[GLLUG] sendmail puzzle
Ken Smith
kens at kensnet.org
Mon Oct 10 21:54:17 UTC 2022
I'm trying to sort out a Rocky 8.5 server that has sendmail installed.
(Please don't go on a diversion about how I should tell the owner to
dump sendmail and switch to exim or postfix - save that for another
thread please. )
I'm pretty good with sendmail but this problem has me a bit foxed. I'd
value some suggestions of where to look as I think I'm not seeing the
wood for the trees.
It will send from addresses in the local network, without auth, because
I have "connect:192.168.123 relay" in the access file - that being the
local LAN.
I've tested sasl auth and that is authenticating.
Using telnet from an IP off their LAN (over a VPN) I can connect using
TLS (openssl s_client etc etc) and authenticate (perl -MMIME::Base64 etc
etc) it accepts my credentials and then if I try to send a message I
get "Relaying denied. IP name lookup failed [my local ip]" The same
happens with a test using Thunderbird.
If I do the same test from the host that sendmail is on, it works fine.
Also if I do the same test from another host on the same LAN it works fine.
Somehow its complaining about the source IP in authenticated sessions
outside the LAN range.
In the test from my local LAN (172.16.0.x), over a VPN, the remote dns
can't resolve the reverse dns of my LAN. I've done a similar test with
another sendmail site and remote auth is working fine.
Maybe sendmail is doing reverse DNS when it shouldn't be.
Suggestions most welcome....
Thanks
Ken
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the GLLUG
mailing list