Cannot mail from DMZ to Intranet using mail command

Web Server Talk > Unix and Linux reviews > Free Unix support > Unix administration > Cannot mail from DMZ to Intranet using mail command

Last Thread Next Thread Next

Cannot mail from DMZ to Intranet using mail command

Shyamsunder Haldar

03-24-04 05:35 AM

Hi,

I am running Solaris 7 on one of my servers on the DMZ, and my Mail
server is MS Exchange.
I am not able to send mail from my DMZ to the Intranet.
The SMTP ports have been opened on the firewall for the Solaris Server
to talk to the Mail Server on the Intranet.
The DNS ports have also been opened for the DMZ servers to talk ro the
DNS Servers on the Intranet.

When I use the mail command, I am not able to receive the mails...
$ echo "Test Message" | mailx -s "Test Subject" web.ops@geasn.ge.com

When I snoop for the above command, I get...

tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36519
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36519
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519 220
USWAUMSXBHMEDGE.
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36519
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36519 EHLO
tlt01_hme0.med.
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519
250-USWAUMSXBHMEDGE.
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36519 MAIL
From:<shaldar@t
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519 250 OK - mail
from <
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36519


But, when I use telnet to connect to the SMTP port and use the SMTP
commands, I am able to send mails.

$ telnet amermsx.med.ge.com smtp
Trying 3.57.24.56...
Connected to amermsx.med.ge.com.
Escape character is '^]'.
220 uswaumsxb3medge.med.ge.com ESMTP Server (Microsoft Exchange
Internet Mail Service 5.5.2656.59) ready
EHLO tlt01_hme0.med.ge.com
250-uswaumsxb3medge.med.ge.com Hello [uswaucs03]
250-XEXCH50
250-HELP
250-ETRN
250-DSN
250-SIZE 4096000
250-AUTH LOGIN
250 AUTH=LOGIN
MAIL From:<shaldar@tlt01_hme0.med.ge.com>
250 OK - mail from <shaldar@tlt01_hme0.med.ge.com>
RCPT TO: <web.ops@geasn.ge.com>
250 OK - Recipient <web.ops@geasn.ge.com>
DATA
354 Send data.  End with CRLF.CRLF
Subject: Test Message from root
Hi,

This is a test Message.

Regards
shaldar.
.
250 OK
QUIT
221 closing connection
Connection closed by foreign host.

I am also attaching the snoop output for the above Telnet Session...

tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556 220
uswaumsxb3medge.
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 EHLO
tlt01_hme0.med.
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
250-uswaumsxb3medge.
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 MAIL
From:<shaldar@t
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556 250 OK - mail
from <
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 RCPT TO:
<web.ops@ge
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556 250 OK -
Recipient <
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 DATA\r\n
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556 354 Send data.
End
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 Subject: Test
Messag
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 Hi,\r\n\r\nThis
is a tes
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 root.\r\n
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556 250 OK\r\n
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556 QUIT\r\n
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556 221 closing
connecti
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
tlt01_hme0 -> amermsx.med.ge.com SMTP C port=36556
amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556

When I run the mail command to check for mails, I get the following...

From MAILER-DAEMON Mon Mar 22 17:28:38 2004
Date: Mon, 22 Mar 2004 17:28:38 +1100 (EST)
From: Mail Delivery Subsystem <MAILER-DAEMON>
Message-Id: <200403220628.i2M6Oq902469@tlt01_hme0.med.ge.com>
To: shaldar
Subject: Warning: could not send message for past 4 hours
Content-Length: 1673

This is a MIME-encapsulated message

--i2M6Oq902469.1079936918/tlt01_hme0.med.ge.com

 ****************************************
******
**      THIS IS A WARNING MESSAGE ONLY      **
**  YOU DO NOT NEED TO RESEND YOUR MESSAGE  **
 ****************************************
******

The original message was received at Mon, 22 Mar 2004 13:21:30 +1100
(EST)
from shaldar@localhost

----- The following addresses had transient non-fatal errors -----
web.ops@geasn.ge.com

----- Transcript of session follows -----
451 4.4.1 reply: read error from amermsx.med.ge.com.
web.ops@geasn.ge.com... Deferred: Connection timed out with
amermsx2.med.ge.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old

--i2M6Oq902469.1079936918/tlt01_hme0.med.ge.com
Content-Type: message/delivery-status

Reporting-MTA: dns; tlt01_hme0.med.ge.com
Arrival-Date: Mon, 22 Mar 2004 13:21:30 +1100 (EST)

Final-Recipient: RFC822; web.ops@geasn.ge.com
Action: delayed
Status: 4.4.1
Remote-MTA: DNS; amermsx2.med.ge.com
Last-Attempt-Date: Mon, 22 Mar 2004 17:28:38 +1100 (EST)
Will-Retry-Until: Sat, 27 Mar 2004 13:21:30 +1100 (EST)

--i2M6Oq902469.1079936918/tlt01_hme0.med.ge.com
Content-Type: message/rfc822

Return-Path: <shaldar>
Received: (from shaldar@localhost)
by tlt01_hme0.med.ge.com (8.11.7+Sun/8.10.2) id i2M2LUI28152
for web.ops@geasn.ge.com; Mon, 22 Mar 2004 13:21:30 +1100
(EST)
Date: Mon, 22 Mar 2004 13:21:30 +1100 (EST)
From: shaldar
Message-Id: <200403220221.i2M2LUI28152@tlt01_hme0.med.ge.com>
Content-Type: text
MIME-Version: 1.0

test mail


--i2M6Oq902469.1079936918/tlt01_hme0.med.ge.com--






I am not sure where the problem is nor been able to find any solution
on this.
Any help on this would be greatly appreciated.

Thanks in advance.

Regards
Shyam.

[ Post a follow-up to this message ]

Re: Cannot mail from DMZ to Intranet using mail command

Mr. Johan Andersson

03-24-04 07:34 AM



On Wed, 23 Mar 2004, Shyamsunder Haldar wrote:

> Hi,
>
> I am running Solaris 7 on one of my servers on the DMZ, and my Mail
> server is MS Exchange.
> I am not able to send mail from my DMZ to the Intranet.
> The SMTP ports have been opened on the firewall for the Solaris Server
> to talk to the Mail Server on the Intranet.
> The DNS ports have also been opened for the DMZ servers to talk ro the
> DNS Servers on the Intranet.

kk

> When I use the mail command, I am not able to receive the mails...
> $ echo "Test Message" | mailx -s "Test Subject" web.ops@geasn.ge.com
>
> When I snoop for the above command, I get...

<snip>

> amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519
> 250-USWAUMSXBHMEDGE.

<snip>

>
> But, when I use telnet to connect to the SMTP port and use the SMTP
> commands, I am able to send mails.
>
> $ telnet amermsx.med.ge.com smtp
> 250-uswaumsxb3medge.med.ge.com Hello [uswaucs03]

<snip>

> I am also attaching the snoop output for the above Telnet Session...

<snip>

> amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36556
> 250-uswaumsxb3medge.

<snip>

> When I run the mail command to check for mails, I get the following...
>
> From MAILER-DAEMON Mon Mar 22 17:28:38 2004
> Date: Mon, 22 Mar 2004 17:28:38 +1100 (EST)
> From: Mail Delivery Subsystem <MAILER-DAEMON>
> Message-Id: <200403220628.i2M6Oq902469@tlt01_hme0.med.ge.com>
> To: shaldar
> Subject: Warning: could not send message for past 4 hours
> Content-Length: 1673

<snip>

>
> I am not sure where the problem is nor been able to find any solution
> on this.
> Any help on this would be greatly appreciated.
>
> Thanks in advance.
>
> Regards
> Shyam.
>

As you can see from the logs, different servers seems to respond...
Check you config files.

In your telnet example, your answer comes from uswaumsxb3medge
in your mailx example from USWAUMSXBHMEDGE

I dont know what makes the difference, but I would start there.

/Johan A

[ Post a follow-up to this message ]

Re: Cannot mail from DMZ to Intranet using mail command

Dave Hinz

03-24-04 03:39 PM

On Wed, 23 Mar 2004, Shyamsunder Haldar wrote:

> Hi,
>
> I am running Solaris 7 on one of my servers on the DMZ, and my Mail
> server is MS Exchange.
> I am not able to send mail from my DMZ to the Intranet.
> The SMTP ports have been opened on the firewall for the Solaris Server
> to talk to the Mail Server on the Intranet.
> amermsx.med.ge.com -> tlt01_hme0   SMTP R port=36519
<snip>
> $ telnet amermsx.med.ge.com smtp
> 250-uswaumsxb3medge.med.ge.com Hello [uswaucs03]
>
> I am not sure where the problem is nor been able to find any solution
> on this.

Perhaps if your CIO, Mitchell Habib, hadn't laid off 1/3 of the experienced
unix sysadmins every 2 years for the last decade, you could call some of
them (us) to ask for help.  As it is, it seems that the people who have the
answers, are no longer employed by GE Medical.  I can name about a dozen
folks, personally, who fit that description on both counts.

Perhaps you could talk to the exchange team in Waukesha?  It's their
host, after all.  Maybe there are enough of them left to be able to know
how it works.  Email me for a few likely names if you need guidance
on who to try to ask.

I can't help but think that advertising that you're (still!) running
Solaris 7 in the DMZ, and giving other details without obscuring
even the hostnames, isn't particularly wise from a security standpoint.

[ Post a follow-up to this message ]