[SOLVED] Mails getting rejected

[restitutor^stultus]

Hello,

I'm trying to set up mail sending from a particular machine. It's configured to target the mail gateway at its internal SMTP port 26, rest of the sendmail config is complete default, although I've also tried some other mail commands. The source IP is whitelisted in networks.
There are different working setups already using this port, to which I don't really see much of a difference.

But:

2024-05-06T14:03:27.739641+02:00 mymailserver postfix/smtpd[877525]: connect from unknown[10.11.12.13]
2024-05-06T14:03:27.759041+02:00 mymailserver postfix/smtpd[877525]: NOQUEUE: reject: RCPT from unknown[10.11.12.13]: 554 5.7.1 <myuser@mydomain.tld>: Relay access denied; from=<dummy@mydomain.tld> to=<myuser@mydomain.tld> proto=ESMTP helo=<somehost.mydomain.tld>
2024-05-06T14:03:27.759153+02:00 mymailserver postfix/smtpd[877525]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient "myuser@mydomain.tld" from client "unknown[10.11.12.13]"
2024-05-06T14:03:27.776856+02:00 mymailserver postfix/smtpd[877525]: NOQUEUE: reject: RCPT from unknown[10.11.12.13]: 554 5.7.1 <dummy@mydomain.tld>: Relay access denied; from=<> to=<dummy@mydomain.tld> proto=ESMTP helo=<somehost.mydomain.tld>
2024-05-06T14:03:27.777012+02:00 mymailserver postfix/smtpd[877525]: using backwards-compatible default setting smtpd_relay_before_recipient_restrictions=no to reject recipient "dummy@mydomain.tld" from client "unknown[10.11.12.13]"
2024-05-06T14:03:27.831042+02:00 mymailserver postfix/smtpd[877525]: disconnect from unknown[10.11.12.13] ehlo=2 starttls=1 mail=2 rcpt=0/2 data=0/2 rset=3 quit=1 commands=9/13

On the sender side, I'm seeing this in the maillog:

May 6 14:03:27 somehost sendmail[197351]: 446C3RtT197351: Authentication-Warning: somehost.mydomain.tld: osuser set sender to dummy@mydomain.tld using -f
May 6 14:03:27 somehost sendmail[197351]: 446C3RtT197351: from=dummy@mydomain.tld, size=35, class=0, nrcpts=1, msgid=<202405061203.446C3RtT197351@somehost.mydomain.tld>, relay=osuser@localhost
May 6 14:03:27 somehost sm-mta[197352]: 446C3R6Y197352: from=<dummy@mydomain.tld>, size=428, class=0, nrcpts=1, msgid=<202405061203.446C3RtT197351@somehost.mydomain.tld>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
May 6 14:03:27 somehost sendmail[197351]: 446C3RtT197351: to=myuser@mydomain.tld, ctladdr=dummy@mydomain.tld (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30035, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (446C3R6Y197352 Message accepted for delivery)
May 6 14:03:27 somehost sm-mta[197354]: STARTTLS=client, relay=[192.168.200.250]port.26, version=TLSv1.3, verify=FAIL, cipher=somecipher, bits=256/256
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197352: to=<myuser@mydomain.tld>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=120428, relay=[192.168.200.250]port.26 [192.168.200.250], dsn=5.7.1, stat=Service unavailable
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197352: 446C3R6Y197354: DSN: Service unavailable
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197354: to=<dummy@mydomain.tld>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30000, relay=[192.168.200.250]port.26 [192.168.200.250], dsn=5.7.1, stat=Service unavailable
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197354: to=MAILER-DAEMON, delay=00:00:00, mailer=local, pri=30000, dsn=5.1.1, stat=User unknown
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197354: to=postmaster, delay=00:00:00, mailer=local, pri=30000, dsn=5.1.1, stat=User unknown
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197354: 446C3R6Z197354: return to sender: User unknown
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Z197354: to=MAILER-DAEMON, delay=00:00:00, mailer=local, pri=0, dsn=5.1.1, stat=User unknown
May 6 14:03:27 somehost sm-mta[197354]: 446C3R6Y197354: Saved message in /var/lib/sendmail/dead.letter

And in /var/lib/sendmail/dead.letter:

From MAILER-DAEMON Mon May 6 14:03:27 2024
Return-Path: <MAILER-DAEMON>
Received: from localhost (localhost)
by somehost.mydomain.tld (8.15.2/8.15.2/somelinux) id 446C3R6Y197354;
Mon, 6 May 2024 14:03:27 +0200
Date: Mon, 6 May 2024 14:03:27 +0200
From: Mail Delivery Subsystem <MAILER-DAEMON>
Message-Id: <202405061203.446C3R6Y197354@somehost.mydomain.tld>
To: <dummy@mydomain.tld>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="446C3R6Y197354.1714997007/somehost.mydomain.tld"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)

This is a MIME-encapsulated message

--446C3R6Y197354.1714997007/somehost.mydomain.tld

The original message was received at Mon, 6 May 2024 14:03:27 +0200
from localhost [127.0.0.1]

----- The following addresses had permanent fatal errors -----
<myuser@mydomain.tld>
(reason: 554 5.7.1 <myuser@mydomain.tld>: Relay access denied)

----- Transcript of session follows -----
... while talking to [[192.168.200.250]port.26:
>>> DATA
<<< 554 5.7.1 <myuser@mydomain.tld>: Relay access denied
554 5.0.0 Service unavailable
<<< 554 5.5.1 Error: no valid recipients

--446C3R6Y197354.1714997007/somehost.mydomain.tld
Content-Type: message/delivery-status

Reporting-MTA: dns; somehost.mydomain.tld
Received-From-MTA: DNS; localhost
Arrival-Date: Mon, 6 May 2024 14:03:27 +0200

Final-Recipient: RFC822; myuser@mydomain.tld
Action: failed
Status: 5.7.1
Remote-MTA: DNS; [[192.168.200.250]port.26
Diagnostic-Code: SMTP; 554 5.7.1 <myuser@mydomain.tld>: Relay access denied
Last-Attempt-Date: Mon, 6 May 2024 14:03:27 +0200

--446C3R6Y197354.1714997007/somehost.mydomain.tld
Content-Type: text/rfc822-headers

Return-Path: <dummy@mydomain.tld>
Received: from somehost.mydomain.tld (localhost [127.0.0.1])
by somehost.mydomain.tld (8.15.2/8.15.2/somelinux) with ESMTP id 446C3R6Y197352
for <myuser@mydomain.tld>; Mon, 6 May 2024 14:03:27 +0200
Received: (from osuser@localhost)
by somehost.mydomain.tld (8.15.2/8.15.2/Submit) id 446C3RtT197351
for myuser@mydomain.tld; Mon, 6 May 2024 14:03:27 +0200
Date: Mon, 6 May 2024 14:03:27 +0200
From: dummy@mydomain.tld
Message-Id: <202405061203.446C3RtT197351@somehost.mydomain.tld>
X-Authentication-Warning: somehost.mydomain.tld: osuser set sender to dummy@mydomain.tld using -f
Subject: blabla

I don't know what's causing this, and why it's working for other stuff that's not looking particularly different.


Inconsistenly (maybe under 50% of the time), I've also been getting

warning: regexp map /etc/postfix/senderaccess, line 1: Invalid preceding regular expression

but sometimes, it has not been occuring without actually changing anything. I've tried to fix it using this post, which didn't really help to fix my mail rejection issue at all though.

 

[restitutor^stultus]

One interesting thing: I managed to actually send a working mail with telnet. Somehow. The "why" thus far eludes me still.

 

[restitutor^stultus]

The problem seems to be that despite both having port 26 in the config AND logging it several times per attempt while never logging 25, tcpdump reveals that this lying sack of $%@&+#}?% called sendmail is actually trying to contact port 25 and never sent even a single packet to p 26. I sincerely want to smash my head against the wall. But how to actually fix this stupid behaviour?Unfortunately, I can't use another sending program in this context.

 

[restitutor^stultus]

Ultimately I "fixed" it by figuring out I was wrong about my use case application's semblance of hard dependency on sendmail. Ditched sendmail for postfix and it works like a charm on first try.

So... stay away from sendmail, it's just atrociously user-hostile, wonky and intransparent...