Re: [plug] MailServer port 25 Woes

Thu, 03 Mar 2005 01:41:32 -0800 

http://www.postfix.org/DEBUG_README.html#no_chroot
http://www.postfix.org/master.5.html -- see chroot

On Thu, 2005-03-03 at 16:44, Mhac Janapin wrote:
> Dear List,
> 
> I have just finished setting up a mailserver... or so I thought.
> However I could not telnet to port 25 either locally or on any machine
> in our LAN.
> ==================================
> [EMAIL PROTECTED]:/home/mhacleth$ telnet localhost 25
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> ^]
> telnet>quit
> ==================================
> 
> SPECS:
> P3 733MHz, 512MB RAM
> Slackware 10, kernel-2.4.29
> Postfix-2.1.4, MailScanner(ClamAV-0.81+SpamAssassin)
> SquirrelMail (for webmail).
> 
> main.cf
> ==================================
> command_directory = /usr/sbin
> daemon_directory = /usr/libexec/postfix
> myhostname = mail.pbts.net.ph
> mydomain = pbts.net.ph
> myorigin = $mydomain
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> unknown_local_recipient_reject_code = 450
> mynetworks_style = subnet
> relay_domains = $mydestination
> relayhost = $mydomain
> in_flow_delay = 2s
> alias_maps = hash:/etc/postfix/aliases
> alias_database = hash:/etc/postfix/aliases
> mailbox_command = /usr/bin/procmail
> header_checks = regexp:/etc/postfix/header_checks
> smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) Slackware 10
> local_destination_concurrency_limit = 2
> default_destination_concurrency_limit = 10
> debug_peer_level = 2
> sendmail_path = /usr/sbin/sendmail
> newaliases_path = /usr/bin/newaliases
> mailq_path = /usr/bin/mailq
> setgid_group = postdrop
> html_directory = no
> manpage_directory = /usr/man
> sample_directory = /etc/postfix
> readme_directory = no
> smtpd_helo_required = yes
> smtpd_client_restrictions = permit_mynetworks, reject_unknown_client
> disable_vrfy_command = yes
> ignore_mx_lookup_error = yes
> delay_warning_time = 4
> recipient_delimiter = +
> ===================================
> 
> 
> master.cf
> ===================================
> smtp      inet  n       -       y       -       -       smtpd
> pickup    fifo  n       -       y       60      1       pickup
> cleanup   unix  n       -       y       -       0       cleanup
> qmgr      fifo  n       -       y       300     1       qmgr
> rewrite   unix  -       -       y       -       -       trivial-rewrite
> bounce    unix  -       -       y       -       0       bounce
> defer     unix  -       -       y       -       0       bounce
> trace     unix  -       -       y       -       0       bounce
> verify    unix  -       -       y       -       1       verify
> flush     unix  n       -       y       1000?   0       flush
> proxymap  unix  -       -       n       -       -       proxymap
> smtp      unix  -       -       y       -       -       smtp
> relay     unix  -       -       y       -       -       smtp
> showq     unix  n       -       y       -       -       showq
> error     unix  -       -       y       -       -       error
> local     unix  -       n       n       -       -       local
> virtual   unix  -       n       y       -       -       virtual
> lmtp      unix  -       -       y       -       -       lmtp
> anvil     unix  -       -       n       -       1       anvil
> maildrop  unix  -       n       n       -       -       pipe
>   flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> old-cyrus unix  -       n       n       -       -       pipe
>   flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
> cyrus     unix  -       n       n       -       -       pipe
>   user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
> uucp      unix  -       n       n       -       -       pipe
>   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
> ($recipient)
> ifmail    unix  -       n       n       -       -       pipe
>   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp     unix  -       n       n       -       -       pipe
>   flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
> ===============================
> 
> NETSTAT:
> ===============================
> [EMAIL PROTECTED]:~$ netstat -ln
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address           Foreign Address         State
> tcp        0      0 0.0.0.0:37              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:6000            0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:113             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:82              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
> udp        0      0 0.0.0.0:512             0.0.0.0:*
> udp        0      0 0.0.0.0:10000           0.0.0.0:*
> udp        0      0 0.0.0.0:37              0.0.0.0:*
> 
> ========================================
> 
> NMAP:
> ========================================
> [EMAIL PROTECTED]:/home/mhacleth# nmap -sT -O localhost
> 
> Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2005-03-03 16:44 PHT
> Interesting ports on localhost (127.0.0.1):
> (The 1650 ports scanned but not shown below are in state: closed)
> PORT     STATE SERVICE
> 22/tcp   open  ssh
> 25/tcp   open  smtp
> 37/tcp   open  time
> 80/tcp   open  http
> 82/tcp   open  xfer
> 110/tcp  open  pop3
> 113/tcp  open  auth
> 143/tcp  open  imap
> 6000/tcp open  X11
> Device type: general purpose
> Running: Linux 2.4.X|2.5.X
> OS details: Linux Kernel 2.4.0 - 2.5.20 w/o tcp_timestamps
> 
> Nmap run completed -- 1 IP address (1 host up) scanned in 5.378 seconds
> ===============================
> 
> GSHIELD:
> ===============================
> [EMAIL PROTECTED]:/home/mhacleth# /etc/firewall/gShield.rc
> [gShield] initializing v2.8
> [gShield] default TCP response set to REJECT with tcp-reset
> [gShield] default UDP response set to REJECT with icmp-port-unreachable
> [gShield] default logging rate limit set to 20/m
> [gShield] not logging ICMP
> [gShield] no reserved drop logging
> [gShield] dropping multicasts
> [gShield] 10.42.42.0/24 authorized for NAT
> [gShield] interface eth0 up
> [gShield] 10.42.43.0/24 authorized for NAT
> [gShield] interface eth0 up
> [gShield] Custom forwards DISabled
> [gShield] Allowing all ICMP at rate of 30/m
> [gShield] Allowing all traceroutes
> [gShield] httpd publically accessible
> [gShield] httpd-ssl publically accessible
> [gShield] SMTP daemon publically accessible
> [gShield] POP3 daemon publically accessible
> [gShield] SSH daemon publically accessible
> [gShield] Opening port 82
> ================================
> 
> I could not pin down why this is happening. I already googled for
> similar problems but most of the results that I saw can still connect
> to the localhost... I can't...
> 
> Is there any setting that I missed?
> 
> Any similar problem you encountered? How did you get around that?
> 
> 
> Sincerely,
> *almost* hairless mhac 
> (i can't help but pull one off for every solution i tried that failed.. )
-- 
Lawrence Guirre <[EMAIL PROTECTED]>
Q Linux Solutions, Inc

--
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie

Reply via email to