genericstable doesn't seem to be working when mailing

[PenguinWhispererThe]

I want to forward all mail for root (so basically the output of all cron jobs but other mails for root as well) to an external email address (hotmail).

Easiest method would be to use the aliases file. I updated the root alias: root: mym...@hotmail.com And ran newaliases.

When an email is sent I see that the hotmail MX server "accepts" my mail. Standard MS Security through obscurity makes me think it's silently discarding my email ( not in junk mail, ... ).

This server is used to send/receive mail for a domain (and more domains in the future).

I've checked the logs and it seems the mail is sent with from field of : ro...@mail.domain.com

I'm pretty sure this is at the root of my mail never received in my hotmail. The existing email addresses are using us...@domain.com as from.

Now I would like to rewrite this (mail) from address/ctladdr. I thought this would be an easy fix with genericstable.

Genericstable (had multiple tries):

root in...@domain.com
root@localhost in...@domain.com
ro...@mail.domain.com in...@domain.com

Regenerated the db with makemap. I tried with different settings.

I also removed the EXPOSED_USER root (from the generic m4 file). I can see it's not in the generated cf file.

I also added root to the trusted users.

In my m4 file:

FEATURE(genericstable)dnl
GENERICS_DOMAIN(domain.com)dnl
dnl GENERICS_DOMAIN(mail.domain.com)dnl
dnl GENERICS_DOMAIN_FILE(`/etc/mail/generics-domains')dnl
FEATURE(masquerade_envelope)dnl
dnl define(`LOCAL_RELAY', `localhost')dnl

I have a submit mc file as well. Not sure if this matters but I don't think so. (I don't have sendmail in MSP mode running as far as I know).

I've tried with GENERICS_DOMAIN as the domain that I want it to be or the domain that I want to be rewritten.

make all install and restarted sendmail.

Still it just seems to go out as ro...@mail.domain.com

I tried with sendmail in address test mode (bt; tryflags hs and try esmtp root). This correctly modifies to the wanted source address: in...@domain.com.

Anyone has some other ideas why this is not working? Or more debugging ways? Do I need local_relay to make this work? What's expected to be in the hosts file? Fqdn(mail.domain.com) and hostname(so mail) for 127.0.0.1 ?

Thanks a lot in advance!

[Thomas Laus]

PenguinWhispererThe <th3pengui...@gmail.com> writes:

> I want to forward all mail for root (so basically the output of all
> cron jobs but other mails for root as well) to an external email
> address (hotmail).
>
> Easiest method would be to use the aliases file. I updated the root
> alias: root: mym...@hotmail.com And ran newaliases.
>
> When an email is sent I see that the hotmail MX server "accepts" my
> mail. Standard MS Security through obscurity makes me think it's
> silently discarding my email ( not in junk mail, ... ).
>
> This server is used to send/receive mail for a domain (and more
> domains in the future).
>

Do you "own" that domain IP address? Hotmail and many other high volume
email services test the reverse DNS of the connecting server. If it is
only a few logs that you need to send to Hotmail, use your ISP's outgoing
server. You can configure that by including a SMARTHOST entry in your
.mc file. Your ISP can configure the reverse DNS in their system if you
plan on sending more than just the logs.

Another note:

The dnl entry before a feature tells the m4 macro to 'ignore' that
line. It informs the macro processor to 'delete through the newline
character' at the end of that line.

Tom

--
Public Keys:
PGP KeyID = 0x5F22FDC1
GnuPG KeyID = 0x620836CF

[PenguinWhispererThe]

Op zaterdag 17 september 2016 15:23:22 UTC+2 schreef Thomas Laus:

I appreciate you to take your time to respond to this.

The domain and the host using this IP address is under my administration.
I have mx, ptr, a and spf records that are pointing to the right address.

For other users that use us...@domain.com it's working (so emails are delivered to hotmail inboxes).

I do get a 550 rejected for auth but in the end the mail does get sent (so I see in the logging that my mailserver is talking to the hotmail smtp. I've looked up this error and as far as I could see this does no harm and is kind of a "false positive".

This is a hosted server. So no real ISP mail relay here.

I'm aware of the usage of dnl :) I put those in as I've been testing with those settings as well (to give a more full picture of what I've tested/experimented with).

Kind regards

[Claus Aßmann]

PenguinWhispererThe wrote:

> I've checked the logs and it seems the mail is sent with from field of : ro...@mail.domain.com

That address resolves fine:
mail.domain.com. 3600 IN A 72.5.54.21
but it doesn't have an MX record -- which is still ok.

> Genericstable (had multiple tries):

> root in...@domain.com
> root@localhost in...@domain.com
> ro...@mail.domain.com in...@domain.com

> I have a submit mc file as well. Not sure if this matters but I don't think so. (I don't

How do you "submit" mail?

> Still it just seems to go out as ro...@mail.domain.com

"seems"? Why don't you check the log or run sendmail in
verbose mode.

> I tried with sendmail in address test mode (bt; tryflags hs and try esmtp root). This
> correctly modifies to the wanted source address: in...@domain.com.

Did you check what the MTA actually receives as input?
Most likely it is not just "root", but root@`hostname`



--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

[PenguinWhispererThe]

Op zondag 18 september 2016 02:10:03 UTC+2 schreef Claus Aßmann:

> PenguinWhispererThe wrote:
>
> > I've checked the logs and it seems the mail is sent with from field of : ro...@mail.domain.com
>
> That address resolves fine:
> mail.domain.com. 3600 IN A 72.5.54.21
> but it doesn't have an MX record -- which is still ok.

Uh totally my bad. I replaced the original domain with domain.com. I thought that was clear.
As said: I've verified the MX, A, SPF, ... Also used mxtoolbox site to check the sanity of my mailserver configuration and that gave a 100% score. All mail communication goes fine receiving mail for the domain and getting it in the right mailbox. I think most users use their ISP SMTP server to send mails (but delivery is still working so sendmail seems to be doing just fine).

>
> > Genericstable (had multiple tries):
>
> > root in...@domain.com
> > root@localhost in...@domain.com
> > ro...@mail.domain.com in...@domain.com
>
> > I have a submit mc file as well. Not sure if this matters but I don't think so. (I don't
>
> How do you "submit" mail?

I'm currently testing with sendmail -froot tar...@domain.com

>
> > Still it just seems to go out as ro...@mail.domain.com
>
> "seems"? Why don't you check the log or run sendmail in
> verbose mode.

Again, my bad for my choice of words. I see from the logs (as mentioned above that from is ro...@mail.domain.com.

>
> > I tried with sendmail in address test mode (bt; tryflags hs and try esmtp root). This
> > correctly modifies to the wanted source address: in...@domain.com.
>
> Did you check what the MTA actually receives as input?
> Most likely it is not just "root", but root@`hostname`

As an example:
Sep x 08:29:48 mail sm-mta-in[95059]: u866TmXo095059: <-- MAIL From:<ro...@mail.domain.com> SIZE=268 AUTH=ro...@mail.domain.com
This email address is in the genericstable as well (as mentioned in my original message)

>
>
>
> --
> Note: please read the netiquette before posting. I will almost never
> reply to top-postings which include a full copy of the previous
> article(s) at the end because it's annoying, shows that the poster
> is too lazy to trim his article, and it's wasting the time of all readers.

Thanks for your time and your response.

[Claus Aßmann]

PenguinWhispererThe wrote:
> Op zondag 18 september 2016 02:10:03 UTC+2 schreef Claus Aßmann:
> > PenguinWhispererThe wrote:

> > > I've checked the logs and it seems the mail is sent with from field of : ro...@mail.domain.com

> Uh totally my bad. I replaced the original domain with domain.com. I thought that was clear

That's what example.com (et.al) is for.

> Again, my bad for my choice of words. I see from the logs (as mentioned above that from is
> ro...@mail.domain.com.

Since you still use a domain you don't own, nobody can verify your
claim. For exaple, the address might resolve for you, but not for
others due to DNS problems.

> > > I tried with sendmail in address test mode (bt; tryflags hs and try esmtp root). This

> > Did you check what the MTA actually receives as input?

> Sep x 08:29:48 mail sm-mta-in[95059]: u866TmXo095059: <-- MAIL From:<ro...@mail.domain.com>

> This email address is in the genericstable as well (as mentioned in my original message)

But you didn't test that address in -bt mode.
Moreover, you used "hs" and not "es".

> > --
[[...]]

Please do not quote signatures...

[PenguinWhispererThe]

Op maandag 19 september 2016 18:50:03 UTC+2 schreef Claus Aßmann:

> PenguinWhispererThe wrote:
> > Op zondag 18 september 2016 02:10:03 UTC+2 schreef Claus Aßmann:
> > > PenguinWhispererThe wrote:
>
> > > > I've checked the logs and it seems the mail is sent with from field of : ro...@mail.domain.com
>
> > Uh totally my bad. I replaced the original domain with domain.com. I thought that was clear
>
> That's what example.com (et.al) is for.

True. Should have used that one.

>
> > Again, my bad for my choice of words. I see from the logs (as mentioned above that from is
> > ro...@mail.domain.com.
>
> Since you still use a domain you don't own, nobody can verify your
> claim. For exaple, the address might resolve for you, but not for
> others due to DNS problems.

No need to verify this claim. I used different DNS servers to verify (which are not owned by me and from different ISP and they resolve correctly: A, MX, SPF and PTR). I actually don't know what this has to do with my mail being translated.
Also the mail I try to snd

>
> > > > I tried with sendmail in address test mode (bt; tryflags hs and try esmtp root). This
>
> > > Did you check what the MTA actually receives as input?
>
> > Sep x 08:29:48 mail sm-mta-in[95059]: u866TmXo095059: <-- MAIL From:<ro...@mail.domain.com>
>
> > This email address is in the genericstable as well (as mentioned in my original message)
>
> But you didn't test that address in -bt mode.
> Moreover, you used "hs" and not "es".

Good point.
I did bt with tryflags es.
With root, root@localhost, ro...@mail.example.com and still rewrote the address just fine.

I tried with mail command as well (instead of the before mentioned sendmail -f). Note that I used example.com to prevent any confusion:
mail -s test root

From in...@example.com Mon Sep 19 19:04:36 2016
Return-Path: <in...@example.com>
Received: from mail.example.com (localhost [127.0.0.1])
by mail.example.com (8.15.2/8.15.2) with ESMTPS id u8JH4Td3074113
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <ro...@mail.example.com>; Mon, 19 Sep 2016 19:04:29 +0200 (CEST)
(envelope-from ro...@mail.example.com)
Received: (from root@localhost)
by mail.example.com (8.15.2/8.15.2/Submit) id u8JH4Tnw074112
for root; Mon, 19 Sep 2016 19:04:29 +0200 (CEST)
(envelope-from root)
Date: Mon, 19 Sep 2016 19:04:29 +0200 (CEST)
From: Charlie Root <in...@example.com>
Message-Id: <201609191704....@mail.example.com>
To: ro...@mail.example.com
Subject: test
X-examplecom-MailScanner-Information: Please contact the ISP for more information
X-examplecom-MailScanner-ID: u8JH4Td3074113
X-examplecom-MailScanner: Found to be clean
X-examplecom-MailScanner-From: ro...@mail.example.com
X-Spam-Status: No

Mail Content


Does this give some more insight in what might be wrong?

Thanks

[Claus Aßmann]

PenguinWhispererThe wrote:

> No need to verify this claim. I used different DNS servers to verify (which are not owned by
> me and from different ISP and they resolve correctly: A, MX, SPF and PTR). I actually don't
> know what this has to do with my mail being translated.

Then you might want to read about the DNS lookups that
sendmail performs...

> Also the mail I try to snd

... ???

> With root, root@localhost, ro...@mail.example.com and still rewrote the address just fine.

Since you are not providing any real data, I'll stop now making
any more guesses... maybe someone else has a better "crystal ball".

[PenguinWhispererThe]

> PenguinWhispererThe wrote:
>
> > Also the mail I try to snd
>
> ... ???

No idea what went wrong there. Was abroad and having a bad internet connection.

>
> Since you are not providing any real data, I'll stop now making
> any more guesses... maybe someone else has a better "crystal ball".
>

I sent the relevant config, the genericstable, the mail command output...
Except I translated my domain to example.com (previously domain.com). I didn't took out hostname parts, ...

The MX record points to the mailserver, the PTR record to the same IP, the SPF record points to the same IP, ... Yes sendmail does lookups but these are working. If this wouldn't be the case sending to hotmail wouldn't be working at all (see below).

I've discovered something today after doing some more testing:

- when I send a new mail originating from in...@example.com to a hotmail address: Hotmail mail server accepts: "Queued mail for delivery", relay=mx1.hotmail.com. However it's nowhere in my mailbox (no, not in spam, ...)
- When I send a new mail from us...@example.com to hotmail: delivery is working fine.

- when I send a new email originating from hotmail to in...@example.com I receive it and when I reply from that in...@example.com address to hotmail I do receive the response in my hotmail.

Note that the test mails I've sent are the exact same way with only difference from the source email address.

As you state before, you need real data: can you tell me what you need from me?

These are the headers (us...@example.com does get received, in...@example.com doesn't get received). I've sent to another domain(replaced its name with example2.com) on the same host (to be able to get the headers from each).

Received: from mail.example.com (localhost [127.0.0.1])

by mail.example.com (8.15.2/8.15.2) with ESMTPS id u8N0hrS1021980
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <in...@example2.com>; Fri, 23 Sep 2016 02:43:53 +0200 (CEST)
(envelope-from us...@example.com)
Received: (from root@localhost)
by mail.example.com (8.15.2/8.15.2/Submit) id u8N0hPQL021971
for in...@example2.com; Fri, 23 Sep 2016 02:43:25 +0200 (CEST)
(envelope-from us...@example.com)
Date: Fri, 23 Sep 2016 02:43:25 +0200 (CEST)
From: us...@example.com
Message-Id: <201609230043....@mail.example.com>
subject: from user1
To: undisclosed-recipients:;

X-examplecom-MailScanner-Information: Please contact the ISP for more information

X-examplecom-MailScanner-ID: u8N0hrS1021980

X-examplecom-MailScanner: Found to be clean

X-examplecom-MailScanner-From: us...@example.com
X-Spam-Status: No

Received: from mail.example.com (localhost [127.0.0.1])

by mail.example.com (8.15.2/8.15.2) with ESMTPS id u8N0i8V9022008
(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
for <in...@example2.com>; Fri, 23 Sep 2016 02:44:08 +0200 (CEST)
(envelope-from in...@example.com)
Received: (from root@localhost)
by mail.example.com (8.15.2/8.15.2/Submit) id u8N0hxY8021981
for in...@example2.com; Fri, 23 Sep 2016 02:43:59 +0200 (CEST)
(envelope-from in...@example.com)
Date: Fri, 23 Sep 2016 02:43:59 +0200 (CEST)
From: in...@example.com
Message-Id: <201609230043....@mail.example.com>
subject: from info
To: undisclosed-recipients:;

X-examplecom-MailScanner-Information: Please contact the ISP for more information

X-examplecom-MailScanner-ID: u8N0i8V9022008

X-examplecom-MailScanner: Found to be clean

X-examplecom-MailScanner-From: in...@example.com
X-Spam-Status: No


So weirdly enough it seems to be working for user1 but not for info and others (only very few source email addresses here to verify with).

Thanks for your patience and assistance.

[Claus Aßmann]

PenguinWhispererThe wrote:

> Except I translated my domain to example.com (previously domain.com). I didn't took out

> As you state before, you need real data: can you tell me what you need from me?

The real domain/host names, not anything "translated",
and the real and complete results of the -bt tests
would be a good start.

[PenguinWhispererThe]

The test I did yesterday was with genericstable disabled.

I now also sent messages(from info@ and user1@ to an outside non-hotmail domain (just to make sure the headers are not manipulated in a way I can't see).

There's nothing different from the headers I sent earlier (apart from having a different target domain, timestamps, ...)

In the hotmail account settings it's not on the blocklist.
Also not on the safelist.

When I add the email address to the safelist the mail is actually delivered to hotmail (as in: I can see it listed and read it, like with any other mail). When I delete it again the mail doesn't arrive anymore (not in inbox, not in spam, ...).

I've verified with other destination hotmail email addresses(both owned and unowned by me) as well and this confirms the same behavior.

[PenguinWhispererThe]

Op vrijdag 23 september 2016 13:20:03 UTC+2 schreef Claus Aßmann:

> PenguinWhispererThe wrote:
>
> > Except I translated my domain to example.com (previously domain.com). I didn't took out
>
>
> > As you state before, you need real data: can you tell me what you need from me?
>
> The real domain/host names, not anything "translated",
> and the real and complete results of the -bt tests
> would be a good start.

What's with the obsession of the domains? :) I've disabled any genericstable config. I understand your query for this data to for example verified no typos had been done, ... That's why I used to config check tools too, to just make sure I didn't made an easily overlooked error.

I've verified DNS configuration with multiple tools (as already mentioned mxtoolbox, ... Not just a simple dig/nslookup), checked sender score, blacklists, ...

It seems like hotmail is just behaving odd. (see my other mail).
The question is now more of what might be "missing" for hotmail to believe it's a normal email address (to let it actually allow mails from user1 but not from info).

These are the headers as received by MXTOOLBOX (no difference between the 2: info@ and user1@):

Subject: testmail of user1 address
Received: from mail.example.com ([a.b.c.d]) by mx1.tools.mxtoolbox.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 23 Sep 2016 05:40:45 -0500
Received: from mail.example.com (localhost [127.0.0.1]) by mail.example.com (8.15.2/8.15.2) with ESMTP id u8NAebQh025650 for <pi...@tools.mxtoolbox.com>; Fri, 23 Sep 2016 12:40:37 +0200 (CEST) (envelope-from us...@example.com)
Received: from w.x.y.z by mail.example.com with HTTP; Fri, 23 Sep 2016 10:40:37 -0000
Message-ID: <59b451bcc577154a4e94...@mail.example.com>
Date: Fri, 23 Sep 2016 10:40:37 -0000
From: "user1" <us...@example.com>
To: pi...@tools.mxtoolbox.com
User-Agent: SquirrelMail/1.4.23 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal

X-examplecom-MailScanner-Information: Please contact the ISP for more information

X-examplecom-MailScanner-ID: u8NAebQh025650

X-examplecom-MailScanner: Found to be clean
X-examplecom-MailScanner-From: us...@example.com
X-Spam-Status: No

Subject: testmail of info address
Received: from mail.example.com ([a.b.c.d]) by mx1.tools.mxtoolbox.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 23 Sep 2016 05:39:02 -0500
Received: from mail.example.com (localhost [127.0.0.1]) by mail.example.com (8.15.2/8.15.2) with ESMTP id u8NAcxvf025615 for <pi...@tools.mxtoolbox.com>; Fri, 23 Sep 2016 12:38:59 +0200 (CEST) (envelope-from in...@example.com)
Received: from w.x.y.z by mail.example.com with HTTP; Fri, 23 Sep 2016 10:38:59 -0000
Message-ID: <8bf0494db1b22088ce95...@mail.example.com>
Date: Fri, 23 Sep 2016 10:38:59 -0000
From: "Info" <in...@example.com>
To: pi...@tools.mxtoolbox.com
User-Agent: SquirrelMail/1.4.23 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal

X-examplecom-MailScanner-Information: Please contact the ISP for more information

X-examplecom-MailScanner-ID: u8NAcxvf025615

X-examplecom-MailScanner: Found to be clean
X-examplecom-MailScanner-From: in...@example.com
X-Spam-Status: No

Seems like I'll need to contact hotmail "support".
Subscribed to their SNDS to see if I can get some more details there however it's a low volume of mails and the banner says it might not even be listed in that case.

I'll see what there response is.
Thanks for the support.

[Claus Aßmann]

PenguinWhispererThe wrote:

> What's with the obsession of the domains? :) I've disabled any genericstable config. I

Obviously you don't understand what sendmail does wrt DNS lookups,
otherwise you wouldn't ask.

Good luck with figuring out what's going on.

[ska]

On Friday, September 23, 2016 at 1:52:36 PM UTC+2, PenguinWhispererThe wrote:

Hi PenguinWhisperer,

> What's with the obsession of the domains? :) I've disabled any genericstable config. I understand your query for this data to for example verified no typos had been done, ... That's why I used to config check tools too, to just make sure I didn't made an easily overlooked error.
>
> I've verified DNS configuration with multiple tools (as already mentioned mxtoolbox, ... Not just a simple dig/nslookup), checked sender score, blacklists, ...

one of the points is: *you* have verified that all is *OK*, but do *you* know really, what is *OK* in _this_ _particular_ _situation_. That applies to traces with -bt, too. There are nice -d options to display lots of stuff, when sendmail does what (which rule changes what) and hints about where to look elsewhere.


What makes me wonder, too, is are you sure what's transmitted on the wire? sendmail has the -X option that traces everything.

[PenguinWhispererThe]

Op woensdag 28 september 2016 08:51:23 UTC+2 schreef ska:

I understand that I might not know everything about Sendmail. Saying that my checks might not be complete is nice but then I'd expect somebody to at least have the ability to point me to a resource where the different DNS checks are listed so I can actually verify.

The only thing I heard about my DNS config is that it's correctly set up (not here: here I only got the message that I don't know everything about Sendmail which is why I got here in the first place).

Heck, I don't even have the impression it was read that I disabled the genericstable and that my mails were still not delivered in the Hotmail mailbox while the hotmail MX received them and gave me an accepted message for delivery in the logs. As far as I knew DNS didn't resolve any usernames on a domain so it can't explain while for user1 it works and not for user2.

To set this aside: I found what is causing this and I hope it helps someone else from resolving similar issues.
- DON'T use text mails (like cron sends), use HTML mails (gets delivered properly, "surprisingly" without any DNS changes).
- Send a mail(or ask your customer) from the Hotmail account to the address in your domain that's not working. I've discovered multiple people have found this behavior to be true for hotmail, gmail, ... You basically opt-in by sending this initial mail.
- Ask the customer to add your mail address to the safe list

Hope this helps someone else.