As some of you may recall from a mid-week email, two of my RH7.0 servers were badly hacked Tuesday about 5AM, and I lost ssh and think I received a trojan. Friday the hacking got worse - all outgoing mail was rejected as "relaying denied", so I decided to bite the bullet and format the drive and build a new server. This was made more interesting by the fact the RH7.3 wouldn't finish loading packages until I disconnected my second HD which previously held /var, and my web sites (tried 3-4 times) .. "Kernel unable to reread partition table on /tmp/hdc (device or resource busy)", then hung mid-package loading. Late Saturday afternoon I pulled the plug, and started a RH7.3 install. Midmorning I was done, including security patches and had no internet connection .. couldn't even ping from the server. Fortunately, it was just my ISP picking this time to be down for the first time in months. Now I have one remaining problem which over 8 hours of work has clarified, but not solved. For background, I have the just rebuilt RH7.3 server (A), and two other recently built RH7.3 servers (B) and (C) at a different location and each with its own static IP#, all running sendmail for one or several domains From A - incoming mail seems to be fine From A - I can send mail locally to several domain names that are on the A server From A - I can send email (such as this) out into the world Through A - I have several email addresses which are accessed by others from outside and send mail to another outside address in virtusertable or to an alias which is a list of outside addresses, and these are working From A - I cannot send mail to any of the domains at B or C When I try, I get this on the A sendmail log: Oct 27 19:02:56 bach sendmail[3693]: g9S02uO03693: from=<dick@goodman1.net>, size=316, class=0, nrcp ts=1, msgid=<p04310101b9e23f71eb3e@[192.168.1.9]>, proto=ESMTP, daemon=MTA, relay=host9.goodman1.net [192.168.1.9] Oct 27 19:03:02 bach sendmail[3695]: g9S02uO03693: SYSERR(root): 11harvard.com. config error: mail l oops back to me (MX problem?) Oct 27 19:03:02 bach sendmail[3695]: g9S02uO03693: to=<r.goodman@11harvard.com>, ctladdr=<dick@goodm an1.net> (503/503), delay=00:00:06, xdelay=00:00:06, mailer=esmtp, pri=30316, relay=11harvard.com. [ 66.92.78.250], dsn=5.3.5, stat=Local configuration error Oct 27 19:03:02 bach sendmail[3695]: g9S02uO03693: g9S032O03695: DSN: Local configuration error Oct 27 19:03:02 bach sendmail[3695]: g9S032O03695: to=<dick@goodman1.net>, delay=00:00:00, xdelay=00 :00:00, mailer=local, pri=60416, dsn=2.0.0, stat=Sent Oct 27 19:03:02 bach sendmail[3695]: g9S032O03695: to=root, delay=00:00:00, xdelay=00:00:00, mailer= local, pri=60416, dsn=2.0.0, stat=Sent and this on the B or C sendmail log: Oct 27 19:03:47 boron sendmail[8627]: NOQUEUE: goodman1.net [207.224.28.49] did not issue MAIL/EXPN/ VRFY/ETRN during connection to MTA The part about an MX loop seems similar to what I used to get when I first started using sendmail and would forget to configure /etc/mail/local-host-names, but this file, and access and virtusertable on (A) were backed up before the format and restored - and a make done to regenerate the db files. Here's a sample of the bounce message I get, just to be complete: From MAILER-DAEMON@localhost.localdomain Sun Oct 27 19:03:02 2002 Return-Path: <MAILER-DAEMON@localhost.localdomain> Received: from localhost (localhost) by localhost.localdomain (8.11.6/8.11.6) id g9S032O03695; Sun, 27 Oct 2002 19:03:02 -0500 Date: Sun, 27 Oct 2002 19:03:02 -0500 From: Mail Delivery Subsystem <MAILER-DAEMON@localhost.localdomain> Message-Id: <200210280003.g9S032O03695@localhost.localdomain> To: postmaster@localhost.localdomain To: <dick@goodman1.net> MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="g9S032O03695.1035763382/localhost.localdomain" Subject: Returned mail: see transcript for details Auto-Submitted: auto-generated (failure) This is a MIME-encapsulated message --g9S032O03695.1035763382/localhost.localdomain The original message was received at Sun, 27 Oct 2002 19:02:56 -0500 from host9.goodman1.net [192.168.1.9] ----- The following addresses had permanent fatal errors ----- <r.goodman@11harvard.com> (reason: 553 5.3.5 system config error) ----- Transcript of session follows ----- 553 5.3.5 11harvard.com. config error: mail loops back to me (MX problem?) 554 5.3.5 Local configuration error --g9S032O03695.1035763382/localhost.localdomain Content-Type: message/delivery-status Reporting-MTA: dns; localhost.localdomain Received-From-MTA: DNS; host9.goodman1.net Arrival-Date: Sun, 27 Oct 2002 19:02:56 -0500 Final-Recipient: RFC822; r.goodman@11harvard.com Action: failed Status: 5.3.5 Diagnostic-Code: SMTP; 553 5.3.5 system config error Last-Attempt-Date: Sun, 27 Oct 2002 19:03:02 -0500 --g9S032O03695.1035763382/localhost.localdomain Content-Type: message/rfc822 Return-Path: <dick@goodman1.net> Received: from [192.168.1.9] (host9.goodman1.net [192.168.1.9]) by localhost.localdomain (8.11.6/8.11.6) with ESMTP id g9S02uO03693 for <r.goodman@11harvard.com>; Sun, 27 Oct 2002 19:02:56 -0500 Mime-Version: 1.0 X-Sender: dick@pop.goodman1.net Message-Id: <p04310101b9e23f71eb3e@[192.168.1.9]> Date: Sun, 27 Oct 2002 20:13:10 -0500 To: r.goodman@11harvard.com From: Richard Goodman <dick@goodman1.net> Subject: Test #3 Content-Type: text/plain; charset="us-ascii" ; format="flowed" --------------------- Does anyone have any ideas, or requests for more information? I'm not doing too well after about 24 hours, and I'd really like to solve this mystery. Dick