majordomo is called out by sendmail via the aliases file(s)
majordomo.cf and/or your listname.conf files can reject mail 2.
If an alias does not exist, the passwd file is checked 3. sendmail (or
compatible) MTA listens for mail on port 25, 465, or 587
sendmail.cf, access, generics, and virtuser tables can all
reject
incoming mail just like a firewall.
4. local users typically have different rule sets than non-local users
5. DMZ implies firewall,
If you log onto the application server in your DMZ and telnet to port 25
of your majordomo server, do you get a sendmail banner message?
quit is the command to exit from the connection If you give
"EHLO " followed by your appserver hostname, do you get a list of
250-responses? Or do you get some other response?
If you give "mail from: <application @
appserver .
hostname>" do you get a
sender ok reponse?
If you then say "rcpt to: <listname @
your .
domain>" what happens?
If all of the above is successful, we can start to look at majordomo and
the list configuration files as suspect. This of course assumes there
are no other mail filters between sendmail and majordomo.
Dan Liston
Sharma, Vikas wrote:
Thanks for your reply Daniel. We don't have any problem receiving
emails from outside the domain. The problem is with one majordomo list
only.
Let me try to explain the scenario here:
1) We have majordomo server with sendmail on Linux box.
2) Mailing list on majordomo can receive emails from internal users
3) One user is having application server which is in DMZ. This
application is using our gateway server(again it is in DMZ) to send
emails to the mailing list. The majordomo server is not in DMZ.
4) Earlier, the application owner created mailing list in majordomo,
his application server was not able to send emails to it and giving
the same error message.
5) One guy who was working earlier with us, made some changes and that
application started sending emails to that list.
6) Now again, the application owner created one more list on majordomo
but it is not accepting emails from that application and I don't have
any idea what change was made by that guy earlier.
Can you please help me according to the scenario?
thanks and
regards,
Vikas
-----Original Message-----
From: Daniel Liston [mailto:dliston @
sonny .
org]
Sent: Wednesday, March 18, 2009 1:59 PM
To: Sharma, Vikas
Cc: Majordomo-Users @
GreatCircle .
COM
Subject: Re: Problem with Majordomo
Before your mailing list can receive messages from outside your
domain,
your other aliases or mailboxes must be able to receive such email
first.
If you have a mailbox on the majordomo server, test by sending
yourself
a message from hotmail,msn,live,yahoo,gmail or any free email
location.
Do you receive that message? If not, then neither can majordomo or
your
list.
Dan Liston
Sharma, Vikas wrote:
Can anyone please tell me how can we enable our mailing lists to
receive emails from external senders (Sender outside from our
domain)?
We are using majordomo with sendmail.
thanks and
regards,
Vikas
The University of Aberdeen is a charity registered in Scotland, No
SC013683.
References:
|
|
