# Setting up sendmail and Google problems



## drhowarddrfine (Apr 4, 2014)

I'm in a bit of a panic cause I transferred a site I have to a VPS running FreeBSD and tried using sendmail for the first time. I thought I set everything up properly, and everyone's email is going to where it's supposed to go, but I started getting email from Google to two of the addresses that state, 





> "Our system has detected an unusual rate of ..."


 and the rest is cut off in /var/log/maillog but, iirc, it says "traffic" and it might be related to spam. I'm scared to death I'll get their IP or email account banned and I saw, yesterday, where it said one of the accounts was "rate limited" but I haven't seen that in the logs today.

What I do is just relay any mail that comes to "domain1.com" on their IP address to their personal email, such as "john@gmail.com" and, as I said, this all works. It's just straight, out-of-the-box sendmail with nothing else added like procmail or dovecot, etc.

There are two IP addresses on the VPS. When I did a 'make' in /etc/mail, the created .mc and .cf files show domain2.mc and domain2.cf but only the hostname of 'www' for http://www.mc and http://www.cf instead of domain1mc and domain1.cf. Perhaps cause I still have the hostname set in /etc/rc.conf?

In my /etc/hosts file, I added (for example):


> 107.161.XX.XXX  www http://www.domain1.com
> 107.161.XX.XXX  www http://www.domain2.com



This was working so well the first couple of days and I thought I was all set. I know I'm blurting things out right now and I'll clean this up and add more info but hoping someone can set me straight.

EDIT: I did add anti-spam for spamhaus into freebsd.mc and domain1.mc, domain2.mc, did a 'make all' and restarted sendmail but the warnings from Google keep coming.


----------



## SirDice (Apr 4, 2014)

Well, I'm thinking if "john" gets a lot of spam on john@domain1.com you're forwarding that too to his gmail account. Gmail might think you're the one that does the spamming. Did you take a look in /var/log/maillog to see what's going on?


----------



## drhowarddrfine (Apr 4, 2014)

That's where I'm seeing the Google response. What's driving me batty is it's saying it sends it to [email='john@domain1.com]'john@domain1.com[/email]' (actually, patrick and andy), but he's telling me he never gets that email.

```
Apr  4 11:02:20 www sm-mta[963]: starting daemon (8.14.7): SMTP+queueing@00:30:00
Apr  4 11:02:20 www sm-mta[963]: STARTTLS=server: file /etc/mail/certs/dh.param unsafe: No such
 file or directory
Apr  4 11:02:24 www sm-mta[965]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TL
Sv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Apr  4 11:02:28 www sm-mta[965]: STARTTLS=client, relay=alt1.gmail-smtp-in.l.google.com., versi
on=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Apr  4 11:02:32 www sm-mta[965]: STARTTLS=client, relay=alt2.gmail-smtp-in.l.google.com., versi
on=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Apr  4 11:02:42 www sm-mta[965]: STARTTLS=client, relay=alt3.gmail-smtp-in.l.google.com., versi
on=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Apr  4 11:02:51 www sm-mta[965]: STARTTLS=client, relay=alt4.gmail-smtp-in.l.google.com., versi
on=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Apr  4 11:02:56 www sm-mta[965]: s34FcNgE048336: to=<andy@domain1.com>, delay=00:24:33, 
xdelay=00:00:35, mailer=esmtp, pri=221391, relay=alt4.gmail-smtp-in.l.google.com. [173.194.70.2
6], dsn=4.0.0, stat=Deferred: 421-4.7.0 [107.161.XX.XXX      15] Our system has detected an unu
sual rate of
Apr  4 11:02:56 www sm-mta[965]: s33IxBI1045698: to=<patrick@domain1.com>, delay=21:03:4
5, xdelay=00:00:00, mailer=esmtp, pri=4271996, relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.
0, stat=Deferred
```
I'll be the first to admit I don't know what I'm doing but I thought I did.


----------



## drhowarddrfine (Apr 4, 2014)

Let's wait a an hour and see what happens. I made a change that might have fixed this. I'll report back then but any comments and ideas are welcome.


----------



## drhowarddrfine (Apr 4, 2014)

After two hours, I still haven't gotten any complaints from Google so I'm thinking it's fixed. The problem seems to be it didn't like the hostname I had set in rc.conf. There I only put 'www' but changing it to 'www.domain1.com' made the problem go away. 

However, the issue was mostly present in the morning and late afternoon to evening so I need more time to prove it's fixed but I feel a lot better now. In the meantime, I'm going to go over all my references to see if there's something I could be doing better.


----------

