Sendmail connection timeout

Question

I recently setup a new Debian server,

After installing and setting up sendmail for the first time, I am not able to send e-mail.

Reason : Connection timeout.

Output from the /var/log/mail.log :

> May  6 02:42:53 k***** sm-mta[15070]: q465gjxF013677:
> to=<*****@gmail.com>, ctladdr=<*****@*****.ca> (1001/1001),
> delay=01:00:08, xdelay=00:00:00, mailer=esmtp, pri=300329,
> relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred:
> Connection timed out with alt4.gmail-smtp-in.l.google.com.

Output from netstat :

tcp        0      0 0.0.0.0:587             0.0.0.0:*   LISTEN   15069/sendmail: MTA
tcp        0      0 0.0.0.0:25              0.0.0.0:*   LISTEN   15069/sendmail: MTA

Telnet on 25 is also successful when ran from an other computer (telnet theserver.imworkingon.com 25) but not if I try to run it from the server im working on. This is telling me that somehow the outbound port 25 seems to be blocked...

Anyone have any ideas?

The netstat output you listed only shows the ports that your sendmail is listening on for *inbound* mail... It's not relevant to your mail sending problem. — ewwhite, May 06 '12 at 07:12
"[The case of the 500 miles mail](http://www.ibiblio.org/harris/500milemail.html)" :) — adamo, May 07 '12 at 06:09

ewwhite · Accepted Answer · 2012-05-07T18:29:44.657

7

The standard mail troubleshooting steps apply here... From the log, we see that you're able to resolve the MX/DNS records for the gmail.com destination you're sending to. So this isn't a DNS or routing issue.

Since this is a basic SMTP delivery, try using telnet to port 25 to make sure you're able to connect to the destination host...

I'd follow this sequence:

dig mx gmail.com
# Look for the mail destination IP in the output - "209.85.225.27" in this case

telnet 209.85.225.27 25
# This is an attempt to telnet to port 25 (smtp) on the recipient's server...

You should see something similar to:

Trying 209.85.225.27...
Connected to iy-in-f27.1e100.net (209.85.225.27).
Escape character is '^]'.
220 ***************************************

If you do not see the above, your outbound port 25 smtp traffic is being blocked either at the machine level (check iptables, etc.) or at the network level (check network firewall or ISP policies).

If you do see a similar message, then you're able to pass mail and shouldn't be receiving timeout errors.

edited May 07 '12 at 18:29

answered May 06 '12 at 07:09

ewwhite

197,159
92
443
809

1

Minor point of clarification (that's probably obvious but I'll mention it anyway): not all people will see asterisks in the 220 banner greeting upon successful connections. – Mike B May 06 '12 at 07:34
For some reason, if I try "telnet the.server.imworkingon 25" is successful from any other computer. BUT if I try to telnet anyother address from the server i'm working on, I get a connection timeout. Port 25 is open with iptables, and it isn't my ISP (dedicated server).. Any other advice? Thank you for your help soo far. – Erwald May 06 '12 at 16:35
1

The incoming connection to port 25 of the.server.imworkingon does not matter. It still sounds like your ISP may be blocking outgoing email connections. As adamo says, check your ISP's documentation to see whether you are supposed to send all email via your ISP's relay and on a different port. Or use ewwhite's suggestion of trying to telnet to port 25 of your destination (gmail.com). – ramruma May 06 '12 at 17:43

score 0 · Answer 2 · answered May 06 '12 at 14:04

Connection timeouts to well known services usually mean one of two things:

1- You cannot connect to port 25 of any SMTP server out there because your ISP is blocking this. Check with your ISP whether your machine is allowed to send email directly or via a relay. If a relay is offered by your ISP / hosting provider, add the following line somewhere in the middle of your /etc/mail/sendmail.mc file:

define(`SMART_HOST', `[relay.your.isp.provides]')dnl

Next as root run sendmailconfig and check whether this works.

2- It may be the case that you have a TCP window scaling problem to solve. This can be anything from a cable, to the ethernet card driver, to the card itself, the cable, the switch and any router in between and as a heisenbug it can appear only in your specific configuration. You can try to bypass this by adding the following lines to /etc/sysctl.conf:

net.ipv4.tcp_rmem = 4096 87380 174760
net.ipv4.tcp_wmem = 4096 16384 131072
net.ipv4.tcp_window_scaling = 0

Next as root run sysctl -p and check again whether this solves the problem or not.

score 0 · Answer 3 · answered Aug 23 '16 at 06:56

0

Furthermore you have to check if your Client Options prohibit a sending of mails over the defined interface:

O ClientPortOptions=Addr=1.2.3.4,Name=XXX

If your addressee is in the wrong network, it can't go through.

answered Aug 23 '16 at 06:56

Gerhard Lehmann

1

Sendmail connection timeout

3 Answers3