forwarding root's email to a POP on another server

soif

Member
Jun 7, 2003
12
0
151
Paris
I have a problem routing roots email between my two servers:
one.mydomain.com
two.mydomain.com

I've setup "two", using the cpanel interface to forward all root's email (cpanel message, bounce messages and alerts message to be sent to an email accounts on "one").

The problem is that "one" is not accepting emails forwarded from "two", because it says (in the "one"'s logs) "F= rejected after DATA: there is no valid sender in any header line".
And "two"'s logs report that mails were rejected because "550 administrative prohibition".

Of course i have setuped in one's cpanel (in Exim configuration) to "Verify the existance of email senders".
For sure if, i uncheck this option, mails get forwarded properly, as well as spams...

If i check the mails from server two, i will see that there is no "valid senders" because thoses mails are produced by the server itself, bypassing a "valid sender". example:
Code:
1CKj5G-0001TA-Vg-H
mailnull 47 12
<>
1098388730 0
-ident mailnull
-received_protocol local
-body_linecount 22
-allow_unqualified_recipient
-allow_unqualified_sender
-frozen 1098469797
-localerror
XX
1
[email protected]

156P Received: from mailnull by two.milliseconde.net with local (Exim 4.43)
 id 1CKj5G-0001TA-Vg
 for [email protected]; Thu, 21 Oct 2004 21:58:50 +0200
051 X-Failed-Recipients: [email protected]
031 Auto-Submitted: auto-generated
064F From: Mail Delivery System 
030T To: [email protected]
059 Subject: Mail delivery failed: returning message to sender
053I Message-Id: 
038 Date: Thu, 21 Oct 2004 21:58:50 +0200
The result is that i cant receive (from my POP on "one") the error/alert messages produced by "two", and this is really annoying...

How can i fix that?

To be clear how can i forward root's emails to an outside mail account?

Any will be greatly appreciated :rolleyes:
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
Make sure that you have an A record for both hostnames in the zonefile for the domain. Secondly, make sure that you don't have a zonefile for the hostnames domain on any server that isn't an authoratitive domain server. This is nearly always the reason for this type of problem.
 

soif

Member
Jun 7, 2003
12
0
151
Paris
Hey thanks for this ultra fast answer chirpy :)

Yes i do have the two A record
and one = ns1
and two = ns2
Both Authoritative for the domain

FYI here is the DNS listing
Code:
; <<>> DiG 9.2.2 <<>> @ns1.mydomain.com mydomain.com AXFR
mydomain.com.		14400	IN	SOA	ns1.mydomain.com. dns.mydomain.com. 2004101900 28800 7200 3600000 86400
mydomain.com.		14400	IN	MX	0 mydomain.com.
mydomain.com.		14400	IN	MX	20 mx2.mydomain.com.
mydomain.com.		14400	IN	NS	ns1.mydomain.com.
mydomain.com.		14400	IN	NS	ns2.mydomain.com.
mydomain.com.		14400	IN	A	[ONE main IP]
one.mydomain.com.	14400	IN	A	[ONE main IP]
two.mydomain.com.	14400	IN	A	[TWO main IP]
ns1.mydomain.com.	14400	IN	A	[ONE additionnal IP]
ns2.mydomain.com.	14400	IN	A	[TWO additionnal IP]
mail.mydomain.com.	14400	IN	CNAME	mydomain.com.
mx2.mydomain.com.	14400	IN	A	[TWO main IP]
any other suggestion?
is it a bug?
am i an idiot?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
Just to make sure (no you're not an idiot ;) ) Do a dig for both domains on both servers and make sure that you get the correct response for both, i.e.:

dig ns1.mydomain.com
dig ns2.mydomain.com


If it looks OK, check the MX record for the domain on both servers:

dig mydomain.com MX

Finally, just to be sure, does /root/.forward have the correct email address in it ;)

After that, I'm starting to run out of ideas :eek:
 

soif

Member
Jun 7, 2003
12
0
151
Paris
Thanks again Jonathan for your answer :)

i confirm ns1 dig results = ns2 dig results

A, NS and MX records are identicals.

And yes /root/.forward has the correct email address....

WHile talking with ev1servers support, they told me that the root's email cant be redirected to a POP account which is NOT on the same server, because root emails have no enveloppe FRom, and will be rejected on the receiving server (exactely what happens). They said that i would have to first redirect mail to a local account, them forward to the outside word.

SO i tried to forward root to admin, then admin to a POP on the second server.
Admin get mails, but rediretion fails for the exactly same reason ("not valid sender")....

I'm getting crazy.

Do i have to write a perl script to read mail from admin, then remailing it to the other server?? :eek:

I cant be the only one with multiple servers who wants to get all roots mails at only ONE POP.

Ayone had succeeded to do that? or at least to forward root email to a POP NOT on the server?
 
Last edited:

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
All my servers root accounts forward to a single POP3 account on another server (all cPanel, including one at EV1 ;) ).

I'll send you a PM.
 

soif

Member
Jun 7, 2003
12
0
151
Paris
I finally found a solution to get the root's emails forwarded to me.

I removed all adresses from cpanel email contacts.

Then edited /etc/aliases adding

"root: [email protected]"

then ran newaliases
(in fact i did "sendmail -bi", as newaliases is NOT installed on my RHE3/cpanel server)

It now works correctly.... :eek:

HTH
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
Interesting solution. Interestingly, exim.conf does check in /etc/aliases (I don't think running sendmail -bi would actually have done anything) so I guess that is what was working for you.

One final thought, what are the file permissions on your file in:

/root/.forward

It should be 644:

Code:
-rw-r--r--    1 root     root           22 Jun  3 16:30 .forward
 

soif

Member
Jun 7, 2003
12
0
151
Paris
Yes my /root/.forward is 644

BTW sendmail -bi did rebuild the aliases (without this, it did not worked)

From man exim:
"
-bi Sendmail interprets the -bi option as a request to rebuild its alias file. Exim does not
have the concept of a single alias file, and so it cannot mimic this behaviour. However,
calls to /usr/lib/sendmail with the -bi option tend to appear in various scripts such as
NIS make files, so the option must be recognized.

If -bi is encountered, the command specified by the "bi_command" configuration option is
run, under the uid and gid of the caller of Exim. If the -oA option is used, its value is
passed to the command as an argument. The command set by "bi_command" may not contain
arguments. The command can use the exim_dbmbuild utility, or some other means, to rebuild
alias files if this is required. If the "bi_command" option is not set, calling Exim with
-bi is a no-op.
"

I did that because newsaliases where not implemented in my server and because in another unix machine i saw that "newsaliases" was just an alias to "sendmail -bi".

I'm not enought expert to understand what the man page explained, but it worked for me : that's all i wanted ;)

Thanks for your help chirpy :eek: