From owner-freebsd-questions Sat Dec 29 14:33:25 2001 Delivered-To: freebsd-questions@freebsd.org Received: from drex.staff.izr.com (drex.staff.izr.com [195.26.33.16]) by hub.freebsd.org (Postfix) with ESMTP id 71C4B37B41C for ; Sat, 29 Dec 2001 14:33:21 -0800 (PST) Received: by drex.staff.izr.com (Postfix, from userid 1001) id 6F9CF33788; Sat, 29 Dec 2001 22:38:01 +0000 (GMT) Date: Sat, 29 Dec 2001 22:38:01 +0000 From: Mark Drayton To: "F . Xavier Noria" Cc: freebsd-questions@freebsd.org Subject: Re: Error from sendmail Message-ID: <20011229223801.A29393@drex.staff.izr.com> Mail-Followup-To: "F . Xavier Noria" , freebsd-questions@freebsd.org References: <20011229103330.28c661b2.fxn@isoco.com> <20011229121235.GD3776@raggedclown.net> <20011229213832.2d9240b8.fxn@retemail.es> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: <20011229213832.2d9240b8.fxn@retemail.es>; from fxn@retemail.es on Sat, Dec 29, 2001 at 09:38:32PM +0100 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG F . Xavier Noria (fxn@retemail.es) wrote: > On Sat, 29 Dec 2001 13:12:35 +0100 > Cliff Sarginson wrote: > > : On Sat, Dec 29, 2001 at 10:33:30AM +0100, F. Xavier Noria wrote: > : > I've found a console filled with messages like this one: > : > > : > Dec 29 10:21:08 conway sendamil[7618]: fTB9JlK07618: > : rule_set=check_mail,> arg_1 = , relay = localhost > : [127.0.0.1], reject=451 4.1.8> Domain of sender address biz@6x6.net > : does not resolve> > > : "biz@6x6" has just about as much mail bounced from my system as all > : the other shithead spammers put together (oh no, luckysurf.com gets > : that honour). In short (I use postfix not sendmail, so I am guessing > : here) it sounds like sendmail won't accept mail from fake domain > : addresses according to it's rule-sets as set up out of the box > : on FreeBSD. I would be happy if I were you. > > I think I cannot understand what is happenning because I really don't > understand the role of sendmail in my system. Let me ask these basic > questions: > > This is my computer at home, with just one real user and a dial-up > connection. I use the SMTP server of my ISP to send outgoing mail, and > download incoming mail from some POP3 servers with fetchmail. Whith > this settings, where does sendmail intervene? Is sendmail used here > just to deliver local mail (messages to root and so) and by the > command line client "mail"? If I was right, how could sendmail be > dealing with a message from [or to, I don't know] biz@6x6.net? From fetchmail(1): As each message is retrieved fetchmail normally delivers it via SMTP to port 25 on the machine it is running on (localhost), just as though it were being passed in over a normal TCP/IP link. The mail will then be delivered locally via your system's MDA (Mail Delivery Agent, usu­ ally sendmail(8) but your system may use a different one such as smail, mmdf, exim, or qmail). All the delivery- control mechanisms (such as .forward files) normally available through your system MDA and local delivery agents will therefore work. So fetchmail doesn't deliver mail to mailboxes directly, but gives it to sendmail instead. > I read in /etc/mail/access.sample that the default is to reject mail > unless the destination is local. Does that make sense with the error > reported in the first message? Sendmail keeps on reporting that error, > it has being doing that all the day, how could I fix it? No. /etc/mail/access can be used to control who can relay mail through your system. You could put a block of IP addresses in there to allow, say, your company to send mail out. This is only checked for mail going to non-local recipients, so in your case it wasn't needed as the mail was going to a local recipient (you). The mail was rejected because the sender domain (6x6.net) doesn't exist, which pretty much guarantees it to be spam. Your machine has probably done the right thing by rejecting it. I suspect you're seeing a lot of these errors as your sendmail is replying to fetchmail with a 451 error code. An SMTP error code of 4xx means "I can't accept right now, try again later". I'd guess each time fetchmail downloads the mail your sendmail rejects it with 451, causing fetchmail to leave it on the server. When fetchmail polls that server again and tries to inject the email into sendmail the whole process repeats. In fact, this is from the fetchmail source code: * 451: temporarily unable to identify sender (exim) * 452: temporary out-of-queue-space condition on the ESMTP server. * * These are temporary errors. Don't try to ship the message, * and suppress deletion so it can be retried on a future * retrieval cycle. You could fix it by: o configuring sendmail to reject with a 5xx error (meaning "I'm never going to accept this") but that's a bad idea as DNS isn't always reliable. If the FreeBSD DNS servers stopped working your machine would reject mail from freebsd.org. Not desirable. o removing this restriction from sendmail. However, you'd probably get a lot more spam this way. o accepting the mail and using procmail or similar to delete mail from non-existant domains. This may be best when you're using fetchmail. I hope I haven't confused you and don't hesitate to ask for more help. Cheers, -- Mark Drayton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message