1 Reply Latest reply on Oct 30, 2012 9:31 AM by mtuma

    Firewall sendmail problem

      Hi,

          I am not sure if it is in MFE but it was configured to be a relay server for emails. Incoming/Outgoing mails were relayed to the firewall by my clients Antispam appliance. They are experiencing lots of bounce back emails after upgrading from version 7.0.1.02 to 8.2 and changing their external ip address when they switch to their new ISP. Below are the error messages.

       

       

      Outgoing email: The errors below happened when one of their user is sending email outside their network.

       

      1.)

       

      (host serverfrom.thisdomain.com.ph[1.2.3.4] said: 550 5.7.1 <someone@thisdomain.com.ph>.. Relaying denied. IP name lookup failed [local_ipaddress of their antispam appliance]

       

      2.)

       

      Your message did not reach some or all of the intended recipients.

          

      The following recipient(s) cannot be reached:

            someone@thisdomain.ph on 10/17/2012 3:12 PM

                  You do not have permission to send to this recipient.  For assistance, contact your system administrator.

                  < hostname.of.MFEappliance.com #5.7.1 SMTP; 554 5.7.1 <someone@thisdomain.ph>: Relay access denied>

       

      3.)

       

      did not reach the following recipient(s):

       

      recipient@domain.com on Sun, 7 Oct 2012 09:54:55 +0800

         A configuration error in the e-mail system caused the message to

      bounce between two servers or to be forwarded between two recipients.

      Contact your administrator.

         < hostname.of.MFEappliance.com #5.3.5 SMTP; 553 5.3.5 system config error>

      Reporting-MTA: dns; hostnameof.antispam.com Final-Recipient: RFC822; recipient@domain.com Action: failed Status: 5.3.5 X-Supplementary-Info: < hostname.of.MFEappliance.com #5.3.5 SMTP; 553 5.3.5 system config error> X-Display-Name: recipient@domain.com

       

       

       

      The firewall sendmail configuration is below.

       

       

      /etc/mail/mailertable.mta1

       

       

      myclientsdomain1.com     zonemailer-internal:localhost

      .myclientsdomain2.com   zonemailer-internal:localhost

       

       

       

      /etc/mail/mailertable.mta2

       

      myclientsdomain1.com     smtp:[ipaddressofmyclientsantispam]

      .myclientsdomain2.com    smtp:[ipaddressofmyclientsantispam]

       

       

       

      /etc/sendmail/access.mta.1

       

      To:myclientsdomain1.com  RELAY

      From:myclientsdomain1.com  REJECT

      To:myclientsdomain2.com  RELAY

      From:myclientsdomain2.com  REJECT

       

      /etc/sendmail/access.mta.2

       

      myclientsdomain1.com  RELAY

      myclientsdomain2.com RELAY

       

       

      I believe that mta.1 is the external burb while the mta.2 is internal burb right?


        • 1. Re: Firewall sendmail problem

          If you look in the maillogon the firewall, do you see any relevant entries?

           

          With all the devices involved here, it is difficult to determine which device is denying the mail, though the following message leads me to believe that the firewall might be failing a reverse DNS lookup for the ip address.

           

          Relaying denied. IP name lookup failed [local_ipaddress of their antispam appliance]

           

           

           

          -Matt