View previous topic :: View next topic |
Author |
Message |
t011 Tux's lil' helper
Joined: 05 Sep 2002 Posts: 102
|
Posted: Sat Dec 07, 2002 7:12 am Post subject: qmail problem: smtp won't accept email to nonlocal host |
|
|
I'm trying to setup qmail and qmail-pop3d so that I can read and send mail from my localuser .maildir account. Qmail is working fine (I think). When logged in locally to my linux machine I am able to send and receive email. I'm now trying to access that same email from a different machine(Win2K 192.168.1.101). I clearly have a few complications because of the way my IP and domain names resolve. Basically I have a fixed IP address, let's say it's 216.87.1.1. That address resolves to a domain name given to it by my ISP, let's call it big.ass.long.domain.name. I also have a domain name registered (let's say it's shortdomain.com) which is different from the ISP's domain name. My machine is also behind a router on a local network, so it's actual IP is 192.168.1.100. Everything that hits 216.87.1.1 on ports 25(smtp) or 110(pop) gets forwarded to 192.168.1.100. This Win2k machine and the rest of my local network, plus my fixed ip (216.87.90.1), and 127.0.0.1 are in my /etc/tcp.smtp.cdb file. By specifying 216.87.1.1 as the POP and SMTP servers I'm able to download the email from my linux machine (localuser@shortdomain.com). Using that same account, I'm able to send email to localuser@shortdomain.com from localuser@shortdomain.com (but why would I really want to do that). What I'd like to be able to do is to send email to whoever@wherever.com from localuser@shortdomain.com. The problem is that I get this error message:
Quote: | The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'whoever@wherever.com'. Subject 'email to a nonlocal account', Account: 'localuser@shortdomain.com', Server: '216.87.1.1', Protocol: SMTP, Server Response: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)', Port: 25, Secure(SSL): No, Server Error: 553, Error Number: 0x800CCC79 |
All the files in /var/qmail/control are generally setup accurately. Like I said, this email server functions perfectly when dealing with local accounts, it's just the pop stuff that's a bit messed up. /var/qmail/control/me has my FQDN which is based on my short domain name. /var/qmail/control/locals and /var/qmail/control/rcpthosts have localhost.shortdomain.com and shortdomain.com. What I need is for the SMTP client to treat mail coming from me on my windows machine, using my localuser@shortdomain.com address, as if it originated locally. Obviously it doesn't make any sense that in order to send email out using SMTP, that the recipients domain name would need to be in rcpthosts. Why isn't my windows machine, whose ip address is listed in /etc/tcp.smtp.cdb, allowed to relay email, through SMTP, to my linux machine for delivery to another address not listed in local or rcpthosts?
Thanks for any help you can provide.
t011 |
|
Back to top |
|
|
fathergrief n00b
Joined: 04 Oct 2002 Posts: 35 Location: Alaska
|
Posted: Sat Dec 07, 2002 7:46 am Post subject: |
|
|
The problem is you need to specify which address are allowed to send mail anywhere, if your IP address is not on that list, Qmail will only accept email going to your own accounts. For more information and for how to set this up go to http://www.palomine.net/qmail/selectiverelay.html |
|
Back to top |
|
|
Larde Guru
Joined: 07 Jun 2002 Posts: 313 Location: Duesseldorf, Germany
|
Posted: Sat Dec 07, 2002 8:21 am Post subject: |
|
|
Actually, from what you write, I think you have set it up ok and that it should work. Hmm, you always write the IPs that you want to be allowed to relay are listed in /etc/tcp.smtp.cdb. Just to be sure: You didn't put them in there manually, did you? I assume you created that file with something like tcprules /etc/tcp.smtp.cdb /tmp/bla < /etc/tcp.smtp - so what's in your /etc/tcp.smtp? Perhaps you got the syntax wrong somehow?
Larde. _________________ Someday this will be my home... http://moonage.net/
I'll make you a deal
I'll say I came from Earth and my tongue is taped
|
|
Back to top |
|
|
t011 Tux's lil' helper
Joined: 05 Sep 2002 Posts: 102
|
Posted: Sat Dec 07, 2002 6:05 pm Post subject: |
|
|
To clarify my /etc/tcp.smtp config, here it is:
Quote: | 127.0.0.1:allow,RELAYCLIENT=""
192.168.1.100:allow,RELAYCLIENT=""
192.168.1.101:allow,RELAYCLIENT=""
192.168.1.102:allow,RELAYCLIENT=""
216.87.1.1:allow,RELAYCLIENT=""
:allow |
My linux machine is 192.168.1.100 and the win2k machine I'm trying to access from is 192.168.1.101. 216.87.90.1.1 is my external static ip. I then compiled it into the cdb format by issuing this command (as root):
Quote: | tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp |
Both tcp.smtp and tcp.smtp.cdb are owned root:root and set 644. I've read over the article at
http://www.palomine.net/qmail/selectiverelay.html, but I don't see anything that I'm doing wrong versus what's in the article. Maybe, it's just not obvious to me.
Thanks for taking a look at my problem, and thanks for any other insight you may be able to provide.
t011 |
|
Back to top |
|
|
t011 Tux's lil' helper
Joined: 05 Sep 2002 Posts: 102
|
Posted: Sat Dec 07, 2002 6:35 pm Post subject: |
|
|
Well, I figured out what was wrong with my configuration. I needed to add the address of my router to the /etc/tcp.smtp file. Once I did that, and issued the command to convert that into /etc/tcp.smtp.cdb it would accept my mail. Looking at the headers of the test messages, it appears that despite the email originating from 192.168.1.101 and going to 192.168.1.100, it passes through my router at 192.168.1.1, and the router's ip is the only address that the tcprules see. Thanks for the help.
t011 |
|
Back to top |
|
|
lord n00b
Joined: 16 Oct 2002 Posts: 73 Location: Linköping, Sweden
|
Posted: Tue May 06, 2003 6:36 am Post subject: |
|
|
I also have the same problem, but it doesnt help adding any IP except the senders IP with RELAYCLIENT="".... and thats not very helpful =/
right now I got:
Code: | 127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" |
I'm managing virtual hosts and they got virtual POP3 accounts and they work fine. All users can pick up their emails, but nobody can email any adress that's not in rcpthosts.... kinda useless. I've been googling and reading qmail's archives with no luck for many hours now ... any advice would be really appreciated =)
Everyone keeps saying that there's something with relaying but LWQ and selectiverelay FAQ are really not helping =/ |
|
Back to top |
|
|
dlove n00b
Joined: 25 Feb 2003 Posts: 9
|
Posted: Wed May 07, 2003 9:26 pm Post subject: |
|
|
I beat my head against this for days:
lord wrote: | All users can pick up their emails, but nobody can email any adress that's not in rcpthosts.... kinda useless. =/ |
until pinning the problem on an ipv6 patch in ucspi-tcp. If you have the ipv6 USE flag set, then try this:
Code: |
/etc/init.d/svscan stop
emerge -C ucspi-tcp
env USE="-ipv6" emerge sys-apps/ucspi-tcp
/etc/init.d/svscan start
|
(submitting bug report now)
Something in that patch hoses the ipv4/RELAYCLIENT handling in tcpserver.
Note that when you disable ipv6 for the build, you'll immediately pick up some other patch if you have the ssl USE flag set. That doesn't seem to be causing any problems here (yet), but you might want to also turn off ssl for the build (USE="-ipv6 -ssl") , just to be safe. |
|
Back to top |
|
|
dlove n00b
Joined: 25 Feb 2003 Posts: 9
|
Posted: Thu May 08, 2003 5:47 pm Post subject: |
|
|
dlove wrote: | Note that when you disable ipv6 for the build, you'll immediately pick up some other patch if you have the ssl USE flag set. That doesn't seem to be causing any problems here (yet), but you might want to also turn off ssl for the build (USE="-ipv6 -ssl") , just to be safe. |
Ok, I spoke too soon. The ssl patch kills qmail-qmqpd, so you'll definitely need "USE=-ipv6 -ssl" when compiling ucspi-tcp. |
|
Back to top |
|
|
java geek n00b
Joined: 29 Jan 2003 Posts: 52 Location: Midlothian VA
|
Posted: Wed May 28, 2003 4:30 pm Post subject: I did that and now sys-apps/ucspi-tcp wont emerge |
|
|
I followed youre instructions and now sys-apps/ucspi-tcp wont emerge. I get the following error. Any insight into it?
USE="-ipv6 -ssl" emerge sys-apps/ucspi-tcp Calculating dependencies ...done!
>>> emerge (1 of 1) sys-apps/ucspi-tcp-0.88-r5 to /
>>> md5 src_uri ucspi-tcp-0.88.tar.gz
>>> Unpacking source...
>>> Unpacking ucspi-tcp-0.88.tar.gz to /var/tmp/portage/ucspi-tcp-0.88-r5/work
* Applying 0.88-errno.patch... [ ok ]
>>> Source unpacked.
make: the `-j' option requires a positive integral argument
Usage: make [options] [target] ...
Options:
-b, -m Ignored for compatibility.
-B, --always-make Unconditionally make all targets.
-C DIRECTORY, --directory=DIRECTORY
Change to DIRECTORY before doing anything.
-d Print lots of debugging information.
--debug[=FLAGS] Print various types of debugging information.
-e, --environment-overrides
Environment variables override makefiles.
-f FILE, --file=FILE, --makefile=FILE
Read FILE as a makefile.
-h, --help Print this message and exit.
-i, --ignore-errors Ignore errors from commands.
-I DIRECTORY, --include-dir=DIRECTORY
Search DIRECTORY for included makefiles.
-j [N], --jobs[=N] Allow N jobs at once; infinite jobs with no arg.
-k, --keep-going Keep going when some targets can't be made.
-l [N], --load-average[=N], --max-load[=N]
Don't start multiple jobs unless load is below N.
-n, --just-print, --dry-run, --recon
Don't actually run any commands; just print them.
-o FILE, --old-file=FILE, --assume-old=FILE
Consider FILE to be very old and don't remake it.
-p, --print-data-base Print make's internal database.
-q, --question Run no commands; exit status says if up to date.
-r, --no-builtin-rules Disable the built-in implicit rules.
-R, --no-builtin-variables Disable the built-in variable settings.
-s, --silent, --quiet Don't echo commands.
-S, --no-keep-going, --stop
Turns off -k.
-t, --touch Touch targets instead of remaking them.
-v, --version Print the version number of make and exit.
-w, --print-directory Print the current directory.
--no-print-directory Turn off -w, even if it was turned on implicitly.
-W FILE, --what-if=FILE, --new-file=FILE, --assume-new=FILE
Consider FILE to be infinitely new.
--warn-undefined-variables Warn when an undefined variable is referenced.
This program built for i686-pc-linux-gnu
Report bugs to <bug-make@gnu.org>
!!! ERROR: sys-apps/ucspi-tcp-0.88-r5 failed.
!!! Function src_compile, Line 38, Exitcode 2
!!! (no error message) |
|
Back to top |
|
|
java geek n00b
Joined: 29 Jan 2003 Posts: 52 Location: Midlothian VA
|
|
Back to top |
|
|
slott_hansen n00b
Joined: 03 Feb 2003 Posts: 40 Location: Denmark, Copenhagen
|
Posted: Mon Jun 09, 2003 9:12 am Post subject: qmail send receive problems |
|
|
I've been fidling with qmial for a looong time now and I'm this close to give up. I've had problems receiving external emails addresses (local onese work fine) and followed the guide on "life with qmail".
Everything should work accordingly to the guide and my stats match the ones from the guide. The problem is that now things are even worse than before
Now I can't even SEND anything from my server using squirrelmail which worked before...
Can anyone shed some light on this problem ? _________________ Best regards,
Morten Slott Hansen |
|
Back to top |
|
|
SyS_RaGE n00b
Joined: 02 Jun 2003 Posts: 14
|
Posted: Thu Aug 14, 2003 7:11 pm Post subject: |
|
|
I'm having the same problem as the original post of this thread. I tried your suggestions (USE=-ipv6 -ssl) but still have the same problem. I'm using qmail and vpopmail. Anybody have any other ideas for me to try? |
|
Back to top |
|
|
SyS_RaGE n00b
Joined: 02 Jun 2003 Posts: 14
|
Posted: Thu Aug 14, 2003 7:58 pm Post subject: |
|
|
Nevermind, I fixed it. My problem was that I needed to add my LAN IP to /etc/hosts. Seems kind of stupid to me that that is necessary, but oh well. It works now =) |
|
Back to top |
|
|
radulucian Apprentice
Joined: 05 Jan 2004 Posts: 151 Location: Bucharest Romania
|
Posted: Tue Apr 13, 2004 7:57 am Post subject: |
|
|
hi guys, had the same problem it wasn't obvious from this thread what is the solution.
i had vpopmail-5.2.1-r9 wich was working fine but open relay then i upgraded to vpopmail-5.2.2-r1 which failed to authenticate
i did
Code: |
/etc/init.d/svscan stop
emerge -C ucspi-tcp
env USE="-ipv6 -ssl" emerge sys-apps/ucspi-tcp
/etc/init.d/svscan start
|
and now everything is working fine, as long as i authenticate any request for outgoing mail with smtp server
thanks for the tip. _________________ --------------------------
i am gen2 fan too
noone clicks links in the signature
-------------------------- |
|
Back to top |
|
|
newtonian Guru
Joined: 19 Jan 2005 Posts: 465 Location: Hokkaido Japan
|
Posted: Wed Nov 30, 2005 12:27 pm Post subject: worked for me |
|
|
radulucian wrote: | hi guys, had the same problem it wasn't obvious from this thread what is the solution.
i had vpopmail-5.2.1-r9 wich was working fine but open relay then i upgraded to vpopmail-5.2.2-r1 which failed to authenticate
i did
Code: |
/etc/init.d/svscan stop
emerge -C ucspi-tcp
env USE="-ipv6 -ssl" emerge sys-apps/ucspi-tcp
/etc/init.d/svscan start
|
and now everything is working fine, as long as i authenticate any request for outgoing mail with smtp server
thanks for the tip. |
I was getting 553 sorry, that domain isn't in my list of allowed rcpthosts when trying to send mail from localhost
to gmail without authentication.
So this is what I did to get it working.
1.followed this: http://gentoo-wiki.com/TIP_Setup_Your_FQDN
2.followed the "Warning: If you don't receive any mail or you see weird errors" section in the official gentoo qmail howto
3. followed radulucian's advice in the post above.
Now, local programs sending through localhost can send without having to authenticate.
Cheers, |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|