Home / server / Questions / 888587
Accepted
Altimus Prime
Asked: 2017-12-18 16:15:11 +0800 CST

How do you set the outbound ip address of sendmail? [duplicate]

  • 772

How do you set the outbound ip address of sendmail?

There are dozens of tutorials but most just tell you what to set without explaining anything and most of them assume you're running a virtual machine and only have a static ip.

Setup The server is a physical machine running centos 7 with port 25 opened on the LAN and in SElinux with the option to send emails from apache enabled. I keep getting timeout errors when I attempt to send outbound emails. I've tested on gmail, yahoo and godaddy emails.

When I tested with nmap --traceroute and cURL I see that my outbound connections are going over the dynamic ip address which has port 25 blocked by the isp.

I need to still connect from the LAN because ssh and most other ports are closed to the outside world. Port 25, 80, 443 and a couple others are open to the outside world. All but port 25 seem to be properly handled by their associated applications.

Output of ip show

$ ip route show
default via 192.168.1.254 dev enp4s0f0 proto static metric 100
default via 108.223.xxx.222 dev enp4s0f1 proto static metric 101
default via 108.223.xxx.222 dev enp4s0f3 proto static metric 102
108.223.xxx.217 dev enp4s0f1 proto kernel scope link src 108.223.xxx.217 metric 100
108.223.xxx.217 dev enp4s0f3 proto kernel scope link src 108.223.xxx.217 metric 101
108.223.xxx.218 dev enp4s0f1 proto kernel scope link src 108.223.xxx.218 metric 100
108.223.xxx.218 dev enp4s0f3 proto kernel scope link src 108.223.xxx.218 metric 101
108.223.xxx.219 dev enp4s0f1 proto kernel scope link src 108.223.xxx.219 metric 100
108.223.xxx.219 dev enp4s0f3 proto kernel scope link src 108.223.xxx.219 metric 101
108.223.xxx.220 dev enp4s0f1 proto kernel scope link src 108.223.xxx.220 metric 100
108.223.xxx.220 dev enp4s0f3 proto kernel scope link src 108.223.xxx.220 metric 101
108.223.xxx.221 dev enp4s0f1 proto kernel scope link src 108.223.xxx.221 metric 100
108.223.xxx.221 dev enp4s0f3 proto kernel scope link src 108.223.xxx.221 metric 101
108.223.xxx.222 dev enp4s0f1 proto static scope link metric 100
108.223.xxx.222 dev enp4s0f3 proto static scope link metric 101
192.168.1.0/24 dev enp4s0f0 proto kernel scope link src 192.168.1.71 metric 100
192.168.1.71 dev enp4s0f3 proto kernel scope link src 192.168.1.71 metric 100

Errors from maillog

Dec 16 18:14:53 localhost sendmail[77855]: vBGNErI1077873: [email protected], ctladdr=cdata (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30014, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (vBGNErDq077874 Message accepted for delivery)
Dec 16 18:24:12 localhost sendmail[77855]: vBGGdu99077513: to=<[email protected]>, ctladdr=<[email protected]> (1000/1000), delay=06:44:16, xdelay=00:10:00, mailer=esmtp, pri=750469, relay=alt4.gmail-smtp-in.l.google.com. [108.177.15.26], dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.
Dec 16 18:24:12 localhost sendmail[77855]: vBGGAGt4077433: to=<[email protected]>, ctladdr=<[email protected]> (1000/1000), delay=07:13:56, xdelay=00:00:00, mailer=esmtp, pri=840469, relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.
Dec 16 18:24:12 localhost sendmail[77855]: vBGFweLX077340: to=<[email protected]>, ctladdr=<[email protected]> (1000/1000), delay=07:25:32, xdelay=00:00:00, mailer=esmtp, pri=930469, relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.

Output of netstat -tuplen | grep 25 to check that port 25 is open

$ sudo netstat -tuplen | grep 25
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      0          93443      10849/sendmail: acc

EDIT: The answer that this is marked as a duplicate of talks about relaying a gmail email. I don't think that's what I'm asking for. I'm trying to originate an email from my server, on my domain and ip address, and send that to a remote email server. I read that answer and have tried to glean some insight, but I don't think that it's related. If it is, please explain how it's related.

EDIT AFTER ACCEPTING ANSWER: The answer at CentOS 6.2 sendmail: how to control the ip number used when relaying mail to mx.google.com actually is the right answer, but I would have never recognized it as such because I didn't think that I was relaying an email. Thank you to everyone for helping me get it done.

email-server

1 Answers

  1. Best Answer

    Have a look at https://www.unix-ninja.com/p/Changing_the_Source_IP_Address_in_Sendmail and make sure to absolutely follow the format, you need a back apostrophe before Family (it does not appear in your comment so maybe you forgot it?) . From experience it helps it you put dnl at end of statement so try something like that:

    CLIENT_OPTIONS(`Family=inet, Address=203.0.113.2')dnl

    just replacing the IP by one attached to your server (and make sure that there is no firewall cutting out outgoing connection from this IP).

    Then:

    1. make in the appropriate directory, like /etc/mail
    2. restart sendmail

    After make you can visually examine the .cf file you should see your IP in it, showing that the CLIENT_OPTIONS was properly taken into account.

    As of where to put it, it could be relevant indeed, your files may be already documented, otherwise you would need to show more of your current .mc files.

    • 1