Sendmail Errors

I recently rebuilt my sendmail config file and started noticing the following errors in my /etc/maillog.

  • “No local mailer defined”
  • “QueueDirectory (Q) option must be set”
  • “sendmail.cf line 1: invalid argument to V line: ERSIONID(@#)openbsd”

I searched for some time in Google but was unsuccessful locating how to resolve these problems. So I went to IRC Freenode in the channel #sendmail and ask for help. Cannonball suggested I add “include(`/usr/share/sendmail/m4/cf.m4′)dnl” to my config file without quotes. I added it in on the 3rd line (excluding comments). I rebuilt my config with “m4 openbsd-localhost.mc > /etc/mail/sendmail.cf”. Then killed the service sendmail (kill -HUP PID) and restarted sendmial. All the error messages disappeared. Thanks cannonball for helping out, much appreciated.

Here’s my sendmail mc file which is /usr/share/sendmail/cf/openbsd-localhost.mc with the added include line and define statement for smart_host.

divert(-1)
#
# Copyright (c) 1998 Sendmail, Inc.  All rights reserved.
# Copyright (c) 1983 Eric P. Allman.  All rights reserved.
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#  This configuration only runs sendmail on the localhost interface.
#  This allows mail on the local host to work without accepting
#  connections from the net at large.
#

divert(0)dnl
include(`/usr/share/sendmail/m4/cf.m4')dnl
VERSIONID(`@(#)openbsd-localhost-smarthost.mc $Revision: 1.4 $')
OSTYPE(openbsd)dnl
FEATURE(nouucp, `reject')dnl
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`no_default_msa')dnl
define(`SMART_HOST',`10.10.8.1')dnl
MAILER(local)dnl
MAILER(smtp)dnl
DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Name=MTA')dnl
DAEMON_OPTIONS(`Family=inet6, address=::1, Name=MTA6, M=O')dnl
DAEMON_OPTIONS(`Family=inet, address=127.0.0.1, Port=587, Name=MSA, M=E')dnl
DAEMON_OPTIONS(`Family=inet6, address=::1, Port=587, Name=MSA6, M=O, M=E')dnl
CLIENT_OPTIONS(`Family=inet6, Address=::')dnl
CLIENT_OPTIONS(`Family=inet, Address=0.0.0.0')dnl
dnl
dnl Some broken nameservers will return SERVFAIL (a temporary failure)
dnl on T_AAAA (IPv6) lookups.
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl

How To – Change Server Name/Hostname/Gateway/IP Addresses on OpenBSD

Changing the name/IP address of the server is quite simple. Using your favorite text editor editing the following files and change all reference to server name and server IP address.

  • /etc/hosts
  • /etc/hosts.allow
  • /etc/hosts.deny
  • /etc/mygate
  • /etc/myname
  • /etc/hostname.*
  • /etc/resolv.conf
  • /etc/nttpd.conf
  • /var/www/conf/httpd.conf

At the command prompt run the following command to reconfigure your NIC with the new IP address and applicable netmask.

# ifconfig le1 inet IP_ADDRESS_HERE netmask NETMASK_HERE

The “le1″ is the device name of the NIC. Not sure what the NIC device name is? At the console prompt type without quotes “ifconfig -a” and locate the network card device name.

If you make modifications to NIC called rl0 by editing the /etc/hostname.rl0 or modify /etc/mygate/ (default gateway) file you will then need to restart / reset / update TCP/IP configuration including routing table and set up the default routes by issuing the following command.

# sh /etc/netstart rl0

To stop network service and transmission via a NIC

# ifconfig rl0 down

To start network service and transmission via a NIC

# ifconfig pnc0 up

Source: OpenBSD FAQ – Networking
Source: OpenBSD Restart Networking Service

OpenBSD File System Corruption – Partitions Not Mounting

I came into work one morning and found out that my database server running OpenBSD with MySQL was no longer running and would not boot up. With a little bit of research I determined that the server went down two days before (over the weekend) and that the file system appeared to be corrupted on two partitions. A co-worker found out that the server’s primary channel on the motherboard was damage. So switched the hard drive over to the secondary channel. This I thought was odd but appeared to be true. I looked at the server and tried to get it to boot up myself. No luck as I was receiving two similar error messages as shown below. I apologize for it not being exact I was in a hurry and panicking to get the server back up and running.

Error Messages – (approximate message)

/dev/rwd0e (/var/): incorrect block count I=36484 (6 should be 0) (corr.) 15025024 DUP I=3515543.
/dev/rwd0g (/usr/): incorrect block count I=36484 (6 should be 0) (corr.) 15025024 DUP I=3515543.
Run fsck_ffs manually.

Solution

After moving the hard drive over to the secondary channel I was prompted at boot “Enter pathname of shell or RETURN for Sh:”. Now due to the fact that my CLI was in the damanged partition (/usr/local/bin/bash) I entered at the prompt “/bin/csh” without quotes and pressed enter. Now that I was into the system I ran “fsck_ffs /dev/rwd0e” and “fsck_ffs /dev/rwd0g” without quotes multiple times. It took me roughly 4 hours to resolve the problem. There was a lot of damage but nothing major or anything that was important. The database data was not affected except for a one log file.

As for how to use fsck_ffs after you run the command I just answered each questions it prompted me for. It’s quite interactive. I do ad might that I wasn’t sure what to say on some of them and wish I had a better understand of it. If anyone knows of good material that explains the fsck_ffs better and how the whole BSD file system works, please let me know.

Thanks to users in the IRC channels for OpenBSD

Saying all this I have to say thanks to all the people on IRC EFNet and Freenode in the channel #OpenBSD. Thanks to a few comments I was able to understand how to use fsck_ffs. Prior to this event I never have worked with fsck_ffs before. Again thanks everyone!

Daily insecurity output: The root path includes .

This insecurity warning occurs due to the root user’s root path is included in the environment variable PATH. The root’s path should never contain “.” as this is a security risk. For example, if the root’s path included “.” and a user happen to create a file that was named ls but contained a command to remove the $HOME the root’s home directory would be deleted.

The solution to the matter is to edit the root’s /root/.profile and remove “.” from the PATH environment variable.

Example
Current environment variable PATH:
PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:.

Remove “:.”, which would now look like this:
PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin

Sendmail – DSN: Service unavailable

I have a OpenBSD 3.7 i386 server setup to use Sendmail for outgoing only. Sendmail is in default configuration with only modifications to the mail aliases (/etc/mail/aliases).

I recently started noticing that I was not receiving any emails from the server. Right away I went and looked at my /var/log/maillog to see what was going on and also checked /var/spool/mqueue and /var/spool/mqueue. I noticed two things in the maillog it referred to “DSN: Service unavailable” and “dsn=5.0.0, stat=Service unavailable” and noticed a huge amount of emails sitting in my /var/spool/clientmqueue directory.

As usual I went to Google to see if I could find an answer but was having difficulty. So I went to IRC EFNet #OpenBSD channel. With some help by NicM and amonk I was able to resolve the problem. Thanks guys. The problem lies in how you have your /etc/hosts, /etc/hosts.allow and /etc/hosts.deny. Here’s what I did.

I removed any reference to localhost.domain.com in my hosts file and then also replaced ALL:LOCAL with ALL: 127.0.0.1 in my hosts.allow. The combination of the two caused the emails to not pass through. As soon as these changes were done email started passing through. If for some reason based on your configuration of those three files (hosts/hosts.allow/hosts.deny) this does not resolve you can add sendmail: localhost in your hosts.allow file. If this doesn’t resolve the problem use the below recommend resources I found useful.

Resource: Enhanced Mail System Status Codes (rfc 1893) – Look up status code meaning (i.e. 5.0.0).
Resource: MTP Service Extension for Returning Enhanced Error Codes (rfc 2034)
Resource: Web Server Talk > Email Servers > Sendmail support > DSN: Service Unavailable