VMware Cloud Community
dineshgoundar
Enthusiast
Enthusiast

vCenter Appliance 6.0 Email Notification Issue

Hi all,

I have deployed vCenter appliance 6.0 but it is not able to send out email alerts. I came across this KB article: VMware KB: Emails sent from VMware vCenter Server Appliance are rejected but this is not working for me. Am not sure where the issue is. Though when I run one of the commands in the KB, I get a warning. The command is

     /sbin/conf.d/SuSEconfig.sendmail -m4 > /sendmail.mc

The warning is:

    Warning! MD5DIR is not set: you probably called this script outside SuSEconfig...!

     Using MD5DIR="/var/adm/SuSEconfig/md5"...

I am not much of a linux person so please excuse my ignorance if this can be safely ignored.

The email is received at the SMTP server but the sender email address is <garbage.garbage@<vCenter appliance FQDN>. Now this is dropped by the mail servers as it does not conform to the correct format. If I use PowerCLI, I am able to connect to the vCenter and send the email with this syntax:

     send-mailmessage -smtp <smtp server> -to <receiver email address> -Subject "Subject" -from <sender email address>

Any ideas what is going on. I have a ticket open but GSS is not being very useful.

Reply
0 Kudos
4 Replies
dineshgoundar
Enthusiast
Enthusiast

Ok so after wrecking my head for one whole afternoon (and GSS didnt call me back even though we had a webex session scheduled), here is what I did to get this partiallyworking. Why partially you may ask. Well our email domain is different from our AD domain. Email is say redline.com while active directory is red.com. I am now able to send emails that end with @red.com. If I change the sender email address to @redline.com (which it should be), the email is received from @www.redline.com. So this is what is left to be fixed.

So the solution. The VMware KB is not entirely correct. Follow the KB up till step 6. The contents of your sendmail.mc file will not match with whats provided in step 7. So copy the content of sendmail.mc file in step 7 to your sendmail.mc file (of course change the domain to match your domain). I replaced the domain in the file with my AD domain. Follow the rest of the steps as it is. This worked for me.

Also, I noticed if I change the SMTP address in the GUI of vSphere client (yes I used vSphere client instead of web client), the sendmail.cf file gets updated and removes # in front of C{E} root. So if you change your SMTP server, go and update the sendmail.cf file again to add #.

So if there are any sendmail gurus out there, can you advise how I can enable emails be sent with from normal email addresses ending with regular email domain (@redline.com) instead of AD domain (red.com).

Reply
0 Kudos
mpanasci
Contributor
Contributor

Hi,

you should be careful about the settings in red because the original sendmail.cf file doesn't contain all parameters. For me worked like a charm.

######################################################################
# /etc/sendmail.cf
#
# Generated by /sbin/conf.d/SuSEconfig.sendmail on <YYYY-MM-DD>T<TIME>
# controlled by /etc/sysconfig/mail and /etc/sysconfig/sendmail
#
######################################################################
divert(-1)
include(`/usr/share/sendmail/m4/cf.m4')
divert(0)dnl
VERSIONID(`@(#)Setup for SuSE Linux 8.14.2-0.9 (SuSE Linux) Date')dnl
OSTYPE(`suse-linux')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`greet_pause', `2000')dnl
FEATURE(genericstable)dnl
FEATURE(generics_entire_domain)dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`masquerade_entire_domain')dnl

MASQUERADE_AS(`domain.com')dnl

MASQUERADE_DOMAIN(`vcenter.domain.local')dnl
GENERICS_DOMAIN(`domain.com')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/genericstable')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
DOMAIN(`generic')dnl
MAILER(`local')dnl
MAILER(`smtp')dnl
MAILER(`procmail')dnl
MAILER(`uucp')dnl
MAILER(`bsmtp')dnl
MAILER(`fido')dnl
LOCAL_CONFIG
Cwlocalhost vcenter.domain.local

Reply
0 Kudos
marcony
Enthusiast
Enthusiast

Hi,

to add to this discussion: I encountered the same issue as you, and following VMware KB article that is mentioned, I also fixed the issue (need to change sendmail.mc a little bit different then explained in KB article).

But, there is still one important detail, that causes the solution not to be compliant from security area. In generated notification message, sender address is correct (for example: sender@comp.public.com) but Return-Path address that vCSA is generating, still points to root account, i.e. root@comp.public.com.

It seems not a big deal, but Return-Path email address is part of message header, and some MAIL servers are sending any return messages (due to some error condition) to Return-Path email address, not to sender email address.

So, instead of having sender address (sender@comp.public.com) in both email header parts (i.e.: Sender email address, Return-Path email address), my vCSA is sending Return-Path as root@comp.public.com. This email address does not even exist on our SMTP server, nor be configured (from business reasons). What is more important, compliance with security policy is not achieved, as Return-Path address within any messages generated by our MAIL server, cannot point to not-existent email address.

I tried to find solution over Internet, but there seems not to be any useful article, that explains how to change particularly only Return-Path, not affecting sender address. If anyone have some idea, I would appreciate that.

Reply
0 Kudos
McBobby
Contributor
Contributor

I was having trouble with the return-path too and was finally able to get it changed by tweaking the VMware instructions with a Sendmail config guide that I found.

SENDMAIL: Some basic configurations (relay host & masquerading) - syscookbook

Start at  #MASQUERADING DOMAIN NAME (COMMON FOR ALL USERS)

Reply
0 Kudos