Reply With QuoteDo the postfix logs show any errors?
Im still playing around with my fedora core 4 server (trying to learn again). I am trying to setup a mail server and it is just pissin me off. I can receive mail all day noprobs, but I cant get it to send mail for anything. I have configured it (mostly by) http://fedoranews.org/mediawiki/inde...rus_protection, I say mostly, because I wanted to make sure it sends before I continue configuring it. I also changed the default mta from sendmail to postfix using alternatives --config mta command. Is there something basic Im missing?
Do the postfix logs show any errors?
I just thought of posting the logs here. :
So, Im trying to get out to the recipient, but the connection is dying due to time out. As a matter of record, I have a router acting as a gateway for my network. What kind of port permissions should I allow? I have port 25 forwarded to my mailserver's ip. Anything else I should allow?Code:Jan 27 06:50:30 mountainman postfix/smtp[29096]: connect to mx2.mail.yahoo.com[4.79.181.134]: Connection timed out (port 25) Jan 27 06:50:51 mountainman imap-login: Login: mark [::ffff:127.0.0.1] Jan 27 06:51:00 mountainman postfix/smtp[29096]: connect to mx2.mail.yahoo.com[4.79.181.13]: Connection timed out (port 25) Jan 27 06:51:05 mountainman imap-login: Login: mark [::ffff:127.0.0.1] Jan 27 06:51:30 mountainman postfix/smtp[29096]: connect to mx4.mail.yahoo.com[216.155.197.59]: Connection timed out (port 25) Jan 27 06:51:31 mountainman imap-login: Login: mark [::ffff:127.0.0.1] Jan 27 06:52:00 mountainman postfix/smtp[29096]: connect to mx4.mail.yahoo.com[66.218.86.156]: Connection timed out (port 25) Jan 27 06:52:30 mountainman postfix/smtp[29096]: connect to mx4.mail.yahoo.com[216.155.197.60]: Connection timed out (port 25) Jan 27 06:52:32 mountainman postfix/smtp[29096]: 84D6016053F: to=<birchfield4@yahoo.com>, relay=none, delay=1969, status=deferred (connect to mx4.mail.yahoo.com[216.155.197.60]: Connection timed out)
Just to test, can you bypass the router, connecting directly to the internet just to test?
not easily. My mailserver and my connection are about 40 feet apart.
Can you nmap your public ip, to see if port 25 is really open?
Or if you're really lazy, go to http://grc.com from a machine behind your router and run shields up on common ports.
here is a portscan of the priveledged ports:
Code:tcp 22 pcAnywhere Status. Default udp status port for v2.0 thru v7.51; plus CE. Versions v8+ on use tcp 5631 & udp 5632. -------------------------------------------------------------------------------- Trojans or Viruses known to use this port are: Adore sshd. Shaft. tcp 110 Post Office Protocol - Version 3. Most widely used client email protocol. Used by mail clients to collect mail off server. Security Concerns: Re-usable cleartext password. - No auditing of connections & attempts; thus subject to grinding. - Some POP3 server versions have had buffer overflow problems. CERT Advisories: CA-97.09. -------------------------------------------------------------------------------- Trojans or Viruses known to use this port are: ProMail trojan. tcp 80 HTTP. Standard web service port. Exchange is cleartext; use https (443) for sensitive data transfers. -------------------------------------------------------------------------------- Trojans or Viruses known to use this port are: 711 trojan (Seven Eleven). AckCmd. Back End. Back Orifice 2000 Plug-Ins. Cafeini. CGI Backdoor. Executor. God Message. Hooker. IISworm. MTX. NCX. Noob. Ramen. Reverse WWW Tunnel Backdoor. RingZero. RTB 666. Seeker. WAN Remote. Web Server CT. WebDownloader. tcp 21 This is the FTP service control port. Firewall rules focus on this port; then open port 20 only when required for a data transfer. Security Concerns with FTP: Cleartext; re-usable passwords. - Portal for user account grinding. - FTP Bounce; where attacker uses ftp's "port" command to redirect the FTP transfer to a port & IP other than default port 20 on the FTP server. Attacks can include "bouncing" internal network scans; email forging/flooding; etc. CERT Advisories: CA-97.16; CA-99.13. Disable this service on non-FTP servers. Open at perimeter only with static route to internal FTP server(s). -------------------------------------------------------------------------------- Trojans or Viruses known to use this port are: Back Construction. BladeRunner. Cattivik FTP Server. CC Invader. Dark FTP. Doly Trojan. Fore. FreddyK. Invisible FTP. Juggernaut 42. Larva. MotIv FTP. Net Administrator. Ramen. RTB 666. Senna Spy FTP server. The Flu. Traitor 21. WebEx. WinCrash. tcp 143 imap.'internet message access protocol; internet message access proto; interim mail access protocol v2'. tcp 25 Simple Mail Transfer. Used by mail servers to receive inbound email. Security Concerns: Email servers are complex engines; often run as root; and required open at most network perimeters. Thus are popular for attackers and new DOS or intrusion hacks always being found. Disable on non-mail server hosts. Open at perimeter only with static route to internal mail server. -------------------------------------------------------------------------------- Trojans or Viruses known to use this port are: Ajan. Antigen. Barok. BSE. Email Password Sender - EPS. EPS II. Gip. Gris. Happy99. Hpteam mail. Hybris. I love you. Kuang2. Magic Horse. MBT (Mail Bombing Trojan). Moscow Email trojan. Naebi. NewApt worm. ProMail trojan. Shtirlitz. Stealth. Stukach. Tapiras. Terminator. WinPC. WinSpy.
Ok, an update here. I telnetted into my server using the domain name and port 25:
telnet www.domain info.com 25 (not my server's real name)
here is its reply :
Looks to me like everything should work. Is there some sort of certificate for mail servers I missing or some other form of authentication?Code:220 servers name here also ;) ESMTP Postfix 501 Syntax: EHLO hostname 250-servers name here ;) 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250 8BITMIME 221 Bye
Posting Permissions
Bookmarks