Re: Help Needed: My RHEL5 box suddenly stopped accepting e-mails



Hi all,

Well, unfortunately my IT dept is claiming their network is fine--and
therefore the problem lies
either with my system, or is not worth their time to debug. I am still
trying to gather more
evidence to prove that my system is operating correctly; but I am starting
to lose hope that I
will persevere in this effort. Although, I'm not willing to throw in the
towel just yet.

In any case, see below for additional comments.

On Sun, May 8, 2011 at 2:27 PM, Barry Brimer <lists@xxxxxxxxxx> wrote:

1. Add an iptables logging rule that logs and connections to port 25 not
from localhost. Something like:
iptables -I INPUT -i ! lo -p tcp -m tcp --dport 25 -j LOG


I am going to wait on the change because I don't feel comfortable doing
this
just yet. Note
that we have established that systems on my subnet can successfully telnet
into port 25 of
my system; whereas systems on other subnets cannot. Would the logging
rule
above provide
additional information regarding the failed connection attempts to port
25?


You're not blocking/allowing anything .. just logging, before any ACCEPT
rules. If you try to telnet to port 25 from another subnet with this rule
in place and you don't see connections getting logged, they're not getting
to your server.


I went ahead and made the changes to the iptables logging as you suggested.
When I use swaks to
send my machine email from an offsite system, I _do_ see messages show up in
my /var/log/messages
file showing some kind of interaction between the offsite system and my
system. I don't know what is
being discussed between the systems, but the offsite system does finally
timeout in it's attemt to connect.

Does this imply my system is not allowing the remote system to send it
email? And therefore it
_is_ my system that is at fault?

BTW, out of curiosity, how do I remove the iptables logging? (Assuming this
issue ever gets
resolved and I want to reduce the amount of logging.)





6. Verify other Internet communications work .. perhaps you've got a bad
route of some kind.


I seem to be able to do other internet activity without any problems.


What about connecting to other internal hosts that are on a different
subnet. I still think this could be routing related. Have you verified
your routing table with IT?


I can connect to systems via ssh on different subnets within the company.
I have not verified my routing table with IT. I would not know what to
verify.

I did send my IT dept a traceroute from a remote system that cannot send my
system email.
I don't know if that is of any value, but I'm just trying to keep nudging
them with data and
hoping something will trigger an "ah ha!" moment.



7. Run some tests with swaks <http://jetmore.org/john/code/swaks/>


I'm not familiar with swaks; but I'll look into it.


I usually manually telnet to port 25 and have an SMTP conversation with the
mail server. If you don't speak fluent SMTP, swaks can help.


swaks works great! Especially for someone like me. Thanks for that tip.





8. Use system-switch-mail to verify that your system is using sendmail.


My system is running sendmail. However, I'm not familiar with
system-switch-mail, nor could
I find that command on my system.


If you ever had postfix or qmail installed from RH it installs in a way
that allows you to switch between MTAs. system-switch-mail manages symlinks
to make sure everything lines up correctly. You can install the
system-switch-mail package if you like. Probably not needed.


Oh, I see. I have not installed any other MTA's onto my system. At one
point I was considering
that as another test of my system; but I don't think that test is needed
anymore. It seems we
have proven that sendmail is working properly, and that the problem is
outside of the MTA.

Many thanks to all that are trying so hard to help me out! I wish just one
of you worked my
company's IT dept ;)

Best regards,

--
Mun




Barry

On Sat, 7 May 2011, Mun wrote:

Hi Bohdan,



On Sat, May 7, 2011 at 10:21 PM, Bohdan Sydor <bohdan@xxxxxxxxxx>
wrote:

On 05/08/2011 06:30 AM, Mun wrote:


Does everything above look okay?



Yes, they all seem to be alright.

Next, let's try to telnet to the smtp port:

- from the localhost. Simply telnet localhost 25 and try to submit a
sample msg.


You are now beyond my understanding of sendmail. After telnetting,
what is the command I should enter?


- from any other machine that is in the same subnet as the mail server



From any other remote hosts we already know that it fails. But do you


refer to the MTA by address or by name? Check the DNS entries for the
MTA:

host -t mx yourDomainName


This returned a name (not an address). Let say "xyz1.domain"



host -t a theResultNameFromPreviousCmd

Is it the same IP as assigned to the server?


Yes, the IP does match that of "xyz1.domain"

But this piqued my interest, and when I look in sendmail.cf I see the
following lines:
# "Smart" relay host (may be null)
DSabc1.domain

Should this entry be "xyz1.domain" (to match the the 'host -t mx'
command's
output)?
Or is it okay that the line in sendmail.cf refers to a different
server?

Best regards,

--
Mun





--
regards

Bohdan Sydor
www.sydor.net

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--

redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list





--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

!DSPAM:4dc6e200283104427513918!



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list