mail-trouble.html

FreeBSD操作系统的详细使用手册

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>Troubleshooting</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.7" />
<link rel="HOME" title="FreeBSD Handbook" href="index.html" />
<link rel="UP" title="Electronic Mail" href="mail.html" />
<link rel="PREVIOUS" title="Changing Your Mail Transfer Agent"
href="mail-changingmta.html" />
<link rel="NEXT" title="Advanced Topics" href="mail-advanced.html" />
<link rel="STYLESHEET" type="text/css" href="docbook.css" />
</head>
<body class="SECT1" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084"
alink="#0000FF">
<div class="NAVHEADER">
<table summary="Header navigation table" width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<th colspan="3" align="center">FreeBSD Handbook</th>
</tr>

<tr>
<td width="10%" align="left" valign="bottom"><a href="mail-changingmta.html"
accesskey="P">Prev</a></td>
<td width="80%" align="center" valign="bottom">Chapter 22 Electronic Mail</td>
<td width="10%" align="right" valign="bottom"><a href="mail-advanced.html"
accesskey="N">Next</a></td>
</tr>
</table>

<hr align="LEFT" width="100%" />
</div>

<div class="SECT1">
<h1 class="SECT1"><a id="MAIL-TROUBLE" name="MAIL-TROUBLE">22.5 Troubleshooting</a></h1>

<div class="QANDASET">
<dl>
<dt>22.5.1. <a href="mail-trouble.html#Q22.5.1.">Why do I have to use the FQDN for hosts
on my site?</a></dt>

<dt>22.5.2. <a href="mail-trouble.html#Q22.5.2."><b class="APPLICATION">sendmail</b> says
``<tt class="ERRORNAME">mail loops back to myself</tt>''</a></dt>

<dt>22.5.3. <a href="mail-trouble.html#Q22.5.3.">How can I run a mail server on a dial-up
PPP host?</a></dt>

<dt>22.5.4. <a href="mail-trouble.html#Q22.5.4.">Why do I keep getting ``<tt
class="ERRORNAME">Relaying Denied</tt>'' errors when sending mail from other
hosts?</a></dt>
</dl>

<div class="QANDAENTRY">
<div class="QUESTION">
<p><a id="Q22.5.1." name="Q22.5.1."></a><b>22.5.1.</b> Why do I have to use the FQDN for
hosts on my site?</p>
</div>

<div class="ANSWER">
<p><b></b>You will probably find that the host is actually in a different domain; for
example, if you are in <tt class="HOSTID">foo.bar.edu</tt> and you wish to reach a host
called <tt class="HOSTID">mumble</tt> in the <tt class="HOSTID">bar.edu</tt> domain, you
will have to refer to it by the fully-qualified domain name, <tt
class="HOSTID">mumble.bar.edu</tt>, instead of just <tt class="HOSTID">mumble</tt>.</p>

<p>Traditionally, this was allowed by BSD BIND resolvers. However the current version of
<b class="APPLICATION">BIND</b> that ships with FreeBSD no longer provides default
abbreviations for non-fully qualified domain names other than the domain you are in. So
an unqualified host <tt class="HOSTID">mumble</tt> must either be found as <tt
class="HOSTID">mumble.foo.bar.edu</tt>, or it will be searched for in the root
domain.</p>

<p>This is different from the previous behavior, where the search continued across <tt
class="HOSTID">mumble.bar.edu</tt>, and <tt class="HOSTID">mumble.edu</tt>. Have a look
at RFC 1535 for why this was considered bad practice, or even a security hole.</p>

<p>As a good workaround, you can place the line:</p>

<pre class="PROGRAMLISTING">
search foo.bar.edu bar.edu
</pre>

instead of the previous: 

<pre class="PROGRAMLISTING">
domain foo.bar.edu
</pre>

into your <tt class="FILENAME">/etc/resolv.conf</tt>. However, make sure that the search
order does not go beyond the ``boundary between local and public administration'', as RFC
1535 calls it.<br />
<br />
</div>
</div>

<div class="QANDAENTRY">
<div class="QUESTION">
<p><a id="Q22.5.2." name="Q22.5.2."></a><b>22.5.2.</b> <b
class="APPLICATION">sendmail</b> says ``<tt class="ERRORNAME">mail loops back to
myself</tt>''</p>
</div>

<div class="ANSWER">
<p><b></b>This is answered in the <b class="APPLICATION">sendmail</b> FAQ as follows:</p>

<pre class="PROGRAMLISTING">
I'm getting these error messages:

553 MX list for domain.net points back to relay.domain.net
554 &lt;user@domain.net&gt;... Local configuration error

How can I solve this problem?

You have asked mail to the domain (e.g., domain.net) to be
forwarded to a specific host (in this case, relay.domain.net)
by using an MX record, but the relay machine does not recognize
itself as domain.net. Add domain.net to /etc/mail/local-host-names
[known as /etc/sendmail.cw prior to version 8.10]
(if you are using FEATURE(use_cw_file)) or add ``Cw domain.net''
to /etc/mail/sendmail.cf.
</pre>

<p>The <b class="APPLICATION">sendmail</b> FAQ can be found at <a
href="http://www.sendmail.org/faq/" target="_top">http://www.sendmail.org/faq/</a> and is
recommended reading if you want to do any ``tweaking'' of your mail setup.</p>
</div>
</div>

<div class="QANDAENTRY">
<div class="QUESTION">
<p><a id="Q22.5.3." name="Q22.5.3."></a><b>22.5.3.</b> How can I run a mail server on a
dial-up PPP host?</p>
</div>

<div class="ANSWER">
<p><b></b>You want to connect a FreeBSD box on a LAN to the Internet. The FreeBSD box
will be a mail gateway for the LAN. The PPP connection is non-dedicated.</p>

<p>There are at least two ways to do this. One way is to use UUCP.</p>

<p>Another way is to get a full-time Internet server to provide secondary MX services for
your domain. For example, if your company's domain is <tt class="HOSTID">example.com</tt>
and your Internet service provider has set <tt class="HOSTID">example.net</tt> up to
provide secondary MX services to your domain:</p>

<pre class="PROGRAMLISTING">
example.com.          MX        10      example.com.
                      MX        20      example.net.
</pre>

<p>Only one host should be specified as the final recipient (add <var class="LITERAL">Cw
example.com</var> in <tt class="FILENAME">/etc/mail/sendmail.cf</tt> on <tt
class="HOSTID">example.com</tt>).</p>

<p>When the sending <tt class="COMMAND">sendmail</tt> is trying to deliver the mail it
will try to connect to you (<tt class="HOSTID">example.com</tt>) over the modem link. It
will most likely time out because you are not online. The program <b
class="APPLICATION">sendmail</b> will automatically deliver it to the secondary MX site,
i.e. your Internet provider (<tt class="HOSTID">example.net</tt>). The secondary MX site
will then periodically try to connect to your host and deliver the mail to the primary MX
host (<tt class="HOSTID">example.com</tt>).</p>

<p>You might want to use something like this as a login script:</p>

<pre class="PROGRAMLISTING">
#!/bin/sh
# Put me in /usr/local/bin/pppmyisp
( sleep 60 ; /usr/sbin/sendmail -q ) &amp;
/usr/sbin/ppp -direct pppmyisp
</pre>

<p>If you are going to create a separate login script for a user you could use <tt
class="COMMAND">sendmail -qRexample.com</tt> instead in the script above. This will force
all mail in your queue for <tt class="HOSTID">example.com</tt> to be processed
immediately.</p>

<p>A further refinement of the situation is as follows:</p>

<p>Message stolen from the <a
href="http://lists.FreeBSD.org/mailman/listinfo/freebsd-isp" target="_top">FreeBSD
Internet service provider's mailing list</a>.</p>

<pre class="PROGRAMLISTING">
&gt; we provide the secondary MX for a customer. The customer connects to
&gt; our services several times a day automatically to get the mails to
&gt; his primary MX (We do not call his site when a mail for his domains
&gt; arrived). Our sendmail sends the mailqueue every 30 minutes. At the
&gt; moment he has to stay 30 minutes online to be sure that all mail is
&gt; gone to the primary MX.
&gt;
&gt; Is there a command that would initiate sendmail to send all the mails
&gt; now? The user has not root-privileges on our machine of course.

In the ``privacy flags'' section of sendmail.cf, there is a
definition Opgoaway,restrictqrun

Remove restrictqrun to allow non-root users to start the queue processing.
You might also like to rearrange the MXs. We are the 1st MX for our
customers like this, and we have defined:

# If we are the best MX for a host, try directly instead of generating
# local config error.
OwTrue

That way a remote site will deliver straight to you, without trying
the customer connection.  You then send to your customer.  Only works for
``hosts'', so you need to get your customer to name their mail
machine ``customer.com'' as well as
``hostname.customer.com'' in the DNS.  Just put an A record in
the DNS for ``customer.com''.
</pre>
</div>
</div>

<div class="QANDAENTRY">
<div class="QUESTION">
<p><a id="Q22.5.4." name="Q22.5.4."></a><b>22.5.4.</b> Why do I keep getting ``<tt
class="ERRORNAME">Relaying Denied</tt>'' errors when sending mail from other hosts?</p>
</div>

<div class="ANSWER">
<p><b></b>In default FreeBSD installations, <b class="APPLICATION">sendmail</b> is
configured to only send mail from the host it is running on. For example, if a <acronym
class="ACRONYM">POP</acronym> server is available, then users will be able to check mail
from school, work, or other remote locations but they still will not be able to send
outgoing emails from outside locations. Typically, a few moments after the attempt, an
email will be sent from <b class="APPLICATION">MAILER-DAEMON</b> with a ``<tt
class="ERRORNAME">5.7 Relaying Denied</tt>'' error message.</p>

<p>There are several ways to get around this. The most straightforward solution is to put
your ISP's address in a relay-domains file at <tt
class="FILENAME">/etc/mail/relay-domains</tt>. A quick way to do this would be:</p>

<pre class="SCREEN">
<samp class="PROMPT">#</samp> <kbd
class="USERINPUT">echo "your.isp.example.com" &gt; /etc/mail/relay-domains</kbd>
</pre>

<p>After creating or editing this file you must restart <b
class="APPLICATION">sendmail</b>. This works great if you are a server administrator and
do not wish to send mail locally, or would like to use a point and click client/system on
another machine or even another ISP. It is also very useful if you only have one or two
email accounts set up. If there is a large number of addresses to add, you can simply
open this file in your favorite text editor and then add the domains, one per line:</p>

<pre class="PROGRAMLISTING">
your.isp.example.com
other.isp.example.net
users-isp.example.org
www.example.org
</pre>

<p>Now any mail sent through your system, by any host in this list (provided the user has
an account on your system), will succeed. This is a very nice way to allow users to send
mail from your system remotely without allowing people to send SPAM through your
system.</p>
</div>
</div>
</div>
</div>

<div class="NAVFOOTER">
<hr align="LEFT" width="100%" />
<table summary="Footer navigation table" width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td width="33%" align="left" valign="top"><a href="mail-changingmta.html"
accesskey="P">Prev</a></td>
<td width="34%" align="center" valign="top"><a href="index.html"
accesskey="H">Home</a></td>
<td width="33%" align="right" valign="top"><a href="mail-advanced.html"
accesskey="N">Next</a></td>
</tr>

<tr>
<td width="33%" align="left" valign="top">Changing Your Mail Transfer Agent</td>
<td width="34%" align="center" valign="top"><a href="mail.html" accesskey="U">Up</a></td>
<td width="33%" align="right" valign="top">Advanced Topics</td>
</tr>
</table>
</div>

<p align="center"><small>This, and other documents, can be downloaded from <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/</a>.</small></p>

<p align="center"><small>For questions about FreeBSD, read the <a
href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting &#60;<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.<br />
For questions about this documentation, e-mail &#60;<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</small></p>
</body>
</html>