7

I have a small server (Ubuntu 10.04) at my house and I would like to forward root's email to my gmail hosted domain to get security notifications and what not.

I ripped everything out and started from scratch and ran into some other issues.

I now have sendmail working in the sense that I can mail some@external.com and get the mail.

HOWEVER, adding an address to /root/.forward does not actually forward the message. I get the following in my logs:

Dec 22 14:04:37 batcave sendmail[4695]: 
       oBML4bAT004695: to=<root@batcave>, ctladdr=aburns (1000/1000), 
       delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30075, 
       relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (oBML4bJ9004696 
       Message accepted for delivery)
Dec 22 14:04:39 batcave sm-mta[4698]: STARTTLS=client, relay=[69.145.248.18],
       version=TLSv1/SSLv3, verify=FAIL, cipher=DES-CBC3-SHA, bits=168/168
Dec 22 14:04:40 batcave sm-mta[4698]: oBML4bJ9004696: to=<root@batcave.net>,
       ctladdr=<aburns@bresnan.net> (1000/1000), delay=00:00:03, xdelay=00:00:03,
       mailer=relay, pri=120336, relay=[69.145.248.18] [69.145.248.18], 
       dsn=2.0.0, stat=Sent (OK 01/D4-00853-216621D4)

You can see where my local sendmail instance accepts it then hands it off to my ISP, but with the wrong address (root@batcave.net).

ErebusBat
  • 905
  • 4
  • 12
  • 21

3 Answers3

16

Instead of using /root/.forward, have you tried putting

root: me@batcavern.com

into /etc/aliases?

(Note that you need to run newaliases after updating the aliases file.)

Steven Monday
  • 13,019
  • 4
  • 35
  • 45
1

The most likely reason is reverse DNS: does the IP of your box have an RR DNS entry? Doing a forward lookup on the host shown in the logs (assuming you didn't modify) gives:

[root@ryor:~] dig batcave.batcavern.com

; <<>> DiG 9.3.4-P1.1 <<>> batcave.batcavern.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7005
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;batcave.batcavern.com.         IN      A

;; AUTHORITY SECTION:
batcavern.com.          3600    IN      SOA     ns1.sitelutions.com. erebusbat.batcavern.com. 54 28000 7200 604800 5

;; Query time: 503 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 29 22:02:30 2010
;; MSG SIZE  rcvd: 101

[root@ryor:~]

So it looks as if it doesn't even have an A record. An SMTP host hoping to deliver mail and not be considered a spam relay needs to have both A and RR records.

Zayne S Halsall
  • 1,902
  • 15
  • 19
  • No it does not have an A record because it is just a little home server. Can I configure postfix to relay through my ISP/gmail? – ErebusBat Nov 30 '10 at 04:37
  • Through your ISP - generally yes, quite easily. Take a look at the *main.cf* variable `relayhost` (http://www.postfix.org/postconf.5.html#relayhost). – Zayne S Halsall Nov 30 '10 at 11:29
  • Dare I say postfix is easier to configure for this as all you need to so is define the destination for 'root' in the /etc/postfix/aliases or /etc/aliases file. – Linker3000 Dec 22 '10 at 23:13
0

If you've got a dynamic IP, check out dyndns.com. It'll let you get an A record for your domain that'll update to match your IP.

Tex
  • 19
  • 3
  • I appreciate the answer Tex; however the domain (batcavern.com) already exists and has other servers. Also I believe that email uses reverse DNS which I won't have for this box (it is at home on my cable modem). – ErebusBat Dec 10 '10 at 14:45
  • Would it be possible to add an SPF record for your DNS? It's not quite reverse DNS...but it does help imply that the mail server is authenticated in some way (compared to just a regular IP range for a home network IP. http://www.openspf.org/ I know these used to help pass messages through some methods of spam filtering – Tex Dec 14 '10 at 01:35