Local Network E-Mail Problems

Steven Curren

Local Network E-Mail Problems

« on: May 21, 2002, 02:57:05 PM »

I am unable to send mail via outlook express IMAP client. Searching throught the bulletin boards suggests that the fault could lie in the SMTP deamon and the log extract below would seem to suggest that this is the case.

I have replaced the IMAP server with courier IMAP server using "How to install the Courier IMAP server on SME Server 5.0 / 5.1.2" thinking that the IMAP folder setup may have been responsible. I can now sync the IMAP folders successfully and read mail using the IMP web mail and outlook express.

The server IP address is 192.168.1.200 and workstation the workstation IP address is 192.168.1.10

Here is an extract from /var/spool/smtpd/etc/smtpd_check_rules
# Allow relaying from the local network
allow:127.0.0.1:ALL:ALL
allow:192.168.1.0/24:ALL:ALL

Reading Darrell May's "How to restrict access to the SMTP server" would suggest that SMTP should accept connections from workstations on the local network. I have even explicitly added the address 192.168.1.10 on a seperate line in smtpd_check_rules issued the commands /sbin/e-smith/signal-event email-update, /etc/rc.d/init.d/smtpfwdd restart and server reboot to no avail. In addition have attempted to send mail from a different workstation using eudora, still no joy.

Here is the error message from eudora on sending a message to another user on the local domain
"Can't send to #####. The server gives this reason: '550 mail from ##### to ##### prohibited from your location UNKNOWN@workstation.domain ip=192.168.1.20". A similar message is received from outlook express.

Here is an extract from /var/log/maillog
May 21 04:47:18 [server-name] smtpd[16714]: SMTP HELO from workstation.domain.net(192.168.1.10) as "[workstation]"
May 21 04:47:18 [server-name] smtpd[16714]: mail from
May 21 04:47:18 [server-name] smtpd[16714]: /etc/smtpd_check_rules: line 11, bad field count
May 21 04:47:18 [server-name] smtpd[16714]: Forbidden FROM or RCPT for host workstation.domain.net(192.168.1.10) - Abandoning session
May 21 04:54:30 [server-name] smtpd[1850]: SMTP HELO from workstation.domain.net(192.168.1.10) as "[workstation]"
May 21 04:54:30 [server-name] smtpd[1850]: mail from
May 21 04:54:30 [server-name] smtpd[1850]: /etc/smtpd_check_rules: line 11, bad field count
May 21 04:54:30 [server-name] smtpd[1850]: Forbidden FROM or RCPT for host workstation.domain.net(192.168.1.10) - Abandoning session

All this seems to point to a configuration error on the server.

Any ideas? Is this an error with the SMTP setup? Is there anything else I should look at?

Logged

Bill Talcott

Re: Local Network E-Mail Problems

« Reply #1 on: May 21, 2002, 06:10:00 PM »

May 21 04:54:30 [server-name] smtpd[1850]: /etc/smtpd_check_rules: line 11, bad field count
May 21 04:54:30 [server-name] smtpd[1850]: Forbidden FROM or RCPT for host workstation.domain.net

Is something missing from or added to line 11 of smtpd_check_rules? To my newbie eyes, it looks like it's having problems there, and that's causing access problems...

Logged

Nathan Fowler

Re: Local Network E-Mail Problems

« Reply #2 on: May 21, 2002, 06:14:16 PM »

Re-expand your template;
Also let me see an unedited copy of your /etc/smtpd_check_rules, I would like to look at your rule structure.

Nathan

Logged

Steven Curren

Re: Local Network E-Mail Problems

« Reply #3 on: May 24, 2002, 03:39:13 AM »

Thanks for your interest and response.

Here is the expanded unedited template:

#------------------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically by the
# e-smith server and gateway software. Instead, modify the source
# template in the /etc/e-smith/templates directory. For more
# information, see http://www.e-smith.org.
#
# copyright (C) 1999, 2000 e-smith, inc.
#------------------------------------------------------------

# Don't allow bang paths via us
noto:ALL:ALL:*!*@*:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.

# Don't allow two @s (equivalent to %hack) via us
noto:ALL:ALL:*@*@*:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.

# Don't allow %hack relay via us
noto:ALL:ALL:*%*@*:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.

# Allow relaying from the local network
allow:127.0.0.1:ALL:ALL
allow:192.168.1.0/24:ALL:ALL

# Prohibit access to these addresses from the outside world
noto:ALL:ALL:dialmon@*.alp.net dialmon@alp.net:551 Sorry %H (%I), you cannot send mail to %T from outside our local network.
noto:ALL:ALL:everyone@*.alp.net everyone@alp.net:551 Sorry %H (%I), you cannot send mail to %T from outside our local network.
noto:ALL:ALL:shared@*.alp.net shared@alp.net:551 Sorry %H (%I), you cannot send mail to %T from outside our local network.

# Allow any of our domains
allow:ALL:ALL:*.alp.net *@alp.net

# Just say no to anything else, we won't relay for people we don't know.
noto:ALL:ALL:ALL:551 Sorry %H(%I), I don't allow unauthorized relaying. Please use another SMTP host to mail from %F to %T

#------------------------------------------------------------
# TEMPLATE END
#------------------------------------------------------------

Logged