Even LogLevel=98 doesn't log SMTP conversation when sendmail is not recipient SMTP server

[trus...@hollandco.com]

I've got an odd issue where an on-premise sendmail relaying to our Office 365 cloud serves is seeing rejections. The sendmail log at LogLevel 9 and higher records a

dsn=5.1.8, stat=User unknown

When I engaged MS Support, they respond that this is not an Exchange error and the problem is on the Sendmail side.

An obfuscated full log from Sendmail is

Dec 7 12:05:55 canit3 sendmail[25817]: uB7I5o3g025814: to=<us...@tenant.mail.onmicrosoft.com>, delay=00:00:05, xdelay=00:00:05, mailer=esmtp, pri=160891, relay=tenant-mail-onm...ction.outlook.com. [216.32.180.170], dsn=5.1.8, stat=User unknown

I've used openssl to do a STARTTLS SMTP test and I know that the complete MS response, after the RCPT TO: <us...@tenant.mail.onmicrosoft.com> command is:

550 5.1.8 Access denied, bad outbound sender

But, MS refuses to take that as definitive and want me to "engage sendmail support" to get the SMTP conversation during these failures.

I tried setting LogLevel=12, which is supposed to log all SMTP conversations. However, all of these are received from an internal mail server by Senmdail and then forwarded to Microsoft. When I try LogLevel 12 and even LogLevel 98, I get the SMTP conversation between Sendmail and my internal server (when sendmail acts at the receving SMTP server.) but I do not get the SMTP conversation when Sendmail acts as the sending SMTP server.


I've even played with custom logging using SRcpt_ok and variations, but all only seem to apply when Sendmail is the recipient server.

Is there any way to get Sendmail to log the SMTP conversation when it is the sending server?

Sendmail is stock from a CentOS 6 install, so it is not the latest--though, I will change that if it will make a difference. Version is sendmail.x86_64 8.14.4-9.el6_8.1.

[Claus Aßmann]

> to=<us...@tenant.mail.onmicrosoft.com>, delay=00:00:05, xdelay=00:00:05, mailer=esmtp,
> pri=160891, relay=tenant-mail-onm...ction.outlook.com. [216.32.180.170], dsn=5.1.8,
> stat=User unknown

> I've used openssl to do a STARTTLS SMTP test and I know that the complete MS response, after
> the RCPT TO: <us...@tenant.mail.onmicrosoft.com> command is:

^ no space -- see the fine RFC.

>
> 550 5.1.8 Access denied, bad outbound sender

> But, MS refuses to take that as definitive and want me to "engage sendmail support" to get
> the SMTP conversation during these failures.

And they can't check their own log?

> Is there any way to get Sendmail to log the SMTP conversation when it is the sending server?

You can run sendmail in verbose mode, e.g.,

date | sendmail -v -Am -fY...@ENVELOPE.SENDER.HERE us...@tenant.mail.onmicrosoft.com

Or download the most recent version and compile it with _FFR_LOGREPLY

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

[trus...@hollandco.com]

On Wednesday, December 7, 2016 at 4:50:03 PM UTC-6, Claus Aßmann wrote:

> > But, MS refuses to take that as definitive and want me to "engage sendmail support" to get
> > the SMTP conversation during these failures.
>
> And they can't check their own log?
>

Only the same thing I've been asking them for a month. I'm so many layers away from the person that actually has access to the logs that it is not going to happen. I have a sending and receiving IP address and an NTP sync'd log. You'd think it would be pretty easy.

> > Is there any way to get Sendmail to log the SMTP conversation when it is the sending server?
>
> You can run sendmail in verbose mode, e.g.,
>
> date | sendmail -v -Am -fY...@ENVELOPE.SENDER.HERE us...@tenant.mail.onmicrosoft.com
>

Perfect! That works. Now I'll go tilt at more windmills.

Thanks.