Jeremy Mates’s Blog

Mail Transport Agents (MTA) such as Sendmail relay e-mail from senders to recipients, except when things break. This and subsequent articles cover methods to debug e-mail delivery problems. Focus will remain on understanding and debugging SMTP and Unix MTA, though hopefully the methods will abstract to other systems.

A mail administrator should be able to answer the following low-level questions regarding MTA and SMTP. Knowledge of networking protocols and debugging Unix systems will be very helpful.

• How do DNS and hostname settings affect e-mail, and MX records in particular?
• In what ways does the MTA accept e-mail?
• Where does it send the e-mail to?
• Does it route or reject depending on the envelope addresses?
• What is the difference between a envelope address, and a body address?
• Where is the configuration for the MTA located?
• How is the configuration updated? When does the MTA need to be restarted following configuration changes?
• Where do the MTA logs go?
• What do the MTA logs show? Can a message be traced across a system, and then looked up on the next and subsequent SMTP servers?
• What commands show the state of the MTA queue directories?
• What is the difference between a synchronous and an asynchronous bounce of a message?
• How are rejected messages handled?

A mail administrator must be able to generate command line or SMTP test messages, and know how to vary the envelope and body content of these test messages. For example, a report of a mail server that “does not work” should prompt “can I send e-mail to it?” and “what happens to that sent e-mail?” questions easily answered by firing off test messages. Test messages can also narrow the scope of a problem. If a remote server across a Wide Area Network (WAN) has problems receiving e-mail from a server of a different type, a quick way to rule out the WAN would be to test the same set of SMTP software over a Local Area Network (LAN). If the LAN message also fails, the two servers are likely incompatible. If not, what is wrong with the WAN? Is there a firewall that mangles the message? Is the link too slow, or corrupting traffic? Something else?

Also, a mail administrator should also understand the big picture at a site:

• Does the site have any e-mail infrastructure? If not, what do they need?
• What MTA does the site use?
• If more than one MTA, how do they interact? Were any special settings made to support this interaction?
• How does mail route? Is the system centralized, or decentralized?
• How many different e-mail workflows are there? This would include both user e-mail, and any newsletter or mailing list type systems. Do different departments use different e-mail systems?
• Where does bounce e-mail arrive? How is it handled? How does this e-mail feed into different departments that need to handle bounces?

Subsequent articles will cover debugging methods and big picture thoughts in more detail.

Technorati Tags: e-mail, SMTP, Unix