from:"Roberto Sanchez"

[Fwd: Odd postfix behavior]

2004-04-23 Thread Roberto Sanchez

Sorry for the cross post, but I initally posted this on debian-user and
received nary a response.  I am hoping that this might be more up the
alley of the debian-isp folks.  BTW, plz CC me, as I am not subscribed
to debian-isp.
-Roberto Sanchez
 Original Message 
Subject: Odd postfix behavior
Resent-Date: Thu, 22 Apr 2004 23:00:44 -0500 (CDT)
Resent-From: debian-user@lists.debian.org
Date: Fri, 23 Apr 2004 00:00:47 -0400
From: Roberto Sanchez [EMAIL PROTECTED]
To: Debian User debian-user@lists.debian.org
I have postfix running on Woody.  The problem I just came across is
that someone trying to use me as an open relay to spam an aol adress
can use me as a relay.
I have postfix setup to only accept mail from my private subnet and
clients that authenticate with SMTP AUTH.  However, since I am on a
Bellsouth dynamic IP, I have added a line to /etc/postfix/transport:
aol.com smtp:[mail.bellsouth.net]
This is so that my wife can email her dad (who absolutely refuses
to give up aol.  Apparently, postfix looks at the transport table
before looking at smtpd_recipient_restrictions.  This are the
restrictions I have set:
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain, permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination, check_relay_domains
Thankfully, Bellsouth rejected my relay attempt:
Apr 22 20:39:48 santiago postfix/smtp[15834]: 75EC2AAD:
to=[EMAIL PROTECTED], relay=mail.bellsouth.net[205.152.59.17],
delay=3, status=bounced (host mail.bellsouth.net[205.152.59.17] said:
550 .net 022: Your current IP address is not allowed to relay to aol.com
Solution: Connect using BellSouth Internet Service.)
However, I would like to prevent this from happening again.  Can anyone
enlighten me?
Also, I have started encountering strange log messages from one of
my machines.  I have two identically configured Sid boxes (running
exim) that relay logcheck updates to my mail server.  One box connects
just fine:
Apr 22 22:01:32 santiago postfix/smtpd[16306]: connect from
miami.familiasanchez.net[192.168.0.3]
Apr 22 22:01:32 santiago postfix/smtpd[16306]: setting up TLS connection
from miami.familiasanchez.net[192.168.0.3]
Apr 22 22:01:32 santiago postfix/smtpd[16306]: TLS connection
established from miami.familiasanchez.net[192.168.0.3]: TLSv1 with
cipher RC4-SHA (128/128 bits)
Apr 22 22:01:32 santiago postfix/smtpd[16306]: D930BAAB:
client=miami.familiasanchez.net[192.168.0.3]
Apr 22 22:01:33 santiago postfix/cleanup[16307]: D930BAAB:
message-id=[EMAIL PROTECTED]
Apr 22 22:01:33 santiago postfix/qmgr[364]: D930BAAB:
from=[EMAIL PROTECTED], size=1059, nrcpt=1 (queue active)
Apr 22 22:01:33 santiago postfix/smtpd[16306]: disconnect from
miami.familiasanchez.net[192.168.0.3]
The other box can also connect, bt it generates some errors:
Apr 22 19:02:03 santiago postfix/smtpd[14987]: connect from
mayaguez.familiasanchez.net[192.168.0.2]
Apr 22 19:02:03 santiago postfix/smtpd[14987]: setting up TLS connection
from mayaguez.familiasanchez.net[192.168.0.2]
Apr 22 19:02:04 santiago postfix/smtpd[14987]: TLS connection
established from mayaguez.familiasanchez.net[192.168.0.2]: TLSv1 with
cipher RC4-SHA (128/128 bits)
Apr 22 19:02:04 santiago postfix/smtpd[14987]: warning:
mayaguez.familiasanchez.net[192.168.0.2]: SASL CRAM-MD5 authentication
failed
Apr 22 19:02:09 santiago postfix/smtpd[14987]: 1C7B9AAB:
client=mayaguez.familiasanchez.net[192.168.0.2], sasl_method=PLAIN,
sasl_username=roberto, [EMAIL PROTECTED]
Apr 22 19:02:09 santiago postfix/cleanup[14988]: 1C7B9AAB:
message-id=[EMAIL PROTECTED]
Apr 22 19:02:09 santiago postfix/qmgr[364]: 1C7B9AAB:
from=[EMAIL PROTECTED], size=1464, nrcpt=1 (queue active)
Apr 22 19:02:09 santiago postfix/pipe[14991]: 1C7B9AAB:
to=[EMAIL PROTECTED], relay=cyrus, delay=0, status=sent
(santiago.familiasanchez.net)
Apr 22 19:02:09 santiago postfix/smtpd[14987]: disconnect from
mayaguez.familiasanchez.net[192.168.0.2]
The difference is in the authentication failed message.  I receive
all mails from both boxes, so I guess that they are harmless.
Nonetheless, I would like to know why only one box generates the error.
-Roberto Sanchez


signature.asc
Description: OpenPGP digital signature

Re: dsl Verizon.com

2004-03-19 Thread Roberto Sanchez

Paul Johnson wrote:
Christopher J. Noyes [EMAIL PROTECTED] writes:


I have DSL with verizon.com. It uses a Westel Wirespeed external modem
connected to a network card though ethernet. Does anyone know how configure
this on debian?


If you're lucky, and they're not using PPPoE, then this will be easy.
All you need to do is plug that puppy into your gateway box and try
setting it up like it's on a DHCP-configured network, and it should
Just Work.  If it uses PPPoE, check google.  Looking through the dwww
running on my site, I find a DSL HOWTO...
http://ursine.ca/cgi-bin/dwww?type=filelocation=/usr/share/doc/HOWTO/en-html/HOWTO-INDEX/../DSL-HOWTO/index.html

...and the Bridge+Firewall+DSL HOWTO...

http://ursine.ca/cgi-bin/dwww?type=filelocation=/usr/share/doc/HOWTO/en-html/HOWTO-INDEX/../Bridge%2BFirewall%2BDSL.html

Hope this helps.

This guy here explains how to setup a westell in Linux:

http://www.trekweb.com/~jasonb/articles/westell_linux.shtml

-Roberto


signature.asc
Description: OpenPGP digital signature

Re: dsl Verizon.com

2004-03-19 Thread Roberto Sanchez

H. S. wrote:
Apparently, _Christopher J. Noyes_, on 03/19/04 00:00,typed:

I have DSL with verizon.com. It uses a Westel Wirespeed external modem 
connected to a network card though ethernet. Does anyone know how 
configure this on debian?
Christopher J. Noyes


(maybe this explains why you are using M$ LookOut to post this :))

Could be that since he can't get his home internet setup he has to
post from work, where only MSO is available.
BTW, have you tried Mozilla on WIndows?

But coming back to your query, pppoeconf should automatically detect the 
DSL connection on one of youe eth cards, as longas the cable is 
connected and the modem is switched ON.

Don't waste time with pppoe.  Set your NIC to pick up a DHCP
address, plugin the modem, and surf to http://192.168.1.254
Everything is configurable from there.

-HS

-Roberto


signature.asc
Description: OpenPGP digital signature

Re: dsl Verizon.com

2004-03-19 Thread Roberto Sanchez

Paul Johnson wrote:
Christopher J. Noyes [EMAIL PROTECTED] writes:

I have DSL with verizon.com. It uses a Westel Wirespeed external modem
connected to a network card though ethernet. Does anyone know how configure
this on debian?

If you're lucky, and they're not using PPPoE, then this will be easy.
All you need to do is plug that puppy into your gateway box and try
setting it up like it's on a DHCP-configured network, and it should
Just Work.  If it uses PPPoE, check google.  Looking through the dwww
running on my site, I find a DSL HOWTO...
http://ursine.ca/cgi-bin/dwww?type=filelocation=/usr/share/doc/HOWTO/en-html/HOWTO-INDEX/../DSL-HOWTO/index.html
...and the Bridge+Firewall+DSL HOWTO...
http://ursine.ca/cgi-bin/dwww?type=filelocation=/usr/share/doc/HOWTO/en-html/HOWTO-INDEX/../Bridge%2BFirewall%2BDSL.html
Hope this helps.
This guy here explains how to setup a westell in Linux:
http://www.trekweb.com/~jasonb/articles/westell_linux.shtml
-Roberto


signature.asc
Description: OpenPGP digital signature

Re: dsl Verizon.com

2004-03-19 Thread Roberto Sanchez

H. S. wrote:
Apparently, _Christopher J. Noyes_, on 03/19/04 00:00,typed:
I have DSL with verizon.com. It uses a Westel Wirespeed external modem 
connected to a network card though ethernet. Does anyone know how 
configure this on debian?
Christopher J. Noyes

(maybe this explains why you are using M$ LookOut to post this :))
Could be that since he can't get his home internet setup he has to
post from work, where only MSO is available.
BTW, have you tried Mozilla on WIndows?
But coming back to your query, pppoeconf should automatically detect the 
DSL connection on one of youe eth cards, as longas the cable is 
connected and the modem is switched ON.

Don't waste time with pppoe.  Set your NIC to pick up a DHCP
address, plugin the modem, and surf to http://192.168.1.254
Everything is configurable from there.
-HS
-Roberto


signature.asc
Description: OpenPGP digital signature

[Fwd: Odd postfix behavior]

Re: dsl Verizon.com

Re: dsl Verizon.com

Re: dsl Verizon.com

Re: dsl Verizon.com

5 matches

Site Navigation

Mail list logo

Footer information