Help Needed: My RHEL5 box suddenly stopped accepting e-mails

Mun mjelists at gmail.com
Tue May 10 05:41:43 UTC 2011 

Hi all,

Well, unfortunately my IT dept is claiming their network is fine--and
therefore the problem lies
either with my system, or is not worth their time to debug.  I am still
trying to gather more
evidence to prove that my system is operating correctly; but I am starting
to lose hope that I
will persevere in this effort.  Although, I'm not willing to throw in the
towel just yet.

In any case, see below for additional comments.

On Sun, May 8, 2011 at 2:27 PM, Barry Brimer <lists at brimer.org> wrote:

> 1.  Add an iptables logging rule that logs and connections to port 25 not
>>> from localhost.  Something like:
>>> iptables -I INPUT -i ! lo -p tcp -m tcp --dport 25 -j LOG
>>>
>>>
>> I am going to wait on the change because I don't feel comfortable doing
>> this
>> just yet.  Note
>> that we have established that systems on my subnet can successfully telnet
>> into port 25 of
>> my system; whereas systems on other subnets cannot.  Would the logging
>> rule
>> above provide
>> additional information regarding the failed connection attempts to port
>> 25?
>>
>
> You're not blocking/allowing anything .. just logging, before any ACCEPT
> rules.  If you try to telnet to port 25 from another subnet with this rule
> in place and you don't see connections getting logged, they're not getting
> to your server.


I went ahead and made the changes to the iptables logging as you suggested.
 When I use swaks to
send my machine email from an offsite system, I _do_ see messages show up in
my /var/log/messages
file showing some kind of interaction between the offsite system and my
system.  I don't know what is
being discussed between the systems, but the offsite system does finally
timeout in it's attemt to connect.

Does this imply my system is not allowing the remote system to send it
email?  And therefore it
_is_ my system that is at fault?

BTW, out of curiosity, how do I remove the iptables logging?  (Assuming this
issue ever gets
resolved and I want to reduce the amount of logging.)



>
>
>  6.  Verify other Internet communications work .. perhaps you've got a bad
>>> route of some kind.
>>>
>>>
>> I seem to be able to do other internet activity without any problems.
>>
>
> What about connecting to other internal hosts that are on a different
> subnet.  I still think this could be routing related.  Have you verified
> your routing table with IT?


I can connect to systems via ssh on different subnets within the company.
I have not verified my routing table with IT.  I would not know what to
verify.

I did send my IT dept a traceroute from a remote system that cannot send my
system email.
I don't know if that is of any value, but I'm just trying to keep nudging
them with data and
hoping something will trigger an "ah ha!" moment.


>
>  7.  Run some tests with swaks <http://jetmore.org/john/code/swaks/>
>>>
>>
>> I'm not familiar with swaks; but I'll look into it.
>>
>
> I usually manually telnet to port 25 and have an SMTP conversation with the
> mail server.  If you don't speak fluent SMTP, swaks can help.


swaks works great!  Especially for someone like me.  Thanks for that tip.



>
>
>  8.  Use system-switch-mail to verify that your system is using sendmail.
>>>
>>
>  My system is running sendmail.  However, I'm not familiar with
>> system-switch-mail, nor could
>> I find that command on my system.
>>
>
> If you ever had postfix or qmail installed from RH it installs in a way
> that allows you to switch between MTAs.  system-switch-mail manages symlinks
> to make sure everything lines up correctly.  You can install the
> system-switch-mail package if you like.  Probably not needed.
>

Oh, I see.  I have not installed any other MTA's onto my system.  At one
point I was considering
that as another test of my system; but I don't think that test is needed
anymore.  It seems we
have proven that sendmail is working properly, and that the problem is
outside of the MTA.

Many thanks to all that are trying so hard to help me out!  I wish just one
of you worked my
company's IT dept ;)

Best regards,

-- 
Mun



>
> Barry
>
>  On Sat, 7 May 2011, Mun wrote:
>>>
>>>  Hi   Bohdan,
>>>
>>>>
>>>>
>>>> On Sat, May 7, 2011 at 10:21 PM, Bohdan Sydor <bohdan at harazd.net>
>>>> wrote:
>>>>
>>>>  On 05/08/2011 06:30 AM, Mun wrote:
>>>>
>>>>>
>>>>>  Does everything above look okay?
>>>>>
>>>>>>
>>>>>>
>>>>> Yes, they all seem to be alright.
>>>>>
>>>>> Next, let's try to telnet to the smtp port:
>>>>>
>>>>> - from the localhost. Simply telnet localhost 25 and try to submit a
>>>>> sample msg.
>>>>>
>>>>>
>>>>>  You are now beyond my understanding of sendmail.  After telnetting,
>>>> what is the command I should enter?
>>>>
>>>>
>>>>  - from any other machine that is in the same subnet as the mail server
>>>>
>>>>>
>>>>>
>>>>>  From any other remote hosts we already know that it fails. But do you
>>>>>
>>>>>>
>>>>>>  refer to the MTA by address or by name? Check the DNS entries for the
>>>>> MTA:
>>>>>
>>>>> host -t mx yourDomainName
>>>>>
>>>>>
>>>>>  This returned a name (not an address).  Let say "xyz1.domain"
>>>>
>>>>
>>>>
>>>>  host -t a theResultNameFromPreviousCmd
>>>>
>>>>> Is it the same IP as assigned to the server?
>>>>>
>>>>>
>>>>>  Yes, the IP does match that of "xyz1.domain"
>>>>
>>>> But this piqued my interest, and when I look in sendmail.cf I see the
>>>> following lines:
>>>> # "Smart" relay host (may be null)
>>>> DSabc1.domain
>>>>
>>>> Should this entry be "xyz1.domain" (to match the the 'host -t mx'
>>>> command's
>>>> output)?
>>>> Or is it okay that the line in sendmail.cf refers to a different
>>>> server?
>>>>
>>>> Best regards,
>>>>
>>>> --
>>>> Mun
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>  --
>>>>> regards
>>>>>
>>>>> Bohdan Sydor
>>>>> www.sydor.net
>>>>>
>>>>> --
>>>>> redhat-list mailing list
>>>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>>>
>>>>>  --
>>>>>
>>>> redhat-list mailing list
>>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>  --
>>> redhat-list mailing list
>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>>  --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>> !DSPAM:4dc6e200283104427513918!
>>
>>
>>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list