# Sendmail:  stat=Deferred: Operation timed out with [127.0.0.1]



## ghostcorps (Feb 8, 2012)

Hi Guys,

 I have recently discovered that sendmail is not able to send mail out of my server.

 Looking at /var/log/maillog I can see that it is trying, but it is timing out:


```
Live Server	 from=www	 size=219	 class=0	 nrcpts=1	 msgid=<201202081242.q18Cgw15058253@domain.com.au>			 relay=www@localhost	
Live Server	 to=address@mail.com	 ctladdr=www (80/80)	 delay=00:01:16	 xdelay=00:01:16	 mailer=relay	 pri=30219	 relay=[127.0.0.1] [127.0.0.1]	 dsn=4.0.0	 stat=Deferred: Operation timed out with [127.0.0.1]
```

I have a server at home which works fine, comparing the /usr/local/etc/php.ini and /etc/mail/sendmail.cf shows nothing different between them in the mail settings.


```
Home Server	 from=<www@domain.net>	 size=478	 class=0	 nrcpts=1	 msgid=<201202081256.q18CuUZn027418@domain.net>	 proto=ESMTP	 daemon=Daemon0	 relay=localhost [127.0.0.1]	
Home Server	 to=address@mail.com	 ctladdr=www (80/80)	 delay=00:00:00	 xdelay=00:00:00	 mailer=relay	 pri=30217	 relay=[127.0.0.1] [127.0.0.1]	 dsn=2.0.0	 stat=Sent (q18CuU1R027419 Message accepted for delivery)
```



I am using FreeBSD 8.1, the webserver is a jailed server, and I am using IPFW. I think I have confirmed that it is not IPFW by stopping it and running the test.

The test consists of creating a page as below and browsing to it, it should automatically send an email to the specified address:


```
<?php

    $send_html_messages = "no";
    $adminmail="sender@mail.com"; //change to your adminmail
   $useremail="address@mail.com"; //change to your own personal mail
    $subject = "subject test";
    $content = "test content";
        $xheaders = "From: " . $adminmail . " <" . $adminmail . ">\n";
        $xheaders .= "X-Sender: <" . $adminmail . ">\n";
        $xheaders .= "X-Mailer: PHP\n"; // mailer
        $xheaders .= "X-Priority: 6\n"; // Urgent message!
        if ($send_html_messages == "yes") {
                $xheaders .= "Content-Type: text/html; charset=iso-8859-1\n"; // Mime type
        }
        mail("$useremail","$subject","$content",$xheaders);
?>
```


 Could anyone please suggest some other options to trouble shoot this?

Thanks


----------



## SirDice (Feb 8, 2012)

A jail doesn't have a lo0 interface with 127.0.0.1 attached to it.


----------



## ghostcorps (Feb 8, 2012)

Thanks SirDice! I did not know that but why then do I get a response from 127.0.0.1 when I ping localhost?

 That doesn't mean I can't do it though does it? The simplest thing I can think of is to change the sendmail config to use the local ip as the relay instead of localhost, or am I way off track? I have never had to setup sendmail before.

 Or do I need to route the mail through the host somehow?


----------



## ghostcorps (Feb 9, 2012)

I have found this guide HERE, but it is 9 years old. How accurate is it?




> You need to run a sendmail MSP process in the jail, and modify the
> configuration so that it submits the message to your main server
> (presumably in your host environment, although it could live in
> another jail) via it's external IP address.
> ...



[Edit:] I notice some of the paths have changed, and I expect I will find some other cosmetic things. But in principle it should work yeh?


----------



## ghostcorps (Feb 9, 2012)

I have completed the steps and confirmed sendmail is running on the host and mqueue is on the webserver:

Host

```
[/etc/mail]# /etc/rc.d/sendmail status
sendmail is running as pid 68419.
sendmail_submit is running as pid 68419.
sendmail_clientmqueue is running as pid 68422.
```

Webserver

```
[/etc/mail]# /etc/rc.d/sendmail onestatus
sendmail is not running.
sendmail_clientmqueue is running as pid 68446.
```

Does this look like what should be expected? 

I have used the hosts ip address in submit.mc, but it is still timing out.

This is my firewall entry:

```
$IPF 200 allow all from x.x.x.3 to x.x.x.2 587
```


----------



## ghostcorps (Feb 9, 2012)

I have noticed that the relay in the jailed servers' 'from' log is: 'relay=www@localhost' but the: 'to' log reports: Operation timed out with x.x.x.2.

Should I be changing the relay address anywhere other than in submit.mc?


----------



## ghostcorps (Feb 9, 2012)

I have decided to try useing the ISP's relay instead 'mail.domain.com', just to test which side the error may lay on.

This gets me a little bit further, but now I get this error:


```
to=postmaster, delay=00:00:05, xdelay=00:00:05, mailer=relay, pri=32551, relay=mail.domain.com. [x.x.x.1], dsn=5.0.0, stat=Service unavailable
```

I assume this is because I need to configure the permissions, am I correct?


----------



## SirDice (Feb 9, 2012)

Lots of updates and changes in the meantime 

The last message tries to email the postmaster on that mail relay. It's possible this is blocked by a spam filter at the ISP. 

What you could do is configure sendmail correctly on the host and have the jails submit their mail there.


----------



## ghostcorps (Feb 9, 2012)

Thanks for getting back to me. I have been working on this pretty solidly and find most of my previous comments become redundant pretty quickly, but the way I see it is that if someone else has the problem they can at least get some ideas from my fumbling. I am learning though 

Ideally I would like to get sendmail relaying through the host, but using the ISPs relay is just to get the mail moving so I can take my time sorting it out. I have spoken with the ISP and they said that simply adding the relay address to the sendmail conf should work.


I can confirm that the host can send mail:


```
#echo "Test" | mail me@gmail.com
```

Results in a succesfull delivery.

*HOST*/var/log/maillog

```
Feb  9 06:03:28 HOST sendmail[30426]: q19B3NuN030426: to=xxxxx@gmail.com, ctladdr=admin (1002/1002), delay=00:00:05, xdelay=00:00:05,]
 mailer=relay, pri=30031, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (q19B3S8l030427 Message accepted for delivery)
Feb  9 06:03:29 advoy sm-mta[30429]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-SHA,
 bits=128/128
Feb  9 06:03:29 advoy sm-mta[30429]: q19B3S8l030427: to=<xxxxxxxx@gmail.com>, ctladdr=<admin@HOST.domain.com> (1002/1002), delay=00:00:01,
 xdelay=00:00:01, mailer=esmtp, pri=30356, relay=gmail-smtp-in.l.google.com. [74.125.91.26], dsn=2.0.0, stat=Sent (OK 1328786226
 k8si931734qcy.9)
```

This is what happens with the same test on the jail using the ISPs relay:


```
[/etc/mail]# echo "Test" | mail me@gmail.com
[/etc/mail]# /usr/local/www/apache22/data/dead.letter... Saved message in /usr/local/www/apache22/data/dead.letter
```

*JAIL*/var/log/maillog

```
Feb  9 11:08:30 JAIL sm-msp-queue[30110]: q1932t6V068411: to=postmaster, delay=08:03:14, xdelay=00:00:33, mailer=relay, pri=2315662,
 relay=mail.JAIL.com. [x.x.x.x], dsn=5.0.0, stat=Service unavailable
Feb  9 11:08:30 JAIL sm-msp-queue[30110]: q1932t6V068411: q19AbkpV030110: return to sender: Service unavailable
Feb  9 11:08:31 JAIL sm-msp-queue[30442]: q1932t7H068411: to=postmaster, delay=08:02:54, xdelay=00:00:04, mailer=relay, pri=2326660,
 relay=mail.JAIL.com. [x.x.x.x], dsn=5.0.0, stat=Service unavailable
Feb  9 11:08:31 JAIL sm-msp-queue[30442]: q1932t7H068411: q19B88oa030442: return to sender: Service unavailable
Feb  9 11:08:34 JAIL sm-msp-queue[30442]: q1932t7H068411: Losing ./qfq1932t7H068411: savemail panic
Feb  9 11:08:34 JAIL sm-msp-queue[30442]: q1932t7H068411: SYSERR(smmsp): savemail: cannot save rejected email anywhere
```

My rc.conf is as follows:

JAIL: /etc/rc.conf

```
sendmail_enable="NO"
sendmail_msp_queue_enable="YES"
sendmail_outbound_enable="NO"
sendmail_submit_enable="NO"
```

The host is just using the default values so I have no entries.


----------



## ghostcorps (Feb 11, 2012)

Looking at another test via the php mail form it seems to be sort of working, it appears that the rejection notice was delivered to the postmaster, but it can not identify the user 'www':

*JAIL* /var/log/maillog

```
56]: q1C0Buub085456: from=www, size=219, class=0, nrcpts=1, msgid=<201202120011.q1C0Buub085456@DOMAIN.com>, relay=www@localhost
56]: q1C0Buub085456: to=ME@gmail.com, ctladdr=www (80/80), delay=00:00:02, xdelay=00:00:02, mailer=relay, pri=30219, relay=mail.DOMAIN.com. [216.130.191.1], dsn=5.1.3, stat=User unknown
56]: q1C0Buub085456: q1C0Buuc085456: DSN: User unknown
56]: q1C0Buuc085456: to=www, delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31243, relay=mail.DOMAIN.com. [x.x.x.x], dsn=5.0.0, stat=Service unavailable
56]: q1C0Buuc085456: q1C0Buud085456: return to sender: Service unavailable
56]: q1C0Buud085456: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=32267, relay=mail.DOMAIN.com. [x.x.x.x], dsn=2.0.0, stat=Sent (ok 1329006343 qp 67991)
```

Do I need to map this user to the www on the host via /etc/mail/virtualusertable?


----------



## ghostcorps (Feb 12, 2012)

I've found a couple more things:

1) The relay my ISP gave me is not open, despite their insistence that it was. I believe this explains the 'user unknown' error.
2) The host will respond to telnet on port 25 locally ie. *host*#telnet localhost 25, but not from any other location. I tried this with the FW down also.


----------



## ghostcorps (Feb 12, 2012)

I assume I should have the access file configured as follows?

*HOST*
/etc/mail/access

```
JAIL.IP                   RELAY
```


----------



## ghostcorps (Feb 12, 2012)

I have gone back to testing with the external relay just so I know that the client is working at least.

This is the result of the test:



```
[CMD="[root@webserver /etc/mail]# echo "Test" | sendmail -v me@gmail.com"][/CMD]
me@gmail.com... Connecting to mail.DOMAIN.com. via relay...
220 mail2.HOSTING.net ESMTP
>>> EHLO DOMAIN.com
250-mail2.HOSTING.net
250-PIPELINING
250-8BITMIME
250-SIZE 0
250 AUTH LOGIN PLAIN CRAM-MD5
>>> MAIL From:<webserver@DOMAIN.com> SIZE=5
250 ok
>>> RCPT To:<me@gmail.com>
>>> DATA
553 sorry, that domain isn't in my list of allowed rcpthosts (#5.5.3 - chkuser)
503 RCPT first (#5.5.1)
>>> RSET
250 flushed
```


 My interpretation is that it works as a client, but the relay is not open.

Add this to the fact that I know the host can send mail.


So the issue lays somewhere in the middle. Why would traffic from the jail not reach the host? The access file looks correct, I have built it in and restarted. I don't imagine I should need /etc/mail/virtusertable or /etc/mail/local-host-names should I?


----------



## lbol (Feb 12, 2012)

To relay from your jail through your host you need to add 


```
jail_IP  RELAY
```

to /etc/mail/access on your host

To activate the access db entry

`# cd /etc/mail`
`# makemap hash access < access`

You may than need to restart sendmail on host


----------



## ghostcorps (Feb 13, 2012)

lbol said:
			
		

> To relay from your jail through your host you need to add
> 
> 
> ```
> ...



Thanks Ibol 

I have tried this but to make the changes I used:


```
#make
#make install
#make restart
```

 I have tried your method to be sure  but to no avail...


----------



## ghostcorps (Feb 13, 2012)

I've had an idea... how do I set the address that the relay server listens on? I have a feeling it is only listening to 127.0.0.1.

[edit]: I just added the clients ip to /etc/mail/local-host-names and restarted sendmail, this did not help either.


----------



## ghostcorps (Feb 13, 2012)

I have observed that the host responds to *telnet localhost 25* and that the client is not listening at all. 

*netstat -a* gives me this:


```
Proto Recv-Q Send-Q  Local Address          Foreign Address       (state)
tcp4       0      0  localhost.DOMAIN.smtp  *.*                    LISTEN
```

And the relay does not respond to an external request on port 25.


----------



## ghostcorps (Feb 13, 2012)

In the end I just cleaned up my hosts file and rebuilt sendmail  :r

Don't know what this means, but I am getting these in my logs. 

```
r
Feb 13 04:16:41 webserver sendmail[22892]: My unqualified host name (webserver) unknown; sleeping for retry
Feb 13 04:17:42 webserver sendmail[22892]: unable to qualify my own domain name (webserver) -- using short name
```

But at least it works now!


----------



## linthon (Jul 6, 2012)

*change on /etc/mail/submit.mc*

Hi there,

I have the same problem,
then I try  to change line on /etc/mail/submit.mc

FEATURE(`msp', `[127.0.0.1]')dnl
to
FEATURE(`msp', `[your_smtp_server_ip/hostname]')dnl  


it works


----------



## ghostcorps (Jul 7, 2012)

linthon said:
			
		

> Hi there,
> 
> I have the same problem,
> then I try  to change line on /etc/mail/submit.mc
> ...



Thanks  

This was already done at some point, but was too long ago to remember any details about when or why... Still there have been no troubles with mail since


----------

