Where my RHEL get the external smtp server/relay address?

Latest response

Hi there,
This question confused me for some days: I can see there are some lines in /var/log/maillog indicating postfix are trying to send email to somebody via the smtp server, like this:
Apr 5 01:02:47 MyRHELServer postfix/smtp[25911]: 25AB2100337: to=admin@mydomain.com, relay=smtp.dsc.MyDomain[xxx.xxx.xxx.xxx]:25, delay=6.7, delays=0.01/0/1.4/5.3, dsn=5.7.1, status=bounced (host smtp.MyDomain[xxx.xxx.xxx.xxx] said: 530 5.7.1 Client was not authenticated (in reply to MAIL FROM command))

What make me confused is: I cannot find smtp setting in any of these files: /etc/mail.rc (I don't find etc/nail.rc), and /etc/postfix/mail.cf, /etc/postfix/master.cf, or any other file I know, I cannot see how this external smtp server/relay was configured. how the server know he can use smtp.dsc.MyDomain[xxx.xxx.xxx.xxx]:25 as an external smtp server to send email?

Please help me out. Many thanks!

Responses

Hi Michael,

It looks like someone tries to send a mail to the server MyRHELServer. Am I correct?

If MyRHELServer is receiving mail, it does not need a relayhost in the postfix configuratie. A relayhost is only needed to channel outbound mail (sending mail).

Kind regards,

Jan Gerrit

Hi Jan, thanks for reply. It looks like this email is going to send to " admin@mydomain.com" because the start of this log is "to=admin@mydomain.com"...anyway, regardless who this server want to send the email to, how the server know the external smtp server name and IP address? it must be configured somewhere, but I just don't know which file contains this setting. I'm newbie for linux and I did google search for RHEL email settings, all I get is to find such configureation in /etc/mail.rc, or /etc/postfix/main.cf, but I what I can find in these files are all default settings, with "#" before lines.

How can I know, where, in which file, this smtp server name might be configured? is it possible to search all files contain this string "smtp.dsc.MyDomain" to find out? Thanks

You can freely search over the entirety of the /etc directory tree if you feel like it:

# grep -r -i smtp.dc.MyDomain /etc

But I'm guessing you probably won't find anything, because your Postfix is probably getting the information from the DNS.

Unless it's been specifically configured to use only a specific SMTP server for outgoing emails, Postfix, like Sendmail before it, will assume that it is a mail server in a system whose IP address has been properly registered to the global public DNS and can freely send and receive email to/from anywhere.

For outgoing email, Postfix (or any full-featured email server) reads the domain part of the destination address, and then makes a DNS lookup for MX records (Mail Exchanger records = a type of DNS records specifically for email routing). You could do the same yourself with the "dig" command, and you might get a response similar to this:

$ dig +short mydomain.com MX
10 smtp.dsc.MyDomain.

The response will usually be a list of fully-qualified DNS hostnames of SMTP servers that are receiving mail for that particular domain, prefixed with priority numbers: smaller number = greater preference. It is a recommended practice to not assign consecutive priority numbers, to allow adding new records in between existing ones in the future.

If in your example mydomain.com would not have any MX records configured, then Postfix would fall back to attempting to deliver the mail to the host named literally "mydomain.com". If there is no IP address record for that name, or if the address exists but won't accept SMTP, Postfix would return ("bounce") the mail back to your inbox with an error message prefixed to it.

Many thanks Matti, your answer really helped me out of the confusion. I marked your answer as best response and this discussion closed.

Best Regards, Michael