f



Even LogLevel=98 doesn't log SMTP conversation when sendmail is not recipient SMTP server

I've got an odd issue where an on-premise sendmail relaying to our Office 3=
65 cloud serves is seeing rejections.  The sendmail log at LogLevel 9 and h=
igher records a=20

dsn=3D5.1.8, stat=3DUser unknown

When I engaged MS Support, they respond that this is not an Exchange error =
and the problem is on the Sendmail side.

An obfuscated full log from Sendmail is=20

Dec  7 12:05:55 canit3 sendmail[25817]: uB7I5o3g025814: to=3D<user@tenant.m=
ail.onmicrosoft.com>, delay=3D00:00:05, xdelay=3D00:00:05, mailer=3Desmtp, =
pri=3D160891, relay=3Dtenant-mail-onm...ction.outlook.com. [216.32.180.170]=
, dsn=3D5.1.8, stat=3DUser unknown

I've used openssl to do a STARTTLS SMTP test and I know that the complete M=
S response, after the RCPT TO: <user@tenant.mail.onmicrosoft.com> command i=
s:

550 5.1.8 Access denied, bad outbound sender

But, MS refuses to take that as definitive and want me to "engage sendmail =
support" to get the SMTP conversation during these failures.

I tried setting LogLevel=3D12, which is supposed to log all SMTP conversati=
ons.  However, all of these are received from an internal mail server by Se=
nmdail and then forwarded to Microsoft.  When I try LogLevel 12 and even Lo=
gLevel 98, I get the SMTP conversation between Sendmail and my internal ser=
ver (when sendmail acts at the receving SMTP server.) but I do not get the =
SMTP conversation when Sendmail acts as the sending SMTP server.


I've even played with custom logging using SRcpt_ok and variations, but all=
 only seem to apply when Sendmail is the recipient server.

Is there any way to get Sendmail to log the SMTP conversation when it is th=
e sending server?

Sendmail is stock from a CentOS 6 install, so it is not the latest--though,=
 I will change that if it will make a difference. Version is sendmail.x86_6=
4 8.14.4-9.el6_8.1.



0
trushing
12/7/2016 6:48:00 PM
comp.mail.sendmail 13518 articles. 1 followers. jfretby (35) is leader. Post Follow

2 Replies
121 Views

Similar Articles

[PageSpeed] 30

> to=<user@tenant.mail.onmicrosoft.com>, delay=00:00:05, xdelay=00:00:05, mailer=esmtp,
> pri=160891, relay=tenant-mail-onm...ction.outlook.com. [216.32.180.170], dsn=5.1.8,
> stat=User unknown

> I've used openssl to do a STARTTLS SMTP test and I know that the complete MS response, after
> the RCPT TO: <user@tenant.mail.onmicrosoft.com> command is:
              ^ no space -- see the fine RFC.
> 
> 550 5.1.8 Access denied, bad outbound sender

> But, MS refuses to take that as definitive and want me to "engage sendmail support" to get
> the SMTP conversation during these failures.

And they can't check their own log?

> Is there any way to get Sendmail to log the SMTP conversation when it is the sending server?

You can run sendmail in verbose mode, e.g.,

date | sendmail -v -Am -fYOUR@ENVELOPE.SENDER.HERE user@tenant.mail.onmicrosoft.com

Or download the most recent version and compile it with _FFR_LOGREPLY

-- 
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.
0
Claus
12/7/2016 10:34:43 PM
On Wednesday, December 7, 2016 at 4:50:03 PM UTC-6, Claus A=C3=9Fmann wrote=
:

> > But, MS refuses to take that as definitive and want me to "engage sendm=
ail support" to get
> > the SMTP conversation during these failures.
>=20
> And they can't check their own log?
>=20

Only the same thing I've been asking them for a month.  I'm so many layers =
away from the person that actually has access to the logs that it is not go=
ing to happen.  I have a sending and receiving IP address and an NTP sync'd=
 log.  You'd think it would be pretty easy.

> > Is there any way to get Sendmail to log the SMTP conversation when it i=
s the sending server?
>=20
> You can run sendmail in verbose mode, e.g.,
>=20
> date | sendmail -v -Am -fYOUR@ENVELOPE.SENDER.HERE user@tenant.mail.onmic=
rosoft.com
>=20


Perfect!  That works.  Now I'll  go tilt at more windmills.

Thanks.
0
trushing
12/8/2016 4:14:35 PM
Reply: