Archive
Highlighted

Send email from command

New Member

Some customers ask questions about how to send email from web. And I did a test. I input command

"sourcetype="access_combined" |head 10 | sendemail to="michael_wu@ucom.net.cn" format=html subject="web access log" server=cnmail.systex.com.cn"

and received the results form "cnmail.systex.com.cn" which is our company's mail server. When I rewrite the command as follow

sourcetype="access_combined" |head 10 | sendemail to="wys23@sina.com" format=html subject="web access log" server=smtp.sina.com.cn"

which is a public server I registered. I find error messages "(501, "#5.1.3 Partial domain not allowed: 'Jordan-PC'", 'splunk@Jordan-PC') while sending mail to: wys23@sina.com

Is this a error which is arised from the server smtp.sina.com.cn deny spam mail?

Tags (1)
0 Karma
Highlighted

Re: Send email from command

Motivator

It appears that your splunk server is not allowed to relay via the smtp.sina.com.cn server. Splunk uses your $LOCALHOST variable to pass to the SMTP server. You might be able to adjust your hostname to be a fully qualified name, the SMTP server might accept it then. Alternatively you could also allow the Splunk server's IP to relay mail.

Any reason you can't just use the cnmail.systex.com.cn that already works to send your email?

Highlighted

Re: Send email from command

Champion

Based on the error, its possible that updating the hostname in your alert_actions.conf file will resolve this. The mail is rejected due to "Partial domain not allowed: 'Jordan-PC'". What if you update your hostname to a fully qualified domain name?