Emails sent from VMware vCenter Server Appliance are rejected
search cancel

Emails sent from VMware vCenter Server Appliance are rejected

book

Article ID: 328059

calendar_today

Updated On:

Products

VMware

Issue/Introduction

This article provides steps to change the default return-path of emails sent from the vCenter Server Appliance.
 
 


Symptoms:
After deploying the VMware vCenter Server Appliance (VCSA), you experience these symptoms:
  • Emails sent by the VCSA have a return-path of:

    root@VCSA_FQDN
     
  • Emails sent by the VCSA are rejected by a relay server due to an invalid return-path.


Cause

This issue occurs because, by default, vCenter Server Appliance sends notification emails using the root account built into the appliance. Therefore, all emails sent have a default return path of root@VCSA_FQDN.

In some environments, email relay servers are configured to reject any emails that does not contain a valid fully qualify domain name.

Resolution

This issue is resolved in vSphere 6.5 P01, available at VMware Downloads.

To work around this issue if you do not want to upgrade, set the root account on the VCSA to masquerade as another account.

These steps will change the root@VCSA_FQDN email address in sendmail to the configured MASQUERADE ([email protected]) address.

To configure masquerading:

  1. Log in to the VCSA as the root user.
  2. Open the genericstable file in a text editor.

    Note: The default location is /etc/mail/.
     
  3. To define an email address for the root user, add the line:

    root user@domain.com
     
  4. To regenerate the genericstable, run the makemap command:

    makemap -r hash /etc/mail/genericstable.db < /etc/mail/genericstable</font>

    Note: For performance reasons, the Sendmail application does not use the genericstable directly and relies on a hashed version located at /etc/mail/genericstable.db.
     
  5. To configure Sendmail to use the masqueraded account, create a sendmail.mc file by running the command:

    /sbin/conf.d/SuSEconfig.sendmail -m4 > /sendmail.mc
     
  6. Open the sendmail.mc file in a text editor.
  7. Add or modify the lines as indicated in red in these examples:

    Note: Ensure you replace domain.com with the your own domain details.

    ######################################################################
    # /etc/sendmail.cf
    #
    # Generated by /sbin/conf.d/SuSEconfig.sendmail on <YYYY-MM-DD>T<time>
    # controlled by /etc/sysconfig/mail and /etc/sysconfig/sendmail
    #
    ######################################################################
    divert(-1)
    include(`/usr/share/sendmail/m4/cf.m4')
    divert(0)dnl
    VERSIONID(`@(#)Setup for SuSE Linux 8.14.2-0.9 (SuSE Linux) Date')dnl
    OSTYPE(`suse-linux')dnl
    FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
    FEATURE(`greet_pause', `2000')dnl
    FEATURE(genericstable)dnl
    FEATURE(generics_entire_domain)dnl
    FEATURE(`masquerade_envelope')dnl
    FEATURE(`masquerade_entire_domain')dnl
    </time>    MASQUERADE_AS(`domain.com')dnl
    MASQUERADE_DOMAIN(`vcenter_fqdn')dnl
    GENERICS_DOMAIN(`domain.com')dnl
    GENERICS_DOMAIN_FILE(`/etc/mail/genericstable')dnl
    define(`UUCP_MAILER_MAX', `2000000')dnl
    DOMAIN(`generic')dnl
    MAILER(`local')dnl
    MAILER(`smtp')dnl
    MAILER(`procmail')dnl
    MAILER(`uucp')dnl
    MAILER(`bsmtp')dnl
    MAILER(`fido')dnl
    LOCAL_CONFIG
    Cwlocalhost vcenter_FQDN

    Note: See the Additional Information section for more examples.
     
  8. Ensure that the sendmail.cf file, located at /etc/ directory, does not already exist. If the file exists, rename it by running the command:

    mv /etc/sendmail.cf /etc/sendmail.cf.orig
     
  9. To apply the settings defined in step 5, create the new sendmail.cf file by running the command:

    m4 /sendmail.mc > /etc/sendmail.cf
     
  10. Open the sendmail.cf file in a text editor.
  11. Update the SMTP relay address by locating the entry:

    #"Smart" relay host(may be null)
    DS
     
  12. Change the entry to reflect the correct address of your SMTP relay server ensuring you include the brackets:

    #"Smart" relay host(may be null)
    DS[RELAYIPADDRESS]
     
  13. Look for the line:

    C{E}root
     
  14. To allow masquerading of the root address change it to:

    #C{E}root
     
  15. Restart the Sendmail service for the new configuration to take effect by running the command:

    /etc/init.d/sendmail restart
Note: There can also be issues with the hostname that displays similar issues. For more information, see Emails alerts do not send after upgrading to VMware vCenter Server Appliance 5.5 (2064715).


Additional Information

The following steps configure a smart host to route the email to an intermediate mail server:
  1. Log in to the VCSA as the root user.
  2. Open the genericstable file in a text editor.

    Note: The default location is /etc/mail/
     
  3. To define an email address for the root user, add the line:

    root [email protected]
     
  4. To regenerate the genericstable, run the makemap command:

    makemap -r hash /etc/mail/genericstable.db < /etc/mail/genericstable</font>
     
  5. To configure Sendmail to use the masqueraded account, create a sendmail.mc file by running the command:

    /sbin/conf.d/SuSEconfig.sendmail -m4 > /sendmail.mc
     
  6. Open the sendmail.mc file in a text editor.
  7. Add or modify the lines as indicated in red in these examples:

    Note: Ensure you replace otherdomain.com with the your own domain details.

    ######################################################################
    # /etc/sendmail.cf
    #
    # Generated by /sbin/conf.d/SuSEconfig.sendmail on <YYYY-MM-DD>T<time>
    # controlled by /etc/sysconfig/mail and /etc/sysconfig/sendmail
    #
    ######################################################################
    divert(-1)
    include(`/usr/share/sendmail/m4/cf.m4')
    divert(0)dnl
    VERSIONID(`@(#)Setup for SuSE Linux 8.14.2-0.9 (SuSE Linux) Date')dnl
    OSTYPE(`suse-linux')dnl
    FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
    FEATURE(`greet_pause', `2000')dnl
    # Set the domain that should be substituted
    FEATURE(genericstable)dnl
    # Masquerade not just the headers, but the envelope as well
    FEATURE(`masquerade_envelope')dnl
    GENERICS_DOMAIN(`mydomain.com')dnl
    GENERICS_DOMAIN_FILE(`/etc/mail/genericstable')dnl
    define(`UUCP_MAILER_MAX', `2000000')dnl
    # A smart host is a type of email message transfer agent that allows a SMTP server
    # to route email to an intermediate mail server rather than directly to the recipient's server.
    # Ensuring you include the brackets.
    # No need to configure this if you have primary MX record on your DNS server.
    define(`SMART_HOST', `[IP Address]')
    DOMAIN(`generic')dnl
    MAILER(`local')dnl
    MAILER(`smtp')dnl
    MAILER(`procmail')dnl
    MAILER(`uucp')dnl
    MAILER(`bsmtp')dnl
    MAILER(`fido')dnl
    LOCAL_CONFIG
    Cwlocalhost mydomain.com
    # In order for root to masquerade, it must be removed from the default exposed users list.
    dnl # EXPOSE_USER(`root')</time>

    Note: This example shows how to change the return-path email and it may require more settings requested by a relay server. Please consult with your System Administrator.
     
  8. Ensure that the sendmail.cf file, located at /etc/ directory, does not already exist. If the file exists, rename it by running the command:

    mv /etc/sendmail.cf /etc/sendmail.cf.orig
     
  9. To apply the settings defined in step 5, create the new sendmail.cf file by running the command:

    m4 /sendmail.mc > /etc/sendmail.cf
     
  10. Restart the Sendmail service for the new configuration to take effect by running the command:

    /etc/init.d/sendmail restart
Emails alerts do not send after upgrading to VMware vCenter Server Appliance 5.5
VMware vCenter Server Appliance から送信された E メールが拒否される
来自 VMware vCenter Server Appliance 的电子邮件被拒绝

Powered by Wolken Software