08-12-2013 12:02 AM - last edited on 08-12-2013 07:15 PM by Maiko-I
I use sendmail command to send me a mail and got the following error;
Aug 12 14:30:58 HOSTNAME sendmail: OAA03472: from=root, size=70, class="0", pri=30070, nrcpts=1, msgid=<201308120630.OAA03472@hostname.uk>, relay=root@localhost
Aug 12 14:31:04 HOSTNAME sendmail: OAA03472: firstname.lastname@example.org, ctladdr=root (0/3), delay=00:00:06, xdelay=00:00:06, mailer=smtp, relay=smtp.domain.com [IP Address], stat=Service unavailable
Aug 12 14:31:04 HOSTNAME sendmail: OAA03472: forward /.forward.HOSTNAME+: Group writable directory
Aug 12 14:31:04 HOSTNAME sendmail: OAA03472: forward /.forward+: Group writable directory
Aug 12 14:31:04 HOSTNAME sendmail: OAA03472: forward /.forward.HOSTNAME: Group writable directory
Aug 12 14:31:04 HOSTNAME sendmail: OAA03472: forward /.forward: Group writable directory
Aug 12 14:31:04 HOSTNAME sendmail: OAA03472: OAA03474: DSN: Service unavailable
Aug 12 14:31:04 HOSTNAME sendmail: OAA03474: to=root, delay=00:00:00, xdelay=00:00:00, mailer=local, stat=Sent
P.S. this thread has been moved from HP-UX > System Administration to Messaging. - Hp Forum Moderator
08-12-2013 01:26 AM
Your SMTP server (relay=smtp.domain.com [IP Address]) rejected the connection from this server.
Sendmail was sending the error report to the root. As part of this procedure, it checked if the root user had a .forward file configured, and it noticed another problem: your root directory (/) is group-writable.
Change it with:
chmod g-w /
In HP-UX, the root directory is also the default home directory of the root user, so it will be subject to the same permissions checks as the home directory of any user.
If some user has his/her home directory writeable by anyone other than him/herself, the other people could do all kinds of nasty things to that user. For example, they might create a .forward file in that user's home directory to steal the user's incoming emails.
HP-UX allows users to chown their files away to someone else if the user has CHOWN privilege defined... and all users have it by default, because that's how the ancient HP-UX versions used to work. So checking the ownership of the .forward file would not be enough. (See "man 2 chown" and "man setprivgrp" for more information.) Sendmail "knows" this, and checks the ownership of the home directory when checking for the existence of any .forward* files.
According to the messages, the email delivery error report was eventually stored to root's local inbox (/var/mail/root). It might contain more information about why smtp.domain.com rejected your email.
The most common reasons for the mail server rejecting emails coming from a generic Unix server are:
- the Unix server is not properly registered to DNS (to satisfy de-facto mail server requirements, both hostname -> IP and IP -> hostname queries must resolve and contain consistent information: if "nslookup HOSTNAME" says the IP is 126.96.36.199, then "nslookup 188.8.131.52" should say the hostname is HOSTNAME.)
- the email server is configured to allow only specific systems to send email with regular SMTP, and your server is not on the whitelist. In this case, you need to contact the email server administrator to know the requirements: it might be that you must implement authenticated & encrypted SMTP (SMTPS or StartTLS, + SMTP authentication), or just that your server must be added to the list of allowed senders.