Help Needed: My RHEL5 box suddenly stopped accepting e-mails
Mun
mjelists at gmail.com
Sun May 8 18:34:31 UTC 2011
Hi Barry,
Thanks for replying.
Some of the points were previously brought up by others; but I'll try to
address
your points the best I can.
On Sat, May 7, 2011 at 11:37 PM, Barry Brimer <lists at brimer.org> wrote:
> I've not been following this too closely, but I'll make a few suggestions
> in no particular order.
>
> 1. Add an iptables logging rule that logs and connections to port 25 not
> from localhost. Something like:
> iptables -I INPUT -i ! lo -p tcp -m tcp --dport 25 -j LOG
>
I am going to wait on the change because I don't feel comfortable doing this
just yet. Note
that we have established that systems on my subnet can successfully telnet
into port 25 of
my system; whereas systems on other subnets cannot. Would the logging rule
above provide
additional information regarding the failed connection attempts to port 25?
>
> Verify connections (or lack thereof) in /var/log/messages
>
> 2. Is SELinux enabled? Find out with "getenforce" .. if it is on, turn it
> off temporarily with "setenforce 0" (as root)
>
SELinux is Disabled.
>
> 3. Is there anything relevant in /var/log/messages /var/log/maillog
> /var/log/audit/audit.log ??
>
None that I or my IT dept could find.
>
> 4. Make sure you're not out of inodes with "df -i"
>
Plenty of inodes.
>
> 5. Try connecting to the mail server manually from another machine on the
> same subnet.
>
I can do that successfully.
>
> 6. Verify other Internet communications work .. perhaps you've got a bad
> route of some kind.
>
I seem to be able to do other internet activity without any problems.
>
> 7. Run some tests with swaks <http://jetmore.org/john/code/swaks/>
>
I'm not familiar with swaks; but I'll look into it.
>
> 8. Use system-switch-mail to verify that your system is using sendmail.
>
My system is running sendmail. However, I'm not familiar with
system-switch-mail, nor could
I find that command on my system.
> 9. Add a second local IP address to your machine .. test that as well, see
> if there are any different results.
>
That's a good idea, but not easily executed because I would need IT to help
me out.
>
> Good luck.
>
Thanks! And thank you for replying.
Regards,
--
Mun
>
> Barry
>
> On Sat, 7 May 2011, Mun wrote:
>
> Hi Bohdan,
>>
>>
>> On Sat, May 7, 2011 at 10:21 PM, Bohdan Sydor <bohdan at harazd.net> wrote:
>>
>> On 05/08/2011 06:30 AM, Mun wrote:
>>>
>>> Does everything above look okay?
>>>>
>>>
>>> Yes, they all seem to be alright.
>>>
>>> Next, let's try to telnet to the smtp port:
>>>
>>> - from the localhost. Simply telnet localhost 25 and try to submit a
>>> sample msg.
>>>
>>>
>> You are now beyond my understanding of sendmail. After telnetting,
>> what is the command I should enter?
>>
>>
>> - from any other machine that is in the same subnet as the mail server
>>>
>>>
>>> From any other remote hosts we already know that it fails. But do you
>>>>
>>> refer to the MTA by address or by name? Check the DNS entries for the
>>> MTA:
>>>
>>> host -t mx yourDomainName
>>>
>>>
>> This returned a name (not an address). Let say "xyz1.domain"
>>
>>
>>
>> host -t a theResultNameFromPreviousCmd
>>> Is it the same IP as assigned to the server?
>>>
>>>
>> Yes, the IP does match that of "xyz1.domain"
>>
>> But this piqued my interest, and when I look in sendmail.cf I see the
>> following lines:
>> # "Smart" relay host (may be null)
>> DSabc1.domain
>>
>> Should this entry be "xyz1.domain" (to match the the 'host -t mx'
>> command's
>> output)?
>> Or is it okay that the line in sendmail.cf refers to a different server?
>>
>> Best regards,
>>
>> --
>> Mun
>>
>>
>>
>>
>>
>>> --
>>> regards
>>>
>>> Bohdan Sydor
>>> www.sydor.net
>>>
>>> --
>>> redhat-list mailing list
>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>> !DSPAM:4dc6368f135391813713156!
>>
>>
>>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list