 |
» |
|
|
|
This section describes the following techniques for troubleshooting Sendmail: You must log in as superuser to perform all Sendmail troubleshooting. Keeping
the Aliases Database Up to Date | |
You must rebuild the aliases database if you have made changes to
the aliases text file. You must restart Sendmail after you change the configuration
file or the aliases database. Issue the following commands, on a standalone system or on
the mail server, to rebuild the aliases database and restart Sendmail: /sbin/init.d/sendmail stop |
/sbin/init.d/sendmail start |
Updating your
NIS or NIS+ Aliases DatabaseIf you are using NIS or NIS+ to manage your aliases database, see Installing
and Administering NFS Services, at the URL http://www.docs.hp.com/hpux/onlinedocs/B1031-90048/B1031-90048.html. Verifying
Address Resolution and Aliasing | |
In order to deliver a message, Sendmail must first resolve
the recipient addresses appropriately. To determine how Sendmail would
route mail to a particular address, issue the following command: /usr/sbin/sendmail -bv -v -oL10 address [address...] |
The -bv (verify mode) option causes Sendmail to verify
addresses without collecting or sending a message. The -v (verbose) flag causes Sendmail to report alias
expansion and duplicate suppression. The -oL10 (log level) option sets the log level to 10. At
log level 10 and above, sendmail -bv reports the mailer and host to which it resolves recipient
addresses. For hosts that resolve to IPC mailers, MX hosts are not reported when using verify mode,
because MX records are not collected until delivery is actually
attempted. If the address is not being resolved as you expect, you may
have to modify one or more of the following: The Sendmail configuration file The files or programs from which file classes are
generated The name server configuration
More detailed information about how the configuration file
is rewriting the recipient addresses is provided by address test
mode: Verifying
Message Delivery | |
You can observe Sendmail’s interaction with the delivery
agents by delivering the message in verbose mode, as in the following
example: /usr/sbin/sendmail -v myname@hp.com |
Sendmail is now ready for you to type a message. After the
message, type a period (.) on an empty line to denote the end of
the message, as in the following example: Sendmail responds with the following information: myname@baby.com... Connecting to sys1.hp.com via esmtp...
220 sys1.baby.com ESMTP Sendmail 8.8.6 (PHNE_12345)/8.8.6 SMKit7.02; Wed, 23 Oct 2002 18:44:21 +0530 (IST)
250-sys1.baby.com Hello root@inet.baby.com [15.70.178.1940, pleased to meet you
>>MAIL From:<root@inet.baby.com> SIZE=21
250 <root@inet.baby.com>... Sender ok
>> RCPT To:<myname@baby.com>
250 <myname@baby.com>
>>DATA
354 Enter mail, end with “.” on a line by itself
>>>.
250 SAA24294 Message accepted for delivery
myname@baby.com... Sent (SAA24294 Message accepted for delivery)
Closing connection to sys1.baby.com
QUIT
221 sys1.baby.com closing connection. |
Sendmail has interfaces to three types of delivery agents.
In verbose mode, Sendmail reports its interactions with them as
follows: Mailers that use SMTP to a remote
host over a TCP/IP connection (IPC mailers). In verbose mode, Sendmail reports the name of the mailer used,
each MX host (if any) to which it tries to connect, and
each Internet address it tries for each host. When a connection
succeeds, the SMTP transaction
is reported in detail. Mailers that run SMTP (locally) over pipes. The name of the mailer used and the command line passed to exec() are reported. Then the SMTP transaction is reported
in detail. If the mailer returns an abnormal error status, that
is also reported. Mailers that expect envelope information from the Sendmail command line
and expect message headers and message body from standard input. The name of the mailer used and the command line passed to exec() are reported. If the mailer returns an abnormal
error status, that is also reported.
Contacting
the Sendmail Daemon to Verify Connectivity | |
It is possible to contact the Sendmail daemon and other SMTP
servers directly with the following command: Use this to determine whether an SMTP server is running on host. If not, your connection attempt will return the
message Connection refused. After you establish a connection to the Sendmail daemon, you
can use the SMTP vrfy command to determine whether the server can route
to a particular address. For example: telnet furschlugginer 25
220 furschlugginer.bftxp.edu ESMTP Sendmail 8.11.1/8.11.1; Wed, 28 Aug 2002 14:33:50 +0530 (IST)
vrfy istm@hp.com
250 2.1.5 <istm@hp.com>
vrfy blemph@morb.poot
554 5.1.1 blemph@morb.poot... User unknown
quit
221 2.0.0 furschlugginer.bftxp.edu closing connection
Connection closed by foreign host |
Not all SMTP
servers support the VRFY and EXPN commands. Setting Your
Domain Name | |
If Sendmail cannot resolve your domain name, you may see the
following warning message in your syslog file: WARNING: local host name name is not qualified; fix $j in config file |
To resolve this problem, do one of the following: Uncomment the following line in the /etc/mail/sendmail.cf file by deleting the pound sign (#) at the beginning
of the following line: Change Foo.COM to the name of your domain (for example, HP.COM). Modify the /etc/hosts file, making sure that the fully qualified name
of the system is listed first. For example, the entry in the file must
be 255.255.255.255 dog.hp.com dog and not 255.255.255.255 dog dog.hp.com.
Attempting
to Start Multiple Sendmail Daemons | |
If you attempt to invoke Sendmail when a Sendmail daemon is
already running, the following message may be logged to the syslog
file: NO QUEUE: SYSERR (root) opendaemonsocket: daemon MTA: server SMTP socket wedged: exiting |
This message means that a Sendmail daemon is already running.
You can use either /sbin/init.d/sendmail stop or killsm to stop the running daemon. Configuring
and Reading the Sendmail Log | |
Sendmail logs
its mail messages through the syslogd logging facility. The syslogd configuration must write mail logging to the file /var/adm/syslog/mail.log. You can do this by adding the following line
in /etc/syslog.conf: mail.debug /var/adm/syslog/mail.log |
You can use the HP mtail utility to look at a specified number of the last lines
of the log file: By default, mtail displays the last 20 lines of the log file. For
more information on the mtail utility, type man 1M mtail at the HP-UX prompt. For more information on configuring syslogd, see the HP-UX Internet Services Administrator’s
Guide at the URL http://www.docs.hp.com/hpux/netcom/index.html#Internet%20Services. You can set the log level with the -oL option on the Sendmail command line or on the OL line in the Sendmail configuration file. At the
lowest level, no logging is done. At the highest level, even the
most mundane events are recorded. As a convention, log levels 11
and lower are considered useful. Log levels above 11 are normally
used only for debugging purposes. We recommend that you configure syslogd to log mail messages with a priority level of
debug and higher. Sendmail’s behavior at each log level
is described in Table 2-5 “Sendmail Logging Levels”. Table 2-5 Sendmail Logging Levels Logging Level | Behavior | 0 | No logging. | 1 | Major problems
only. | 2 | Message
collections and failed deliveries. | 3 | Successful
deliveries. | 4 | Messages
being queued (due to a host being down, and so on). | 5 | Messages
being added to the queue in routine circumstances. | 6 | Unusual
but benign incidents, such as trying to process a locked queue file. | 9 | Log internal
queue ID to external message ID mappings. This can be useful for
tracing a message as it travels between several hosts. | 10 | The name
of the mailer used, the host (if nonlocal), and the user name passed
to the mailer are logged. If the log level is 10 or higher, Sendmail also
reports this information in -bv (verify) mode. | 11 | For successful
deliveries to IPC mailers, the MX (mail exchanger) host delivered to (if any) and
the Internet address used for the connection are logged. | 12 | All incoming
and outgoing SMTP commands and their arguments are logged at LOG_INFO. | 13 | Log bad user shells, world-writable files,
and other questionable situations. | 14-98 | Debugging information.
This information must be interpreted by your HP service representative. |
Understanding
syslog EntriesSendmail logs the following: Failures beyond its control (SYSERR). Administrative activities (for example, rebuilding
the aliases database, and killing and restarting the daemon). Events associated with mail transactions.
Log entries marked SYSERR indicate either system failures or configuration
errors and may require the attention of the system administrator. Each system log entry for a mail transaction has a queue ID
associated with it. All log entries for the same input message have
the same queue ID. Log level is normally set to 10 in the configuration
file. At this level, the following information is logged for each
delivery: - message-id=
If a message had a Message ID header line when it was input to Sendmail, this
is logged. Sendmail can also be configured to add a Message ID header line if none is present. This ID uniquely
identifies a message and can be used to trace the progress of a
message through mail relays. - from=
The sender of the message and the message size are logged. - to=
The recipient of the message. One message may have multiple
recipients. Sendmail logs a separate entry for each separate delivery
attempt it makes, so multiple recipients on the same host may appear
on the same line, but multiple recipients on different hosts will appear
on different lines. The delivery status of the message (whether
message succeeded, failed, or was queued), the mailer, and the host
used are logged.
Other details logged in the syslog file are time delay in
delivering the message (delay=), type of mailer used (mailer=),
priority of the message, relay machine, and the status of the message.
Queued messages and SYSERRs are also logged. Storing
Off Old Sendmail Log FilesAt typical logging levels, every piece of mail passing through Sendmail adds
two or three lines to the mail log. A script to manage the growth
of the mail log could be run nightly, at midnight, with an entry
in root’s crontab file. Following is an example of a crontab entry for a script called newsyslog: 0 0 * * * /var/adm/syslog/newsyslog |
The following example shows what the script /var/adm/syslog/newsyslog might contain. The script assumes that syslog is configured to direct mail logging to /var/adm/syslog/mail.log. #!/usr/bin/sh
#
# NEWSYSLOG: Save only the last week’s Sendmail logging.
cd /var/adm/syslog
#
mv mail.log.6 mail.log.7
mv mail.log.5 mail.log.6
mv mail.log.4 mail.log.5
mv mail.log.3 mail.log.4
mv mail.log.2 mail.log.3
mv mail.log.1 mail.log.2
cp mail.log mail.log.1
kill -1 `cat /var/run/syslog.pid` |
Printing
and Reading the Mail Queue | |
You can print the current contents of the mail queue with
the following command: mailq The output looks similar to this example: /var/spool/mqueue (3 requests) | ----Q-ID----- | --Size--- | -----Q-Time---- | ----Sender/Recipient----- | | h3TA9Bb29701 | 86 | Wed Feb 9 07:08 | janet
ess@vetmed.umd.edu
ebs@surv.ob.com | | h3TAATe29713 | 1482 | Tue Feb 15 7:05 | carole
bja@edp.cloq.potlatch.com
vls@ee.cmu.edu | h3TABWB29731 | 10169 | Tue Feb 15 8:10 | chuck
hrm@per.stmarys.com
sys6!sysloc@njm |
The first entry is a message with queue ID h3TA9Bb29701 and a size of 86 bytes. The message arrived in
the queue on Wednesday, February 9, at 7:08 a.m. The sender was janet. She sent a message to the recipients ees@vetmed.umd.edu and ebs@surv.ob.com. Sendmail has already attempted to route the message,
but the message remains in the queue because its SMTP connection
was refused. This usually means that the SMTP server is temporarily
not running on the remote host, but it also occurs if the remote
host never runs an SMTP server. Sendmail attempts to deliver this
message the next time the mail queue is processed. Two other messages in the queue are also routed for delivery
the next time the mail queue is processed. If mailq is run in verbose mode (with the -v option), then when it prints the queue, it will
also show the priority of each queued message. The files that Sendmail creates in the mail queue all have
names of the following format: where y - Denotes the year m - Denotes the month d - Denotes the day h - Denotes hour m - Denotes minute, s - Denotes second r - Denotes a random number XXXXX - Denotes a 5-digit number that is the
process ID of the process creating the queue entry. A file whose name begins with df is a data file. The message body, excluding the
header, is kept in this file. A file whose name begins with qf is a queue-control file, which contains the information
necessary to process the job. A file whose name begins with xf is a transcript file. This file is normally empty
while a piece of mail is in the queue. If a failure occurs, a transcript
of the failed mail transaction is generated in this file. The queue-control file (type qf) is structured as a series of lines, each beginning
with a letter that defines the content of the line. Lines in queue-control
files are described in Table 2-6 “Lines in Queue-Control Files”. Table 2-6 Lines in Queue-Control Files Initial Letter | Content
of Line |
|---|
B | The message
body type (either 7bit or 8bitmime). | C | The controlling
user for message delivery. This line always precedes a recipient
line (R) that specifies the name of a file or program
name. This line contains the user name that Sendmail must run as
when it is delivering a message into a file or a program’s stdin. | D | The name
of the data file. There can be only one D line in the queue-control file. | E | An error
address. If any such lines exist, they represent the addresses that
must receive error messages. | H | A header
definition. There can be many H lines in the queue-control file. Header definitions
follow the header definition syntax in the configuration file. | P | The current
message priority. This is used to order the queue. Higher numbers
mean lower priorities. The priority decreases (that is, the number
grows) as the message sits in the queue. The initial priority depends
on the message precedence, the number of recipients, and the size
of the message. | M | A message.
This line is printed by the mailq command and is generally used to store status
information (that is, the reason the message was queued). It can
contain any text. | R | A recipient
address. Normally this has already been completely aliased, but
it is actually re-aliased when the queue is processed. There is
one line for each recipient. | S | The sender
address. There can be only one sender address line. | T | The job
creation time (in seconds since January, 1970). This is used to determine
when to time out the job. |
The following example is a queue-control file named qfAA00186. The sender is david, and the recipient is the local user carolyn. The current priority of the message is 17. The
job creation time, in seconds since January, 1970, is 515 961 566.
The last seven lines describe the header lines that appear on the
message. P17
T515961566
DdfAA00186
Sdavid
Rcarolyn
Hreceived: by lab; Thu, 8 May 86 12:39:26 mdt
Hdate: Thu, 8 May 86 12:39:26 mdt
Hfrom: David <david>
Hfull-name: David
Hreturn-path: <david>
Hmessage-id: <8605081839.AA00186@lab.HP>
Happarently-to: carolyn |
Queue
Changes | |
The following miscellaneous enhancements have been made to
the queue option: The queue option
allows multiple -qI, -qR, or -qS queue run limiters.
For example, using
Sendmail -qRfoo -qRbar will deliver mail to recipients with foo or bar in their address. The map flag -Tx appends x to lookups that return temporary failure. This
is similar to -ax flag, which appends x to lookups that return success. The QueueSortOrder option is case sensitive.
Changes
to Sendmail Files and Databases | |
Sendmail files and databases are stored in the /etc/mail directory. Sendmail utilities access these files
and databases for their operation. If you are logged in as a root
user, warning messages are displayed when you run any Sendmail utility
that access these files and databases. The warning messages are
displayed only when the Sendmail files and databases have incorrect
permission for non-root users. This section discusses the warning messages displayed when
you execute the Sendmail utilities mailstats and newaliases. This section also describes the warning messages
that appear when you send mail. Finally, this section provides information
on how you can resolve these warning messages. | | | |  | NOTE: The warning messages do not indicate any error
in the syntax of the command. | | | | |
The mailstats utility enables you to collect the mail statistics
stored in the /etc/mail/sendmail.st file. If you run the mailstats utility with root user permission, the following
warning messages might appear: #mailstats
warning: /etc/mail/sendmail.st has group read/write or world
read/write permission. This is unsafe
Statistics from Thu Dec 19 10:27:00 2002 |
| M | msgsfr | bytes_from | msgsto | bytes_to | msgsrej | msgsdis | Mailer |
|---|
| 0 | 0 | 0K | 46 | 47K | 0 | 0 | prog | | 3 | 41 | 43K | 56 | 57K | 0 | 0 | local | | 5 | 49 | 51K | 34 | 34K | 0 | 0 | esmtp | | ============================================================= | | T | 90 | 94K | 136 | 138K | 0 | 0 | | C | 90 | | 136 | | 0 | | |
How to Resolve
the Warning Messages To resolve these warning messages, run the following command: # chmod 600 /etc/mail/sendmail.st |
Now, if you execute the mailstats utility, the warning messages do not appear. newaliases rebuilds the database for the mail aliases file.
If you run the newaliases utility with root user permission, the following
warning messages might appear: # newaliases
warning: /etc/mail/aliases has world read or write
permission. This is unsafe.
warning: /etc/mail/aliases.db has world read or write
permission. This is unsafe.
/etc/mail/aliases: 7 aliases, longest 9 bytes, 88 bytes total |
How to Resolve
the Warning Messages To resolve the warning messages, run the following command: # chmod 640 /etc/mail/aliases /etc/mail/aliases.db |
Now, if you execute the newaliases utility, the warning messages do not appear. How
to Resolve Warning Messages When You Send MailWarning messages may appear when you send mail as a root user. Following
is an example statement: #echo “Subject: Testing” | /usr/sbin/sendmail root
warning: /etc/mail/aliases has world read or write
permission. This is unsafe.
warning: /etc/mail/aliases.db has world read or write
permission. This is unsafe.
warning: /etc/mail/sendmail.st has group read/write or world
read/write permission. This is unsafe |
Warning messages appear only for the files that have incorrect permission.
To resolve the warning messages, run the appropriate commands as described
in the sections “The
mailstats Utility” and “The
newaliases Utility”. Impact
on Non-Root Users With the change in permission, non-root users cannot access
the files and databases associated with Sendmail, and a Permission denied message appears when you run any utility that
access the Sendmail files and databases. The following messages appear when you run the praliases and mailstats utilities: $ praliases
praliases: /etc/mail/aliases: open: Permission denied
$ mailstats
mailstats: /etc/mail/sendmail.st: Permission denied |
|
