On Tue, 29 Jan 2019 21:06:02 -0500 Chris Tyler via talk <talk@gtalug.org> wrote:

I have a very old sendmail configuration on a VM on a dying server. I need to move it to a stable hw platform, so I took the sendmail setup and migrated it to a new system with a current Sendmail installation. The previous Sendmail configuration worked fine and was trusted by remote senders. It did not have SPF, DKIM, or DMARC set up. The new Sendmail server worked fine (worked as expected), but was not trusted by some remote MTAs sending TO it - including those used by Google/gmail. This seems odd because the only real difference between the two configurations is the Sendmail version -- something seems to have changed in the software. I reverted to the original system after these experiments last summer, but haven't circled back to it until now, when the failure of the underlying hw is forcing my hand. I haven't been following the evolution of Sendmail. I need to set up a better long-term solution (possibly with another MTA, and definitely with SPF+DKIM+DMARC), but in the short term I urgently need to migrate this configuration over to a box that isn't failing. Is anyone aware of Sendmail changes (either in behavior or defaults) that would explain how remote servers regard the MX? Thanks-- -Chris Tyler

imho, your issues are related to your config file, rather than all the changes in the software. Also, your DNS configuration and ipv4 reputation is a major factor today. Your ipv4 should be 'clean' http://multirbl.valli.org/ and your ipv4 should have forward/reverse and your sending domain should have SPF, etc etc. I am also running a very old version of sendmail, which I recently updated, In my case, I had to redo the config file completely and change many of my scripts I also have some Postfix and a few Exim, I like all of them and they have become like spanners to me... one is a 9, the other a 12 and you simply cannot exist without a 13 :) At the end of the day: Always remember to have fun! Andre

On Tue, 29 Jan 2019 at 21:06, Chris Tyler via talk <talk@gtalug.org> wrote:

I have a very old sendmail configuration on a VM on a dying server. I need to move it to a stable hw platform, so I took the sendmail setup and migrated it to a new system with a current Sendmail installation.

The previous Sendmail configuration worked fine and was trusted by remote senders. It did not have SPF, DKIM, or DMARC set up. The new Sendmail server worked fine (worked as expected), but was not trusted by some remote MTAs sending TO it - including those used by Google/gmail. This seems odd because the only real difference between the two configurations is the Sendmail version -- something seems to have changed in the software. I reverted to the original system after these experiments last summer, but haven't circled back to it until now, when the failure of the underlying hw is forcing my hand.

I haven't been following the evolution of Sendmail. I need to set up a better long-term solution (possibly with another MTA, and definitely with SPF+DKIM+DMARC), but in the short term I urgently need to migrate this configuration over to a box that isn't failing. Is anyone aware of Sendmail changes (either in behavior or defaults) that would explain how remote servers regard the MX?

Disclaimer: I know nothing about sendmail. However, it occurs to me that I wouldn't put it past Google to check your sendmail version, and let you get away with not having SPF+DKIM+DMARC on the really old version but block you on newer versions that don't have them. Seems to me they maybe shouldn't accept the older version at all for security reasons, but clearly they do ... -- Giles https://www.gilesorr.com/ gilesorr@gmail.com