Forcing Sendmail to talk plain SMTP

While routinely checking out our mail queue I noticed a message stuck in it with an explanation I never saw before:

Deferred: 402 4.5.2 Error: command not recognized

Command not recognized? What is that supposed to mean? I ran sendmail -q -v manually and observed the following dialogue:

>>> 220 *******************************
<<< EHLO csltd.com.ua
>>> 402 4.5.2 Error: command not recognized
<<< QUIT
>>> 221 2.0.0 Bye

It looked like the remote mail server did not recognize Extented SMTP EHLO command. However, instead of replying with 500 error code (as it should when it does not recognize a command), it replied with 402 "temporary failure" code. Had it replied with the correct 500 code, our Sendmail would fall back to normal SMTP and retry with HELO command. But with 402 reply our Sendmail deferred the message.

Further analysis showed that the remote site deployed an overly clever Cisco firewall that filtered SMTP traffic. The firewall was configured (intentionally or not) to allow only plain SMTP commands. Anything else, including ESMTP EHLO, it replaced with XXXX. On top of that, the mail server software replied with an incorrect error code to the unknown command.

What a mess. How could I work around this? I had to force our Sendmail to talk plain SMTP to that particular remote server. This can be easily done with mailertable. Assume for the sake of example that the remote domain was brokensmtp.com. In /etc/mail/mailertable, I added the following entry:

brokensmtp.com       smtp:brokensmtp.com

The key here is that I specify smtp mailer instead of the default esmtp. Ran make in /etc/mail directory to rebuild the mailertable, and the issue was solved.

Windows 2003 Server cannot access Samba share

We migrated a certain application from a Windows XP workstation to Windows Server 2003 and faced the following issue. The Windows Server 2003 computer could not access a share on a remote Samba server that is running in security = server mode. Attempts to access the remote share resulted in this error message:

\\server is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.

The request is not supported.

For various reasons we could not change the Samba server security mode to ADS. A workaround, however, was found here.

On Windows Server, start Local Security Policies, navigate to Local Policies --> Security Options. Open the "Network Security: LAN Manager Authentication Level" setting and set it to "Send LM and NTLM responses".

After that, remote Samba share is accessible. No reboot necessary.

Анекдоты о кризисе

- Папа, а нас кризис затронет?

- Сынок, это олигархов он затронет, а нам - капец.

***

Только в Украине! Закажите финансовый кризис, и получите в подарок политический!

***

Как поступает премьер-министр, если за два дня курс национальной валюты обваливается на 25 %, инфляция за год составляет 20%, производство падает на 4%, половина металлургических комбинатов остановлена, 5 системных банков на грани банкротства?

В Голландии - сдает в бюджет все семейные ценности и ездит на велосипеде.

В Англии - уходит в отставку и пишет покаянные мемуары.

В Японии - совершает харакири.

В Украине - выигрывает парламентские и президентские выборы...

***

-Почему цена нефти в мире падает, а бензина в Украине - растет?

-Видимо, дорожает то, чем у нас бензин разбавляют.