Postfix SMTP AUTH with TLS Problems
I know this has come up a few times before, but I'm pulling my hair out trying to get my Postfix-tls installation working to do SMTP auth. I have followed the very helpful howto below to the letter. http://lists.q-linux.com/pipermail/plug/2003-July/029503.html When I restart my postfix and telnet to localhost 25, my postfix chokes. Here's what I see in my mail.log: May 29 14:12:16 sawdois postfix/smtpd[9906]: starting TLS engine May 29 14:12:16 sawdois postfix/smtpd[9906]: fatal: no SASL authentication mechanisms May 29 14:12:17 sawdois postfix/master[9898]: warning: process /usr/lib/postfix/smtpd pid 9906 exit status 1 May 29 14:12:17 sawdois postfix/master[9898]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling Here's background on my installation: Debian Woody unstable Postfix 2.0.16-4 Postfix-tls 2.0.16-4 sasl2-bin 2.1.15-6 The above HOWTO is supposed to work with Postfix still running chroot. I've tried to unchroot Postfix to see if that would work but to no success. One thought is that the Postfix packages don't seem to support PAM. But if this is I haven't found anyone on the net with a similar problem and I would assume it would have come up already if this were the key snafu. Here are the links that I have: sawdois:/# ldd /usr/lib/postfix/smtpd libpostfix-master.so.1 = /usr/lib/libpostfix-master.so.1 (0x40021000) libpostfix-global.so.1 = /usr/lib/libpostfix-global.so.1 (0x40027000) libpostfix-dns.so.1 = /usr/lib/libpostfix-dns.so.1 (0x40045000) libpostfix-util.so.1 = /usr/lib/libpostfix-util.so.1 (0x4004a000) libssl.so.0.9.7 = /usr/lib/i686/cmov/libssl.so.0.9.7 (0x40068000) libcrypto.so.0.9.7 = /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0x40099000) libsasl2.so.2 = /usr/lib/libsasl2.so.2 (0x40196000) libdb-4.1.so = /usr/lib/libdb-4.1.so (0x401aa000) libnsl.so.1 = /lib/libnsl.so.1 (0x4026b000) libresolv.so.2 = /lib/libresolv.so.2 (0x40281000) libgdbm_compat.so.3 = /usr/lib/libgdbm_compat.so.3 (0x40293000) libc.so.6 = /lib/libc.so.6 (0x40296000) libdl.so.2 = /lib/libdl.so.2 (0x403c9000) libgdbm.so.3 = /usr/lib/libgdbm.so.3 (0x403cc000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000) Any ideas about where I should go from here? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Postfix SMTP AUTH with TLS Problems
I know this has come up a few times before, but I'm pulling my hair out trying to get my Postfix-tls installation working to do SMTP auth. I have followed the very helpful howto below to the letter. http://lists.q-linux.com/pipermail/plug/2003-July/029503.html When I restart my postfix and telnet to localhost 25, my postfix chokes. Here's what I see in my mail.log: May 29 14:12:16 sawdois postfix/smtpd[9906]: starting TLS engine May 29 14:12:16 sawdois postfix/smtpd[9906]: fatal: no SASL authentication mechanisms May 29 14:12:17 sawdois postfix/master[9898]: warning: process /usr/lib/postfix/smtpd pid 9906 exit status 1 May 29 14:12:17 sawdois postfix/master[9898]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling Here's background on my installation: Debian Woody unstable Postfix 2.0.16-4 Postfix-tls 2.0.16-4 sasl2-bin 2.1.15-6 The above HOWTO is supposed to work with Postfix still running chroot. I've tried to unchroot Postfix to see if that would work but to no success. One thought is that the Postfix packages don't seem to support PAM. But if this is I haven't found anyone on the net with a similar problem and I would assume it would have come up already if this were the key snafu. Here are the links that I have: sawdois:/# ldd /usr/lib/postfix/smtpd libpostfix-master.so.1 = /usr/lib/libpostfix-master.so.1 (0x40021000) libpostfix-global.so.1 = /usr/lib/libpostfix-global.so.1 (0x40027000) libpostfix-dns.so.1 = /usr/lib/libpostfix-dns.so.1 (0x40045000) libpostfix-util.so.1 = /usr/lib/libpostfix-util.so.1 (0x4004a000) libssl.so.0.9.7 = /usr/lib/i686/cmov/libssl.so.0.9.7 (0x40068000) libcrypto.so.0.9.7 = /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0x40099000) libsasl2.so.2 = /usr/lib/libsasl2.so.2 (0x40196000) libdb-4.1.so = /usr/lib/libdb-4.1.so (0x401aa000) libnsl.so.1 = /lib/libnsl.so.1 (0x4026b000) libresolv.so.2 = /lib/libresolv.so.2 (0x40281000) libgdbm_compat.so.3 = /usr/lib/libgdbm_compat.so.3 (0x40293000) libc.so.6 = /lib/libc.so.6 (0x40296000) libdl.so.2 = /lib/libdl.so.2 (0x403c9000) libgdbm.so.3 = /usr/lib/libgdbm.so.3 (0x403cc000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000) Any ideas about where I should go from here? thanks, Adam
Catchall for Exim 3.35
Hi all, I'm doing some spam research and need to configure my exim so that it accepts all incoming mail and shunts those with invalid addresses into a catchall address. Basically, I want to mimick how Exchange servers accept everything. I believe the following will do it for Exim 4, but when I try it with my 3.35 installation, it chokes on all incoming messages. I was hoping someone might have a snippet that I could use in my exim.conf that would do the trick. catchall: driver = smartuser new_address: [EMAIL PROTECTED] thanks, Adam
Re: Exim accepting mail from specific hosts
Yes, that was part of the plan, to point my mx records to my provider. Therefore, any connections to my port 25 should be from only folks that are port scanning (sounds like a spammer to me). Think this is best done as a firewall issue or via David's host_reject option? thanks, Adam Dave Watkins wrote: Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Exim accepting mail from specific hosts
Yes, that was part of the plan, to point my mx records to my provider. Therefore, any connections to my port 25 should be from only folks that are port scanning (sounds like a spammer to me). Think this is best done as a firewall issue or via David's host_reject option? thanks, Adam Dave Watkins wrote: Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam
Exim accepting mail from specific hosts
Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Exim accepting mail from specific hosts
Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam
Re: Exim store and forward
I tried Chris' approach below and that didn't seem to work either. But following Dale's suggestion of using * instead of localhost. Just for the future googlers, here's what I added to the top of my routers section to store and forward for exim 3: store_and_forward: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net thanks for the help! Adam On Thu, 20 Nov 2003, Dale E Martin wrote: If you don't want to upgrade to version 4, then try adding the following as the very last router: smart_route: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net bydns_a If you make it the very last router, then you need to comment out the direct_remote: one that is (probably) currently the last one. Basically what the original poster had was OK except that their route_list specified to use that route only for localhost, not * iirc. Take care, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried Chris' approach below and that didn't seem to work either. But following Dale's suggestion of using * instead of localhost. Just for the future googlers, here's what I added to the top of my routers section to store and forward for exim 3: store_and_forward: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net thanks for the help! Adam On Thu, 20 Nov 2003, Dale E Martin wrote: If you don't want to upgrade to version 4, then try adding the following as the very last router: smart_route: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net bydns_a If you make it the very last router, then you need to comment out the direct_remote: one that is (probably) currently the last one. Basically what the original poster had was OK except that their route_list specified to use that route only for localhost, not * iirc. Take care, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Exim store and forward
I've running exim as my mta on my home gateway machine which is connected via a fixed IP DSL line. I'm having increasing trouble getting my mail through as other sites (rightly) find messages coming from a block of dsl addresses suspicious. I want to have exim forward my outgoing messages to my internet provider's smtp server which is obviously more legit than mine. I've added the following at the top of the routers section of my exim.conf file. store_and_forward: driver = domainlist transport = remote_smtp route_list = localhost smtp.myisp.net When I send mail from my server and look at the headers, there's no indication that it actually got forwarded on to my isp's smtp server. What am I missing here? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried commenting out my snippet and adding yours in the beginning of the routers section. That ended up totally hosing my smtp. Pine gave me an error saying that the smtp server was unavailable when I tried testing it. Where exactly should I put your snippet in my exim file? And do I need to remove the snippet that I suggested below? thanks a lot! Adam On Thu, 20 Nov 2003, Chris Foote wrote: On Wed, 19 Nov 2003, Adam Dawes wrote: I've running exim as my mta on my home gateway machine which is connected via a fixed IP DSL line. I'm having increasing trouble getting my mail through as other sites (rightly) find messages coming from a block of dsl addresses suspicious. I want to have exim forward my outgoing messages to my internet provider's smtp server which is obviously more legit than mine. I've added the following at the top of the routers section of my exim.conf file. store_and_forward: driver = domainlist transport = remote_smtp route_list = localhost smtp.myisp.net When I send mail from my server and look at the headers, there's no indication that it actually got forwarded on to my isp's smtp server. What am I missing here? You need to use manualroute for non-local domains, as per: smarthost: driver = manualroute domains = !+local_domains transport = remote_smtp route_list = * smtp.myisp.net or alternatively: smarthost: driver = manualroute transport = remote_smtp route_list = !+local_domains smtp.myisp.net plug Grab a copy of the author's new Exim book from http://www.uit.co.uk/exim-book/ /plug Chris Foote [EMAIL PROTECTED] _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Exim store and forward
I've running exim as my mta on my home gateway machine which is connected via a fixed IP DSL line. I'm having increasing trouble getting my mail through as other sites (rightly) find messages coming from a block of dsl addresses suspicious. I want to have exim forward my outgoing messages to my internet provider's smtp server which is obviously more legit than mine. I've added the following at the top of the routers section of my exim.conf file. store_and_forward: driver = domainlist transport = remote_smtp route_list = localhost smtp.myisp.net When I send mail from my server and look at the headers, there's no indication that it actually got forwarded on to my isp's smtp server. What am I missing here? thanks, Adam