For a mail server running Sendmail email server software, if you wish to block email from a particular "from" address to any email address on the server, you can include the address you wish to block in the /etc/mail/access file. E.g., if you wished to block email from the address spammer@example.com, you can include the following line in that file:

# Block envelope "from" address of spammers
spammer@example.com                     REJECT

Any line beginning with a # is treated as a comment, so the first line above isn't needed, but adding a comment line may help you recognize why the reject statement is in the file. After you have added the line, you need to regenerate the /etc/mail/access.db file, or create a new one if there isn't already one present, using the command shown below (you don't need to restart sendmail):

# makemap hash /etc/mail/access </etc/mail/access
#

This will only work if you have a FEATURE(`access_db')dnl line in /etc/mail/sendmail.mc. E.g., a line like the one below:

FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl

If you don't have such a line, you will need to add it. If the line begins with dnl, you will need to remove the dnl at the beginning of the line, since that "comments out" the line.

[ More Info ]

[/network/email/sendmail] permanent link

A family member reported she was no longer able to send email via a Sendmail service I have running on a CentOS Linux system. She sent me a screenshot of the message she received when attempting to send a message. I saw a "Server error: '550 5.7.1 ... Relaying denied'" message. At first, I thought that a technician from her Internet Service Provider (ISP) might have changed her Microsoft Outlook settings when he upgraded her network equipment recently, but then I remembered I was restricting email relaying on the system by IP address and realized her IP address would have changed when the technician upgraded her network equipment. So I had her visit whatismyipaddress.com and provide me with the public IPv4 IP address it showed for her. I then replaced her prior IP address in /etc/mail/access. The format for an entry to allow relaying from a particular IP address is as shown below.

# Jane Doe
192.168.71.77                           RELAY

You can include a comment to indicate who the IP address is associated with by prefixing the comment with a pound sign. The IP address should be followed by the word "RELAY" (you can put tabs in between the IP address and the word, if you like).

After changing the IP address, I rebuilt the access database with the makemap command. I then restarted Sendmail

# makemap hash /etc/mail/access </etc/mail/access
# service sendmail restart
Redirecting to /bin/systemctl restart  sendmail.service
#

I was then able to receive a test message she sent me. After updating the IP address, I may only have needed to restart Sendmail without running the makemap command first as I found the following at 19.3.2. Sendmail on a Red Hat website in reference to running the make all -C /etc/mail/ command (CentOS is derived from Red Hat Enterprise Linux):

All other generated files in /etc/mail (db files) will be regenerated if needed. The old makemap commands are still usable. The make command is automatically used whenever you start or restart the sendmail service.

[/network/email/sendmail] permanent link

A user sends a monthly email newsletter to a distribution list on an email server I maintain that uses sendmail. He sends the message to an email alias on the system where sendmail converts the alias to all of the email addresses in the mailing list and the sends it out through a smart host to be delivered to all of the recipients of the newsletter. The sender sends the message from his verizon.net address and I needed to convert the "from" address from a verizon.net email address to a local email address on the server running sendmail. To do so, I placed the following lines at the end of /etc/mail/sendmail.mc. For the example below, I use the example.com domain as the local domain name for the server.

MASQUERADE_DOMAIN(`verizon.net')dnl
MASQUERADE_AS(`example.com')dnl

Note: the "dnl" at the end of each line has the letter "l", not the number "1" at the end of the line. And a backtick, i.e., `, is used before "verizon.net" while a single quote is used after it.

[ More Info ]

[/network/email/sendmail] permanent link

A family member wasn't receiving email for a Steam account she created to play a PC game. Her email comes through a Sendmail email server I manage and I found that a Domain Name System-based Blackhole List (DNSBL), the Spam and Open Relay Blocking System (SORBS), had blocked email from the IP address that Valve had for the email server used to send email to her about the account. When I checked the sendmail log file, I found the following two entries:

Dec 29 21:10:26 moonpoint sendmail[27413]: ruleset=check_relay, arg1=smtp03.stea
mpowered.com, arg2=127.0.0.6, relay=smtp03.steampowered.com [208.64.202.39], rej
ect=550 5.7.1 Spam Block:mail from 208.64.202.39 refused - see http://dnsbl.sorb
s.net/
Dec 29 21:17:35 moonpoint sendmail[27661]: ruleset=check_relay, arg1=smtp01.stea
mpowered.com, arg2=127.0.0.6, relay=smtp01.steampowered.com [208.64.202.37], rej
ect=550 5.7.1 Spam Block:mail from 208.64.202.37 refused - see http://dnsbl.sorb
s.net/

Checking, I found the following IP addresses and fully qualified domain names (FQDNs) for Steam email servers:

To ensure that none of the DNSBLs I use with Sendmail will ever block email from the Steam email servers, I added the following lines to /etc/mail/access:

Connect:208.64.202.36                           OK
Connect:208.64.202.37                           OK
Connect:208.64.202.38                           OK
Connect:208.64.202.39                           OK
Connect:208.64.202.40                           OK

I then used the makemap hash command to rebuild the access database.

# makemap hash /etc/mail/access </etc/mail/access
#

Once I did that, she was able to receive the Steam-related email.

[/network/email/sendmail] permanent link

# grep sbear /var/log/maillog
Jan  5 14:08:08 moonpoint sendmail[6276]: v05IxmvR006276: from=<sbearab1@y0hoo.c
om>, size=2339942, class=0, nrcpts=1, msgid=<1226622358.574156.1483642780691@mai
l.y0hoo.com>, proto=ESMTP, daemon=MTA, relay=omp1011.mail.ne1.y0hoo.com [98.138.
87.11]

So I checked Sendmail's queue with the mailq command and saw the message was stuck there. Note: Mailq is identical to sendmail -bp .

# mailq
                        /var/spool/mqueue (1 request)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
v05IxmvR006276  2338155 Thu Jan  5 14:08 <sbearab1@y0hoo.com>
                 (host map: lookup (yahoo.com): deferred)
                                         <abad_kitty@moonpoint.com>
                Total requests: 1
#

The sendmail queue can be flushed with the command sendmail -q -v .

#  sendmail -q -v

Running /var/spool/mqueue/v05IxmvR006276 (sequence 1 of 1)
<abad_kitty@moonpoint.com>... aliased to ann
ann... Connecting to local...
ann... Sent
# mailq
/var/spool/mqueue is empty
                Total requests: 0
#

The meaning of the -q and -v options to the sendmail command are shown below:

  -q[time]
              Process saved messages in the queue at given intervals.  If time
              is  omitted,  process the queue once.  Time is given as a tagged
              number, with `s' being seconds, `m' being minutes (default), `h'
              being  hours, `d' being days, and `w' being weeks.  For example,
              `-q1h30m' or `-q90m' would both set  the  timeout  to  one  hour
              thirty  minutes.   By  default,  sendmail  will run in the back-
              ground.  This option can be used safely with -bd.

      -v     Go into verbose mode.  Alias expansions will be announced, etc.

[/network/email/sendmail] permanent link

dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
define(`RELAY_MAILER_ARGS', `TCP $h 587')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')
define(`SMART_HOST', `smtp.sparkpostmail.com')dnl

[ More Info ]

[/network/email/sendmail] permanent link

# mailq
                /var/spool/mqueue (7 requests)
-----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
u83BWu3X020476     1010 Sat Sep  3 07:32 <apache@example.com>
                 (Deferred: Connection refused by mail.user-mail.net.)
                                         <donniemenniti12345@yahoo.com>

The system was running Apache, but I would not expect any email to originate from Apache destined for a Yahoo email address.

The contents of queued email are stored in the /var/spool/mqueue directory. For a queued message there will normally be two files, one beginning with the letters "df" and the other with the letters "qf", containing the queue id, in this case u83BWu3X020476, as the rest of the file name.

# ls /var/spool/mqueue/??u83BWu3X020476
/var/spool/mqueue/dfu83BWu3X020476  /var/spool/mqueue/qfu83BWu3X020476
#

Note: you will only be able to access these files from the root account.

[ More Info ]

[/network/email/sendmail] permanent link

[ More Info ]

[/network/email/sendmail] permanent link

# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# service sendmail restart
Redirecting to /bin/systemctl restart  sendmail.service
Job for sendmail.service failed because the control process exited with error code. See "systemctl status sendmail.service" and "journalctl -xe" for details.

When I issued a systemctl status sendmail.service command for further information, I saw the following:

# systemctl status sendmail.service
● sendmail.service - Sendmail Mail Transport Agent
   Loaded: loaded (/usr/lib/systemd/system/sendmail.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2016-08-18 15:40:49 EDT; 11s ago
  Process: 25578 ExecStart=/usr/sbin/sendmail -bd $SENDMAIL_OPTS $SENDMAIL_OPTARG (code=exited, status=78)
  Process: 25573 ExecStartPre=/etc/mail/make aliases (code=exited, status=0/SUCCESS)
  Process: 25570 ExecStartPre=/etc/mail/make (code=exited, status=0/SUCCESS)
 Main PID: 3394 (code=exited, status=0/SUCCESS)

Aug 18 15:40:49 moonpoint.com systemd[1]: Starting Sendmail Mail Transport A....
Aug 18 15:40:49 moonpoint.com sendmail[25578]: 554 5.0.0 /etc/mail/sendmail....d
Aug 18 15:40:49 moonpoint.com sendmail[25578]: NOQUEUE: SYSERR(root): /etc/m...d
Aug 18 15:40:49 moonpoint.com sendmail[25578]: NOQUEUE: SYSERR(root): InputF...y
Aug 18 15:40:49 moonpoint.com sendmail[25578]: 451 4.0.0 InputFilter BitDefe...y
Aug 18 15:40:49 moonpoint.com systemd[1]: sendmail.service: control process ...8
Aug 18 15:40:49 moonpoint.com systemd[1]: Failed to start Sendmail Mail Tran....
Aug 18 15:40:49 moonpoint.com systemd[1]: Unit sendmail.service entered fail....
Aug 18 15:40:49 moonpoint.com systemd[1]: sendmail.service failed.
Hint: Some lines were ellipsized, use -l to show in full.

When I undid the changes I had made to sendmail.mc, the issue remained. When I used the journalctl command to check on the problem, I saw the following:

# journalctl -xe
-- 
-- Unit sendmail.service has failed.
-- 
-- The result is failed.
Aug 18 15:43:25 moonpoint.com systemd[1]: Dependency failed for Sendmail Mail Tr
-- Subject: Unit sm-client.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit sm-client.service has failed.
-- 
-- The result is dependency.
Aug 18 15:43:25 moonpoint.com systemd[1]: Job sm-client.service/start failed wit
Aug 18 15:43:25 moonpoint.com systemd[1]: Unit sendmail.service entered failed s
Aug 18 15:43:25 moonpoint.com systemd[1]: sendmail.service failed.
Aug 18 15:43:25 moonpoint.com polkitd[771]: Unregistered Authentication Agent fo
Aug 18 15:43:53 moonpoint.com sshd[25845]: Address 168.176.56.13 maps to wimax13
Aug 18 15:43:53 moonpoint.com sshd[25845]: Invalid user log from 168.176.56.13
Aug 18 15:43:53 moonpoint.com sshd[25845]: input_userauth_request: invalid user 
Aug 18 15:43:53 moonpoint.com sshd[25845]: pam_unix(sshd:auth): check pass; user
Aug 18 15:43:53 moonpoint.com sshd[25845]: pam_unix(sshd:auth): authentication f
Aug 18 15:43:55 moonpoint.com sshd[25845]: Failed password for invalid user log 
Aug 18 15:43:56 moonpoint.com sshd[25845]: Connection closed by 168.176.56.13 [p
lines 1490-1512/1512 (END)

[ More Info ]

[/network/email/sendmail] permanent link

C:\>systeminfo | findstr /R "^OS.Version"
OS Version:                10.0.10586 N/A Build 10586

C:\>

The /R option indicates that the findstr command should perform its search based on a regular expression. The "^" character is a character that when included in a regular expression means that what follows should be at the beginning of the line. Without it, you could see something like the following, instead, since "BIOS Version also matches:

C:\>systeminfo | findstr /R "OS.Version"
systeminfo | findstr /R "OS.Version"
OS Version:                10.0.10586 N/A Build 10586
BIOS Version:              Dell Inc. A04, 11/21/2011

C:\>

The period between "OS" and "Version" indicates in a regular expression that any one character in that space will match; in this case there is a space character between the two words, which will match the period in a regular expression. If you want to have a period treated as a period rather than serving its function as a regular expression character, you can "escape" its meaning by using the backslash, i.e. "\", escape character.

[ More Info ]

[/network/email/sendmail] permanent link