0

We use Fedora 25 with sendmail-8.15.2-8.fc25.x86_64 and whilst sending messages via SquirrelMail it takes quite a while. These logs appear:

delay=00:00:15, xdelay=00:00:00, mailer=relay, pri=46987, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]

I tried this suggestion:

# SMTP daemon options
O DaemonPortOptions=Family=inet, Name=MTA-v4, Port=smtp, Addr=XX.XX.XX.XX
O DaemonPortOptions=Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1
O DaemonPortOptions=Family=inet, Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1

And:

cat /etc/hosts.allow
ALL : 127.0.0.1

Firewalld seems ok too:

firewall-cmd --permanent --list-all
[...]
  services: samba imaps pop3s http ssh nfs samba-client smtp dhcpv6-client mysql cockpit https vnc-server postgresql ipp-client mdns ipp dns 

rich rules:
        rule family="ipv4" source address="218.65.30.108" reject
        rule family="ipv4" source address="72.9.101.182" reject

Anything else to check? The mail eventually DOES go out. Takes almost a minute.

Edit: using the suggestion here, I was at least able to get mails to go out. Now it seems SpamAssassin is slowing things down w/ Pyzor being a culprit.

Jul 13 23:03:24 storm sendmail[14504]: v6E33EOQ014504: Authentication-Warning: our-domain: apache set sender to me@our-domain using -f
Jul 13 23:03:39 storm sendmail[14504]: v6E33EOQ014504: from=me@our-domain, size=535, class=0, nrcpts=1, msgid=<9ca00a710c6bfad3d60dd424cd79ac19.squirrel@our-domain>, relay=apache@localhost
Jul 13 23:04:05 storm sendmail[14629]: v6E33ddm014629: from=<me@our-domain>, size=779, class=0, nrcpts=1, msgid=<9ca00a710c6bfad3d60dd424cd79ac19.squirrel@our-domain>, proto=ESMTP, daemon=MTA-loopback, relay=localhost [127.0.0.1]
Jul 13 23:04:05 storm sendmail[14629]: v6E33ddm014629: Milter insert (1): header: X-Virus-Scanned: clamav-milter 0.99.2 at our-domain
Jul 13 23:04:05 storm sendmail[14629]: v6E33ddm014629: Milter insert (1): header: X-Virus-Status: Clean
Jul 13 23:04:05 storm spamd[13378]: spamd: connection from localhost [::1]:48316 to port 783, fd 5
Jul 13 23:04:05 storm spamd[13378]: spamd: using default config for root: /home/spamd/user_prefs
Jul 13 23:04:05 storm spamd[13378]: spamd: processing message <9ca00a710c6bfad3d60dd424cd79ac19.squirrel@our-domain> for root:1001
Jul 13 23:04:20 storm spamd[13378]: spamd: clean message (-101.5/5.0) for root:1001 in 15.0 seconds, 1193 bytes.
Jul 13 23:04:20 storm spamd[13378]: spamd: result: . -101 - ALL_TRUSTED,BAYES_00,PYZOR_CHECK,USER_IN_WHITELIST scantime=15.0,size=1193,user=root,uid=1001,required_score=5.0,rhost=localhost,raddr=::1,rport=48316,mid=<9ca00a710c6bfad3d60dd424cd79ac19.squirrel@our-domain>,bayes=0.000000,autolearn=no autolearn_force=no
Jul 13 23:04:20 storm sendmail[14629]: v6E33ddm014629: Milter add: header: X-Spam-Status: No, score=-101.5 required=5.0 tests=ALL_TRUSTED,BAYES_00,\n\tPYZOR_CHECK,USER_IN_WHITELIST autolearn=no autolearn_force=no version=3.4.1
Jul 13 23:04:20 storm sendmail[14629]: v6E33ddm014629: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on\n\tour-domain
Jul 13 23:04:20 storm sendmail[14504]: v6E33EOQ014504: to=me@our-domain, ctladdr=me@our-domain (16836/16836), delay=00:01:06, xdelay=00:00:41, mailer=relay, pri=30535, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (v6E33ddm014629 Message accepted for delivery)
Jul 13 23:04:20 storm spamd[13309]: prefork: child states: II
Jul 13 23:04:20 storm spamd[13378]: spamd: connection from localhost [::1]:48320 to port 783, fd 5
Jul 13 23:04:20 storm spamd[13378]: spamd: using default config for spamd: /home/spamd/user_prefs
Jul 13 23:04:20 storm spamd[13378]: spamd: processing message <9ca00a710c6bfad3d60dd424cd79ac19.squirrel@our-domain> for spamd:1001
AnFi
  • 6,103
  • 1
  • 14
  • 27
RobbieTheK
  • 400
  • 6
  • 18
  • Is sendmail daemon up and running? (`ps`, `netstat`) Have sendmail logged successful startup in the log file? – AnFi Jul 14 '17 at 00:31
  • Yes and yes, email is flowing, just the sending via SquirrelMail is slow. – RobbieTheK Jul 14 '17 at 00:35
  • Does sendmail report overload in the log file? Sendmail may start to refuse incoming cnnections when system local is too high (see `RefuseLA`). – AnFi Jul 14 '17 at 00:44

2 Answers2

0

Possible explanations

  1. sendmail daemon is not running
    use ps (ps auxw | grep sendmail), check log files
  2. sendmail daemon refuses new SMTP connections due to too high system load
    use uptime, check log files
  3. sendmail daemon is not listeting on 127.0.0.1interface/all interfaces
    use netstat (netstat -ant | grep :25 on Debian)
  4. incoming connections are blocked by firewall or tcpwrappers
    AFAIK most sendmail installation nowdays are not compiled with tcpwrappers support
AnFi
  • 6,103
  • 1
  • 14
  • 27
  • 1) ps auxw | grep sendmail root zz 0.0 0.0 111672 zz ? Ss 16:53 0:00 sendmail: accepting connections smmsp yy 0.0 0.0 84928 zz ? Ss 16:53 0:00 sendmail: Queue runner@01 for /clientmqueue root xx 0.0 0.0 111672 zz ? S 21:13 0:00 sendmail: startup with xxx.yyy.co 2) :14:55 up 57 days, 5:03, 7 users, load average: 0.20, 0.18, 0.09 3) netstat -ant | grep :25 tcp 0 0 127.0.0.0:25 0.0.0.0:* LISTEN tcp 0 0 our-external-ip:25 0.0.0.0:* LISTEN 4) I showed firewalld rules – RobbieTheK Jul 14 '17 at 01:18
  • Hm now seeing messages like: Authentication-Warning: ourdomain: apache set sender to me@mydomain using -f and no mail going out via Squirrelmail & delay=05:26:50, xdelay=00:00:00, mailer=relay, pri=822734, relay=[127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1] – RobbieTheK Jul 14 '17 at 02:17
0

There were 2 issues here. Not sure why email from outside the server was being rejected but I followed this suggestion:

DAEMON_OPTIONS(`Port=smtp, Addr=192.168.0.1, Name=MTA')dnl
DAEMON_OPTIONS(`Port=smtp, Addr=127.0.0.1, Name=MTA-loopback')dnl

And then, for the slow SpamAssassin & sending of emails via SquirrelMail, the first DNS server listed by NetworkManager (sym linked in /etc/resolv.conf) was an IP that is not supposed to be used by computers within our IP space. Once I changed it, web mail sending was just a second or 2.

RobbieTheK
  • 400
  • 6
  • 18