Re: [expert] postfix headers (update)
On Sat, 2003-11-15 at 10:01, Bill wrote: > That is what my understanding was. you wouyld asign like 5 to your primary > email server and 10 to the backup. Assigning the same number would just make > things a little screwy. Ok, that would make sense. I'm still confused as to why one would let me in and one wouldn't - I think they need to hire a new engineer :) -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #316: Elves on strike. (Why do they call EMAG Elf Magic) Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
On Sat, 2003-11-15 at 10:01, Bill wrote: > That is what my understanding was. you wouyld asign like 5 to your primary > email server and 10 to the backup. Assigning the same number would just make > things a little screwy. > yeah, it'll basically just round robin. An additional wrinkle is that many (most?) MTAs will try to send to the domain's A record if none of the MX's respond. -- Jack at Monkeynoodle Dot Org: It's A Scientific Venture... "I have acres of land, I have men I command, I have always a shilling to spare, so be easy and free when you're drinking with me; I'm a man you don't meet every day." -- I'm a Man You Don't Meet Every Day from Rum, Sodomy, and the Lash by The Pogues Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
That is what my understanding was. you wouyld asign like 5 to your primary email server and 10 to the backup. Assigning the same number would just make things a little screwy. On Star Date Saturday 15 November 2003 08:51 am, Michael Holt sent this sub-space message. > > > > MX records have a priority option between 1 and 100. Higher priority > > gets first choice of delivery, lower priority is essentially backup. > > > > > I drive a tow truck for AAA during my down-time between jobs. I don't > > > have the cdl stuff, but there seems to be plenty of cars running into > > > each other to stay busy :) > > So then having two servers with the same priority level would be either > / or? Or would it just hose your servers? Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
On Sat, 2003-11-15 at 07:22, Jack Coates wrote: > On Sat, 2003-11-15 at 06:57, Michael Holt wrote: > > ...> > > > if we do a mx record lookup for .com we get qxssmtp2.qualxserv.com. that > > > server is not answering for port 25 stuff. Interestingly enough they have the > > > same number assigned to there email servers which is 10 I thought that was a > > > no no. > > > > > > Man I have been outa the internet systems stuff for two years now and can > > > still do this stuff. Im so far out of the loop now seeing how I just got my > > > trucking drivers license (class a) with all endorsements to look for work in > > > the trucking industry. I gave up on the computer industry. > > > > Hey I just learned something! Could you explain the '10' thing to me? > > MX records have a priority option between 1 and 100. Higher priority > gets first choice of delivery, lower priority is essentially backup. > > > > > I drive a tow truck for AAA during my down-time between jobs. I don't > > have the cdl stuff, but there seems to be plenty of cars running into > > each other to stay busy :) So then having two servers with the same priority level would be either / or? Or would it just hose your servers? -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #341: HTTPD Error 666 : SysAdmin was here Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
On Sat, 2003-11-15 at 06:57, Michael Holt wrote: > ...> > > if we do a mx record lookup for .com we get qxssmtp2.qualxserv.com. that > > server is not answering for port 25 stuff. Interestingly enough they have the > > same number assigned to there email servers which is 10 I thought that was a > > no no. > > > > Man I have been outa the internet systems stuff for two years now and can > > still do this stuff. Im so far out of the loop now seeing how I just got my > > trucking drivers license (class a) with all endorsements to look for work in > > the trucking industry. I gave up on the computer industry. > > Hey I just learned something! Could you explain the '10' thing to me? MX records have a priority option between 1 and 100. Higher priority gets first choice of delivery, lower priority is essentially backup. > > I drive a tow truck for AAA during my down-time between jobs. I don't > have the cdl stuff, but there seems to be plenty of cars running into > each other to stay busy :) -- Jack at Monkeynoodle Dot Org: It's A Scientific Venture... "In my motorcycle mirror I think about the life I've led and how my soul's been aching all the holes where I have bled... My image spoke to me, yes to me and often said, 'You are the son of incestuous union!'" -- Nimrod's Son from Surfer Rosa and Come On Pilgrim by The Pixies Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
On Fri, 2003-11-14 at 22:17, Bill wrote: > hmmm kinda weird. Here is the results of some nslookup stuff > > [EMAIL PROTECTED] beau]$ nslookup qualxserv.net > Note: nslookup is deprecated and may be removed from future releases. > Consider using the `dig' or `host' programs instead. Run nslookup with > the `-sil[ent]' option to prevent this message from appearing. > Server: 66.47.48.51 > Address:66.47.48.51#53 > > Non-authoritative answer: > *** Can't find qualxserv.net: No answer > > > [EMAIL PROTECTED] beau]$ nslookup qualxserv.com > Note: nslookup is deprecated and may be removed from future releases. > Consider using the `dig' or `host' programs instead. Run nslookup with > the `-sil[ent]' option to prevent this message from appearing. > Server: 66.47.48.51 > Address:66.47.48.51#53 > > Non-authoritative answer: > Name: qualxserv.com > Address: 65.246.197.37 > > [EMAIL PROTECTED] beau]$ nslookup > Note: nslookup is deprecated and may be removed from future releases. > Consider using the `dig' or `host' programs instead. Run nslookup with > the `-sil[ent]' option to prevent this message from appearing. > > set type=mx > > qualxserv.net > Server: 66.47.48.51 > Address:66.47.48.51#53 > > Non-authoritative answer: > qualxserv.net mail exchanger = 10 ns1.qualxserv.com. > qualxserv.net mail exchanger = 10 qxssmtp3.qualxserv.com. > > Authoritative answers can be found from: > qualxserv.net nameserver = ns3.qualxserv.net. > qualxserv.net nameserver = ns1.qualxserv.com. > qualxserv.net nameserver = ns2.qualxserv.com. > ns1.qualxserv.com internet address = 65.246.197.32 > ns2.qualxserv.com internet address = 65.246.197.33 > > [EMAIL PROTECTED] beau]$ telnet ns1.qualxserv.net 25 > Trying 65.246.197.32... > Connected to ns1.qualxserv.com (65.246.197.32). > Escape character is '^]'. > 220 qxsdns1.qualxserve.com ESMTP Server (Microsoft Exchange Internet Mail > Service 5.5.2650.21) ready > > > There is the answer. Previously they were using qxssmtp2.qualxserv.com. as > there mail server for .com now for .net they are using ns1.qualxserv.com and > qxssmtp3.qualxserv.com. so its just a forward to there working .com email > servers. > > if we do a mx record lookup for .com we get qxssmtp2.qualxserv.com. that > server is not answering for port 25 stuff. Interestingly enough they have the > same number assigned to there email servers which is 10 I thought that was a > no no. > > Man I have been outa the internet systems stuff for two years now and can > still do this stuff. Im so far out of the loop now seeing how I just got my > trucking drivers license (class a) with all endorsements to look for work in > the trucking industry. I gave up on the computer industry. Hey I just learned something! Could you explain the '10' thing to me? I drive a tow truck for AAA during my down-time between jobs. I don't have the cdl stuff, but there seems to be plenty of cars running into each other to stay busy :) -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< 49. Oops! (said in a quiet, almost surprised voice) --Top 100 things you don't want the sysadmin to say Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
hmmm kinda weird. Here is the results of some nslookup stuff [EMAIL PROTECTED] beau]$ nslookup qualxserv.net Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 66.47.48.51 Address:66.47.48.51#53 Non-authoritative answer: *** Can't find qualxserv.net: No answer [EMAIL PROTECTED] beau]$ nslookup qualxserv.com Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 66.47.48.51 Address:66.47.48.51#53 Non-authoritative answer: Name: qualxserv.com Address: 65.246.197.37 [EMAIL PROTECTED] beau]$ nslookup Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. > set type=mx > qualxserv.net Server: 66.47.48.51 Address:66.47.48.51#53 Non-authoritative answer: qualxserv.net mail exchanger = 10 ns1.qualxserv.com. qualxserv.net mail exchanger = 10 qxssmtp3.qualxserv.com. Authoritative answers can be found from: qualxserv.net nameserver = ns3.qualxserv.net. qualxserv.net nameserver = ns1.qualxserv.com. qualxserv.net nameserver = ns2.qualxserv.com. ns1.qualxserv.com internet address = 65.246.197.32 ns2.qualxserv.com internet address = 65.246.197.33 [EMAIL PROTECTED] beau]$ telnet ns1.qualxserv.net 25 Trying 65.246.197.32... Connected to ns1.qualxserv.com (65.246.197.32). Escape character is '^]'. 220 qxsdns1.qualxserve.com ESMTP Server (Microsoft Exchange Internet Mail Service 5.5.2650.21) ready There is the answer. Previously they were using qxssmtp2.qualxserv.com. as there mail server for .com now for .net they are using ns1.qualxserv.com and qxssmtp3.qualxserv.com. so its just a forward to there working .com email servers. if we do a mx record lookup for .com we get qxssmtp2.qualxserv.com. that server is not answering for port 25 stuff. Interestingly enough they have the same number assigned to there email servers which is 10 I thought that was a no no. Man I have been outa the internet systems stuff for two years now and can still do this stuff. Im so far out of the loop now seeing how I just got my trucking drivers license (class a) with all endorsements to look for work in the trucking industry. I gave up on the computer industry. On Star Date Friday 14 November 2003 06:39 pm, Michael Holt sent this sub-space message. > Well, I just wanted to give an update to the postfix prob. > The fix? I just found out that this company just switched their email > server from '.com' to '.net'. I don't know what they're doing, cause > they still have the '.com' server up and running. It must have been > some kind of redirect / relay because I still can't get through if I use > the '.com' address from evolution, but I am able to get through if I > email to the '.net' address. They definitely have something weird going > on but at least I know I'm not _completely_ incompetent. Weird... > > Anyway, thanks Jack, Bill and Pierre! Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers (update)
Well, I just wanted to give an update to the postfix prob. The fix? I just found out that this company just switched their email server from '.com' to '.net'. I don't know what they're doing, cause they still have the '.com' server up and running. It must have been some kind of redirect / relay because I still can't get through if I use the '.com' address from evolution, but I am able to get through if I email to the '.net' address. They definitely have something weird going on but at least I know I'm not _completely_ incompetent. Weird... Anyway, thanks Jack, Bill and Pierre! -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #235: The new frame relay network hasn't bedded down the software loop transmitter yet. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Fri, 2003-11-14 at 06:16, Bill Mullen wrote: > On Thu, 13 Nov 2003, Michael Holt wrote: > > > On Thu, 2003-11-13 at 18:00, Pierre Fortin wrote: > > > > > > Consider coding it simply: > > > > myhostname = holt-tech.net > > > > Ok, now the question becomes, why am I using my domain name instead of > > my host name where it asks for my host name? > > >From my previous message in this thread: > > ] Bear in mind that the "myhostname =" setting in main.cf doesn't need to > ] bear even the slightest resemblance to what your system actually calls > ] itself; it is the string that is sent whenever Postfix identifies the > ] system on which it is running to other systems (both clients and > ] servers). > ] As such, the value of this setting *will* have an impact on whether or > ] not mail is accepted from you by some servers, as it is sent in the > ] HELO/EHLO statement when Postfix initiates a connection as a client. > > It is not "asking for your hostname" - it is asking you to *set* what > hostname you want it to send to other systems. > > You want to use one that will resolve in at least one direction, which is > why "holt-tech.net" is needed here, and why your ISP-given hostname is > even more preferable (as the latter resolves in *both* directions). > > There is nothing wrong with using the same value for the $myhostname, > $mydomain and $myorigin variables, in case you're wondering. Ahh, that makes sense now -- thank you for clearing that up. I really had no idea that there was so much possible tweaking to make all this work. -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #221: The mainframe needs to rest. It's getting old, you know. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 13 Nov 2003, Michael Holt wrote: > On Thu, 2003-11-13 at 18:00, Pierre Fortin wrote: > > > > Consider coding it simply: > > > myhostname = holt-tech.net > > Ok, now the question becomes, why am I using my domain name instead of > my host name where it asks for my host name? >From my previous message in this thread: ] Bear in mind that the "myhostname =" setting in main.cf doesn't need to ] bear even the slightest resemblance to what your system actually calls ] itself; it is the string that is sent whenever Postfix identifies the ] system on which it is running to other systems (both clients and ] servers). ] As such, the value of this setting *will* have an impact on whether or ] not mail is accepted from you by some servers, as it is sent in the ] HELO/EHLO statement when Postfix initiates a connection as a client. It is not "asking for your hostname" - it is asking you to *set* what hostname you want it to send to other systems. You want to use one that will resolve in at least one direction, which is why "holt-tech.net" is needed here, and why your ISP-given hostname is even more preferable (as the latter resolves in *both* directions). There is nothing wrong with using the same value for the $myhostname, $mydomain and $myorigin variables, in case you're wondering. -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 19:05, Bill Mullen wrote: > On Thu, 13 Nov 2003, Michael Holt wrote: > > > I added my client machine to /var/spool/postfix/etc/hosts and added the > > above to main.cf then I sent a message to my boss from the client > > machine to see what happens. I'm not sure when I'll hear back, so I'm > > just going to wait a bit and see. I want to wait to make any more > > changes to see if this has any effect. > > You did either restart or reload Postfix after making the changes, right? > > If not, the main.cf change won't take effect until you do. Si Senor! -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< 70. Hmm, maybe if I do this... --Top 100 things you don't want the sysadmin to say Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 18:57, James Sparenberg wrote: > 3 people are in a car. An Electrical Engineer, A Windows programmer, > and a Mechanical Engineer. They are trying to get a car to re-start > after it dies. The Electrical Engineer is under the hood testing the > wiring, the Mechanical Engineer is under the car Checking out if the > measurements are matching the blueprints. The Programmer is opening and > closing windows, and a kid who is riding by on his Bike suggests putting > gas in the tank. > > James :) I like that -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #10: hardware stress fractures Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 18:53, Bill Mullen wrote: > On Thu, 13 Nov 2003, Pierre Fortin wrote: > > > On Thu, 13 Nov 2003 17:41:55 -0800 Michael Holt <[EMAIL PROTECTED]> > > wrote: > > > > Consider coding it simply: > > > myhostname = holt-tech.net > > Exactly. Using "earth.holt-tech.net" gives no benefit, because that name > does not resolve, while "holt-tech.net" alone *does* (forward, at least). Ok, too late, I already hit 'send' on my last before reading this one. Why would this tag be in the conf file if it wants domain name? -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #22: monitor resolution too high Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 18:00, Pierre Fortin wrote: > On Thu, 13 Nov 2003 17:41:55 -0800 Michael Holt <[EMAIL PROTECTED]> > wrote: > > Consider coding it simply: > > myhostname = holt-tech.net Ok, now the question becomes, why am I using my domain name instead of my host name where it asks for my host name? TIA -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< 34. What is all this I here about static charges destroying computers? --Top 100 things you don't want the sysadmin to say Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 13 Nov 2003, Michael Holt wrote: > I added my client machine to /var/spool/postfix/etc/hosts and added the > above to main.cf then I sent a message to my boss from the client > machine to see what happens. I'm not sure when I'll hear back, so I'm > just going to wait a bit and see. I want to wait to make any more > changes to see if this has any effect. You did either restart or reload Postfix after making the changes, right? If not, the main.cf change won't take effect until you do. -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 10:23, Jack Coates wrote: > On Thu, 2003-11-13 at 09:56, Michael Holt wrote: > > On Thu, 2003-11-13 at 06:47, Jack Coates wrote: > > > > > you assume that they know what they're doing... many people in the IT > > > world don't. > > > > LOL > > I'm working on the 'NMCI' project in Bremerton, WA right now - the > > 'Naval Marine Corps Intranet'. I believe that there are a few really > > sharp people doing the engineering, but each day my bubble gets a little > > more crushed realizing how true your statement is. > > I just assumed that the people I went to work with new more than I and > > were all professionals... > > Yeah, nothing like interviewing job candidates to burst that bubble :-) > There are some very good people out there, but the dangerous ones are > the ones that know just enough to do things but don't know enough to > realize that they shouldn't do that thing. The one I love to find is the guy/gal who says " I don't know but I know where I can find out". Second hardest thing to teach people. Don't find out why it happened first. Find out what happened, what should happen, and how to fix it. Amazing when you do that the why kinda finds itself. Kinda like this one. 3 people are in a car. An Electrical Engineer, A Windows programmer, and a Mechanical Engineer. They are trying to get a car to re-start after it dies. The Electrical Engineer is under the hood testing the wiring, the Mechanical Engineer is under the car Checking out if the measurements are matching the blueprints. The Programmer is opening and closing windows, and a kid who is riding by on his Bike suggests putting gas in the tank. James Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 13 Nov 2003, Pierre Fortin wrote: > On Thu, 13 Nov 2003 17:41:55 -0800 Michael Holt <[EMAIL PROTECTED]> > wrote: > > Consider coding it simply: > > myhostname = holt-tech.net Exactly. Using "earth.holt-tech.net" gives no benefit, because that name does not resolve, while "holt-tech.net" alone *does* (forward, at least). -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 13 Nov 2003 17:41:55 -0800 Michael Holt <[EMAIL PROTECTED]> wrote: Consider coding it simply: > myhostname = holt-tech.net Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 14:22, Jack Coates wrote: > if the address is in a DHCP pool assigned for home users, more and more > servers out there will block direct SMTP connections from it; only > relaying through the ISP's server will work in this case. This is what I was first thinking; but I'm able to use the webmail from behind my firewall - that's still a direct connection. It seems like rDNS would have to be the culprit. I guess I'll have to wait a bit and see if I get a message back from my boss. -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< 38. OH, CRUD! (as they scrabble at the keyboard for ^c). --Top 100 things you don't want the sysadmin to say Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 14:06, Bill Mullen wrote: > Unless, of course, the only one giving you fits is your boss', which we > have already established is hosed in some bizarre fashion ... but > having Postfix use a more valid hostname may fix that situation, too, even > though that doesn't fully explain that server's rather eccentric behavior. Ok, here's my new postconf: mydestination = $myhostname, localhost.$mydomain $mydomain, earth.$mydomain mydomain = holt-tech.net myhostname = earth.holt-tech.net mynetworks = 192.168.0.0/24, 127.0.0.0/24 myorigin = holt-tech.net I added my client machine to /var/spool/postfix/etc/hosts and added the above to main.cf then I sent a message to my boss from the client machine to see what happens. I'm not sure when I'll hear back, so I'm just going to wait a bit and see. I want to wait to make any more changes to see if this has any effect. > HTH! That's great! Thanks again! -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #373: Suspicious pointer corrupted virtual machine Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 13 Nov 2003, Jack Coates wrote: > On Thu, 2003-11-13 at 14:49, Bill Mullen wrote: > ... > > Quite true, and one's best recourse in that situation is using the > > ISP's server as a relay, at least for the problem domains (I have to > > do that with a few). OTOH, that isn't what's happening to Michael, as > > his Postfix *can* send direct to the problem server(s), but only with > > certain clients having originated the message and given it to Postfix > > for delivery. > > > > Strange, isn't it? > > I wonder if it's triggering a oversensitive spam or virus checker by > having odd headers... I've just been messing with a CGI interface to > Spam Assassin, you can change a score from 6 to 8 just by using \r\n > line endings instead of \n and inserting spaces between Name and > in the To and From headers... Interesting, I didn't know that about SA. That's possible, I suppose - we haven't seen the full headers on any of these messages, just portions thereof ... OTOH, if it's only his boss' server that's doing the rejecting, *it* probably isn't seeing them either, because it won't let the delivery process get that far! ;) Then again, if it's his boss' server, $DEITY only knows why it is willing to listen to his Postfix box long enough to accept mail from it at all, when neither you nor I can even get it to listen to our telnet attempts long enough for us to say EHLO to it ... :( It's no wonder that the single most likely place to run into a sysadmin outside of the office is down at the local pub, eh? :) -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 14:49, Bill Mullen wrote: ... > Quite true, and one's best recourse in that situation is using the ISP's > server as a relay, at least for the problem domains (I have to do that > with a few). OTOH, that isn't what's happening to Michael, as his Postfix > *can* send direct to the problem server(s), but only with certain clients > having originated the message and given it to Postfix for delivery. > > Strange, isn't it? I wonder if it's triggering a oversensitive spam or virus checker by having odd headers... I've just been messing with a CGI interface to Spam Assassin, you can change a score from 6 to 8 just by using \r\n line endings instead of \n and inserting spaces between Name and in the To and From headers... -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 13 Nov 2003, Jack Coates wrote: > On Thu, 2003-11-13 at 14:06, Bill Mullen wrote: > > > Okay, I think you should at least change the "myhostname =" line, > > found in the /etc/postfix/main.cf file. Having the short hostname of > > your Postfix box here does you no good, as it is of utterly no use to > > the destination system. OTOH, if you changed it to "holt-tech.net", > > then at least the name resolves in one direction (forward), and agrees > > with the hostname in your MX record for the domain. It would still > > fail an rDNS check, though, if that check doesn't merely look for > > whether an rDNS entry exists, but goes further to insist that it match > > the stated hostname (which it won't). :( > > Luckily that's a pretty rare test as few ISPs or hosting companies will > make changes in rDNS for their customers. Lots of legit mail is blocked > when that test is used and eventually someone with some authority slaps > the wrist of the fool admin, who goes and sulks about how their clueless > management won't let them fight spam :-) Yes, that is taking spam fighting to an extreme that breaks the acceptance of much perfectly valid mail. Throwing the baby out with the bathwater, as it were. :) Checking for the mere existence of an rDNS entry ought to be sufficient, IMHO, as that allows the recipient to identify the sending system to a reasonable degree of certainy. You don't need more than that, really. > > Bear in mind that the "myhostname =" setting in main.cf doesn't need > > to bear even the slightest resemblance to what your system actually > > calls itself; it is the string that is sent whenever Postfix > > identifies the system on which it is running to other systems (both > > clients and servers). As such, the value of this setting *will* have > > an impact on whether or not mail is accepted from you by some servers, > > as it is sent in the HELO/EHLO statement when Postfix initiates a > > connection as a client. > > > > If your external hostname (the one supplied you by your ISP, and > > currently "evrtwa1-ar17-4-35-151-034.evrtwa1.dsl-verizon.net") remains > > constant or nearly so, then *that* is the ideal string to put into > > main.cf as your "myhostname =" value, because then your name resolves > > in both directions. If you can do this, it mitigates a lot of problems > > of this variety. The mere fact that the hostname is obviously tied to > > the IP address should not be a deal-breaker in and of itself, even if > > you use DHCP, as many cable and DSL setups that use DHCP in fact > > change the IP address very rarely. > > if the address is in a DHCP pool assigned for home users, more and more > servers out there will block direct SMTP connections from it; only > relaying through the ISP's server will work in this case. Quite true, and one's best recourse in that situation is using the ISP's server as a relay, at least for the problem domains (I have to do that with a few). OTOH, that isn't what's happening to Michael, as his Postfix *can* send direct to the problem server(s), but only with certain clients having originated the message and given it to Postfix for delivery. Strange, isn't it? -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 14:06, Bill Mullen wrote: > On Thu, 13 Nov 2003, Michael Holt wrote: > > > On Thu, 2003-11-13 at 08:26, Bill Mullen wrote: > > > > > Including the output of "postconf -n", run on the Postfix box, might > > > be helpful also, as would the re-inclusion of the two sets of headers; > > > all that matters is the last couple of "Received:" headers from each > > > message, as those will be the ones that pertain to your sending > > > system(s). > > > > postconf -n > > > [snip] > > mydestination = $myhostname, localhost.$mydomain $mydomain > > mydomain = holt-tech.net > > myhostname = earth > > mynetworks = 192.168.0.0/24, 127.0.0.0/24 > > myorigin = holt-tech.net > [snip] > > Okay, I think you should at least change the "myhostname =" line, found in > the /etc/postfix/main.cf file. Having the short hostname of your Postfix > box here does you no good, as it is of utterly no use to the destination > system. OTOH, if you changed it to "holt-tech.net", then at least the name > resolves in one direction (forward), and agrees with the hostname in your > MX record for the domain. It would still fail an rDNS check, though, if > that check doesn't merely look for whether an rDNS entry exists, but goes > further to insist that it match the stated hostname (which it won't). :( Luckily that's a pretty rare test as few ISPs or hosting companies will make changes in rDNS for their customers. Lots of legit mail is blocked when that test is used and eventually someone with some authority slaps the wrist of the fool admin, who goes and sulks about how their clueless management won't let them fight spam :-) > > Bear in mind that the "myhostname =" setting in main.cf doesn't need to > bear even the slightest resemblance to what your system actually calls > itself; it is the string that is sent whenever Postfix identifies the > system on which it is running to other systems (both clients and servers). > As such, the value of this setting *will* have an impact on whether or not > mail is accepted from you by some servers, as it is sent in the HELO/EHLO > statement when Postfix initiates a connection as a client. > > If your external hostname (the one supplied you by your ISP, and currently > "evrtwa1-ar17-4-35-151-034.evrtwa1.dsl-verizon.net") remains constant or > nearly so, then *that* is the ideal string to put into main.cf as your > "myhostname =" value, because then your name resolves in both directions. > If you can do this, it mitigates a lot of problems of this variety. The > mere fact that the hostname is obviously tied to the IP address should not > be a deal-breaker in and of itself, even if you use DHCP, as many cable > and DSL setups that use DHCP in fact change the IP address very rarely. > if the address is in a DHCP pool assigned for home users, more and more servers out there will block direct SMTP connections from it; only relaying through the ISP's server will work in this case. > One could even cobble together a script that determines the current "real" > hostname, rewrites main.cf to reflect the change, and reloads Postfix, and > then set that script to run after every IP address change (both dhcpcd and > dhclient can be configured for this, and if you use a router, you could > instead run the script as a cron job to test for such a change, then do > its thing if one has occurred). If your IP address changes often, that > hack might allow you to still use your system's "real" name in main.cf. > > Note: if you change "myhostname =" in main.cf, be sure to append the > string ", earth.$mydomain" to the "mydestination =" line, so that Postfix > continues to be aware that the box sometimes goes by that name as well. > > > Here was my config.php: > > > > $useSendmail = false; > > $smtpServerAddress = '192.168.0.3'; > > $smtpPort = 25; > > $sendmail_path = '/usr/sbin/sendmail'; > > $use_authenticated_smtp = false; > > > > I changed the ip address to 'localhost' and I haven't changed the > > 'useSendmail' option. > > No problem, it's just talking SMTP directly to port 25, rather than > invoking the sendmail pseudo-app. No need to change anything else here. > > > Yes, the postfix server and the squirrel server reside on the same box > > (as does most everything else). > > Okay, and I gather that the Evolution box is a different one, but also on > the same LAN with the server system. > > > Here are the relevant headers: > > > > Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by > > mta130.mail.sc5.yahoo.com with SMTP; Wed, 12 Nov 2003 12:14:06 -0800 > > Received: from www.holt-tech.net (unknown > > [server.internal.ip.address]) by servername (Postfix) with SMTP id > > 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 > > (EST) > > Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net > > ([4.35.151.34]) (SquirrelMail authenticated user michael) by > > server.internal.ip.address with HTTP; Wed, 12 Nov 2003 12:16
Re: [expert] postfix headers
On Thu, 13 Nov 2003, Michael Holt wrote: > On Thu, 2003-11-13 at 08:26, Bill Mullen wrote: > > > Including the output of "postconf -n", run on the Postfix box, might > > be helpful also, as would the re-inclusion of the two sets of headers; > > all that matters is the last couple of "Received:" headers from each > > message, as those will be the ones that pertain to your sending > > system(s). > > postconf -n > [snip] > mydestination = $myhostname, localhost.$mydomain $mydomain > mydomain = holt-tech.net > myhostname = earth > mynetworks = 192.168.0.0/24, 127.0.0.0/24 > myorigin = holt-tech.net [snip] Okay, I think you should at least change the "myhostname =" line, found in the /etc/postfix/main.cf file. Having the short hostname of your Postfix box here does you no good, as it is of utterly no use to the destination system. OTOH, if you changed it to "holt-tech.net", then at least the name resolves in one direction (forward), and agrees with the hostname in your MX record for the domain. It would still fail an rDNS check, though, if that check doesn't merely look for whether an rDNS entry exists, but goes further to insist that it match the stated hostname (which it won't). :( Bear in mind that the "myhostname =" setting in main.cf doesn't need to bear even the slightest resemblance to what your system actually calls itself; it is the string that is sent whenever Postfix identifies the system on which it is running to other systems (both clients and servers). As such, the value of this setting *will* have an impact on whether or not mail is accepted from you by some servers, as it is sent in the HELO/EHLO statement when Postfix initiates a connection as a client. If your external hostname (the one supplied you by your ISP, and currently "evrtwa1-ar17-4-35-151-034.evrtwa1.dsl-verizon.net") remains constant or nearly so, then *that* is the ideal string to put into main.cf as your "myhostname =" value, because then your name resolves in both directions. If you can do this, it mitigates a lot of problems of this variety. The mere fact that the hostname is obviously tied to the IP address should not be a deal-breaker in and of itself, even if you use DHCP, as many cable and DSL setups that use DHCP in fact change the IP address very rarely. One could even cobble together a script that determines the current "real" hostname, rewrites main.cf to reflect the change, and reloads Postfix, and then set that script to run after every IP address change (both dhcpcd and dhclient can be configured for this, and if you use a router, you could instead run the script as a cron job to test for such a change, then do its thing if one has occurred). If your IP address changes often, that hack might allow you to still use your system's "real" name in main.cf. Note: if you change "myhostname =" in main.cf, be sure to append the string ", earth.$mydomain" to the "mydestination =" line, so that Postfix continues to be aware that the box sometimes goes by that name as well. > Here was my config.php: > > $useSendmail = false; > $smtpServerAddress = '192.168.0.3'; > $smtpPort = 25; > $sendmail_path = '/usr/sbin/sendmail'; > $use_authenticated_smtp = false; > > I changed the ip address to 'localhost' and I haven't changed the > 'useSendmail' option. No problem, it's just talking SMTP directly to port 25, rather than invoking the sendmail pseudo-app. No need to change anything else here. > Yes, the postfix server and the squirrel server reside on the same box > (as does most everything else). Okay, and I gather that the Evolution box is a different one, but also on the same LAN with the server system. > Here are the relevant headers: > > Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by > mta130.mail.sc5.yahoo.com with SMTP; Wed, 12 Nov 2003 12:14:06 -0800 > Received: from www.holt-tech.net (unknown > [server.internal.ip.address]) by servername (Postfix) with SMTP id > 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 > (EST) > Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net > ([4.35.151.34]) (SquirrelMail authenticated user michael) by > server.internal.ip.address with HTTP; Wed, 12 Nov 2003 12:16:15 -0800 > (PST) > > > > Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by > mta156.mail.scd.yahoo.com with SMTP; Wed, 12 Nov 2003 12:00:02 -0800 > Received: from machinename (unknown [host.internal.ip]) by > servername (Postfix) with ESMTP id 0606E205CFC for > <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:02:11 -0500 (EST) You should be able to get rid of the "unknown" bit in the latter set of headers by putting an entry into the /var/spool/postfix/etc/hosts file on the Postfix box that identifies the Evo system ("machinename") by tying its internal IP address to its hostname. It would need to be here, as Postfix runs chrooted (in its default MDK confi
Re: [expert] postfix headers
On Thu, 2003-11-13 at 10:23, Jack Coates wrote: > Yeah, nothing like interviewing job candidates to burst that bubble :-) > There are some very good people out there, but the dangerous ones are > the ones that know just enough to do things but don't know enough to > realize that they shouldn't do that thing. LOL, no kidding :) -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #10: hardware stress fractures Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 08:26, Bill Mullen wrote: > But there is no such thing as "an email packet," per se - all "vanilla" > SMTP transactions are conducted in plain text. This is why telnet is so > useful as a method to test SMTP servers, because with it you can mimic > what an SMTP client sends *exactly* in all respects. There is AFAIK no way > for an SMTP server to tell whether it is talking to an SMTP client or a > human using telnet (except possibly an absurdly short timeout, enforced > between the first character of a line and the last - as humans type very > slowly, from machines' point of view - but given the lags on the WAN, such > an arrangement would cut off many machines as well, I'd expect). Yeah, I'm starting to get that. I was reading the smtp rfc and it would seem that one could send all the same commands via telnet. I guess it just seemed like it should be more complicated than that. > > and then with all the recent problems with ddos attacks and virii, etc, > > I would think that they *would* want to seriously filter the headers > > that come in. > > Yes, but it never gets far enough along in the process to allow you to > send it any headers. As has been said, that server appears to be broken. > > > But you guys are saying that the headers on my email - no matter which > > machine I'm sending from - are absolutely normal? Nobody would or could > > do it differently? > > Well, let's not go that far ... :) Darn! :) > I don't have your original post with the two sets of headers in it handy, > but IIRC the SquirrelMail headers identified the sending machine using a > FQDN (and, moreover, one which had a valid rDNS entry), and the Evolution > headers did not. That is a significant difference, and one that *will* > matter to some SMTP servers, when they are deciding whether or not to > accept the mail. It doesn't explain the odd behavior of your boss' system > (as that system never even sees those headers), but it may pose a problem > when sending mail to some other sites. > > I'd say to begin by checking your SquirrelMail config file, located at > /var/www/squirrelmail/config/config.php (if you are using the MDK RPM > version of SquirrelMail), to ensure that you are using the same instance > of Postfix for both methods. If we can rule out a difference in SMTP > servers used, we can narrow the problem down considerably. Here's mine: > > $useSendmail = true; > $smtpServerAddress = 'localhost'; > $smtpPort = 25; > $sendmail_path = '/usr/sbin/sendmail'; > $use_authenticated_smtp = false; > > In my case, both SquirrelMail and Postfix are running on the same box. > That may not be the case in your setup, but what's important here is that > wherever Postix is running, both SquirrelMail and Evolution are using the > same server to send through. I suspect that that's not true here, as that > would be the simplest explanation for the differing headers. > > Including the output of "postconf -n", run on the Postfix box, might be > helpful also, as would the re-inclusion of the two sets of headers; all > that matters is the last couple of "Received:" headers from each message, > as those will be the ones that pertain to your sending system(s). postconf -n alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib/postfix debug_peer_level = 2 default_privs = nobody delay_warning_time = 4 mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/bin/procmail -Y -a $DOMAIN mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain $mydomain mydomain = holt-tech.net myhostname = earth mynetworks = 192.168.0.0/24, 127.0.0.0/24 myorigin = holt-tech.net newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-1.1.11/README_FILES sample_directory = /usr/share/doc/postfix-1.1.11/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mandrake Linux) Here was my config.php: $useSendmail = false; $smtpServerAddress = '192.168.0.3'; $smtpPort = 25; $sendmail_path = '/usr/sbin/sendmail'; $use_authenticated_smtp = false; I changed the ip address to 'localhost' and I haven't changed the 'useSendmail' option. Yes, the postfix server and the squirrel server reside on the same box (as does most everything else). Here are the relevant headers: Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by mta130.mail.sc5.yahoo.com with SMTP; Wed, 12 Nov 2003 12:14:06 -0800 Received: from www.holt-tech.net (unknown [server.internal.ip.address]) by servername (Postfix) with SMTP id 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 (EST) Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net ([4.35.151.34]) (Squirre
Re: [expert] postfix headers
On Thu, 2003-11-13 at 10:26, Michael Holt wrote: > On Thu, 2003-11-13 at 06:51, Jack Coates wrote: > > > Cisco routers are actually very dumb. If the router or a regular > > firewall is blocking the mail, then the three way TCP handshake will > > never complete. If a proxy-using firewall (Raptor or the so-called > > "security servers" in PIX and Check Point (so-called because the number > > one source of security holes on those firewalls)) is in use, it will > > accept enough headers to make a decision on. > > > > Dropping the connection right after 220 for servers that aren't on any > > BL is broken behavior. > > Ok, in reading the rfc 2821, I come to these relevant lines: > > "The SMTP client MUST, if possible, ensure that the domain parameter to > the EHLO command is a valid principal host name (not a CNAME or MX name) > for its host. If this is not possible (e.g., when the client's address > is dynamically assigned and the client does not have an obvious name), > an address literal SHOULD be substituted for the domain name and > supplemental information provided that will assist in identifying the > client." > > In my original post, I included my headers. They show that the webmail > header came with my verizon dsl id: > > Received: from www.holt-tech.net (unknown > [server.internal.ip.address]) by servername (Postfix) with SMTP id > 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 > (EST) > Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net > ([4.35.151.34]) (SquirrelMail authenticated user michael) by > server.internal.ip.address with HTTP; Wed, 12 Nov 2003 12:16:15 -0800 > (PST) > > Notice the second "received" line "evrtwa1-blah-blah". Could that > string be what allows me to connect to their server? Short of that, I'm > at a loss as to what else could be dropping me. When I use the client > machines, that line becomes whatever machine name I'm at along with it's > internal ip. that could be it, but you'll have to use ethereal or tcpdump or something to watch the session and see if you're even able to send a EHLO/HELO statement; I was never able to get that far. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 06:56, Jack Coates wrote: > I'd stop by the sysadmin's desk on the way to the coffee pot and ask > her/him, assuming it's the kind of place you can walk around in. > > Failing that, an off-hand comment about how their email system doesn't > seem to accept mail from your home address and see if they'll introduce > you to the sysadmin. Point of contact may not need to know that it's > widely broken, the sysadmin can help them to that knowledge. I'm on a remote site :'( but I think I'm just going to email them and see if I can bug them about it - sometimes innocent ignorance has an appeal :) -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #251: Processes running slowly due to weak power supply Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 06:51, Jack Coates wrote: > Cisco routers are actually very dumb. If the router or a regular > firewall is blocking the mail, then the three way TCP handshake will > never complete. If a proxy-using firewall (Raptor or the so-called > "security servers" in PIX and Check Point (so-called because the number > one source of security holes on those firewalls)) is in use, it will > accept enough headers to make a decision on. > > Dropping the connection right after 220 for servers that aren't on any > BL is broken behavior. Ok, in reading the rfc 2821, I come to these relevant lines: "The SMTP client MUST, if possible, ensure that the domain parameter to the EHLO command is a valid principal host name (not a CNAME or MX name) for its host. If this is not possible (e.g., when the client's address is dynamically assigned and the client does not have an obvious name), an address literal SHOULD be substituted for the domain name and supplemental information provided that will assist in identifying the client." In my original post, I included my headers. They show that the webmail header came with my verizon dsl id: Received: from www.holt-tech.net (unknown [server.internal.ip.address]) by servername (Postfix) with SMTP id 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 (EST) Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net ([4.35.151.34]) (SquirrelMail authenticated user michael) by server.internal.ip.address with HTTP; Wed, 12 Nov 2003 12:16:15 -0800 (PST) Notice the second "received" line "evrtwa1-blah-blah". Could that string be what allows me to connect to their server? Short of that, I'm at a loss as to what else could be dropping me. When I use the client machines, that line becomes whatever machine name I'm at along with it's internal ip. -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #257: That would be because the software doesn't work. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 09:56, Michael Holt wrote: > On Thu, 2003-11-13 at 06:47, Jack Coates wrote: > > > you assume that they know what they're doing... many people in the IT > > world don't. > > LOL > I'm working on the 'NMCI' project in Bremerton, WA right now - the > 'Naval Marine Corps Intranet'. I believe that there are a few really > sharp people doing the engineering, but each day my bubble gets a little > more crushed realizing how true your statement is. > I just assumed that the people I went to work with new more than I and > were all professionals... Yeah, nothing like interviewing job candidates to burst that bubble :-) There are some very good people out there, but the dangerous ones are the ones that know just enough to do things but don't know enough to realize that they shouldn't do that thing. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Thu, 2003-11-13 at 06:47, Jack Coates wrote: > you assume that they know what they're doing... many people in the IT > world don't. LOL I'm working on the 'NMCI' project in Bremerton, WA right now - the 'Naval Marine Corps Intranet'. I believe that there are a few really sharp people doing the engineering, but each day my bubble gets a little more crushed realizing how true your statement is. I just assumed that the people I went to work with new more than I and were all professionals... -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #152: My pony-tail hit the on/off switch on the power strip. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 12 Nov 2003, Michael Holt wrote: > I haven't done any playing with cisco routers, but I would imagine that > the ios is smart enough to drop anything except an email packet at port > 25 But there is no such thing as "an email packet," per se - all "vanilla" SMTP transactions are conducted in plain text. This is why telnet is so useful as a method to test SMTP servers, because with it you can mimic what an SMTP client sends *exactly* in all respects. There is AFAIK no way for an SMTP server to tell whether it is talking to an SMTP client or a human using telnet (except possibly an absurdly short timeout, enforced between the first character of a line and the last - as humans type very slowly, from machines' point of view - but given the lags on the WAN, such an arrangement would cut off many machines as well, I'd expect). > and then with all the recent problems with ddos attacks and virii, etc, > I would think that they *would* want to seriously filter the headers > that come in. Yes, but it never gets far enough along in the process to allow you to send it any headers. As has been said, that server appears to be broken. > But you guys are saying that the headers on my email - no matter which > machine I'm sending from - are absolutely normal? Nobody would or could > do it differently? Well, let's not go that far ... :) I don't have your original post with the two sets of headers in it handy, but IIRC the SquirrelMail headers identified the sending machine using a FQDN (and, moreover, one which had a valid rDNS entry), and the Evolution headers did not. That is a significant difference, and one that *will* matter to some SMTP servers, when they are deciding whether or not to accept the mail. It doesn't explain the odd behavior of your boss' system (as that system never even sees those headers), but it may pose a problem when sending mail to some other sites. I'd say to begin by checking your SquirrelMail config file, located at /var/www/squirrelmail/config/config.php (if you are using the MDK RPM version of SquirrelMail), to ensure that you are using the same instance of Postfix for both methods. If we can rule out a difference in SMTP servers used, we can narrow the problem down considerably. Here's mine: $useSendmail = true; $smtpServerAddress = 'localhost'; $smtpPort = 25; $sendmail_path = '/usr/sbin/sendmail'; $use_authenticated_smtp = false; In my case, both SquirrelMail and Postfix are running on the same box. That may not be the case in your setup, but what's important here is that wherever Postix is running, both SquirrelMail and Evolution are using the same server to send through. I suspect that that's not true here, as that would be the simplest explanation for the differing headers. Including the output of "postconf -n", run on the Postfix box, might be helpful also, as would the re-inclusion of the two sets of headers; all that matters is the last couple of "Received:" headers from each message, as those will be the ones that pertain to your sending system(s). -- Bill Mullen [EMAIL PROTECTED] MA, USA RLU #270075 MDK 8.1 & 9.0 "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." - Douglas Adams Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 22:59, Michael Holt wrote: > On Wed, 2003-11-12 at 22:56, Bill wrote: > > I dont believe it is a router issue. They could have a acl in place but then > > you wouldnt see the answer from the server it would just block it alltogther. > > I dont remember ever seing a Cisco router checking the header files in emails > > to block a person. I think they may have a timeout issue like mentioned > > before. They may be trying to prevent anyone from trying to run a script to > > get in there box through there email server software. This is the first time > > I have seen an email server not respond the correct way using telent to port > > 25. > > > > In any case it seems to be there problem. I would contact there sys admin and > > see whats up with this issue. Please let us know what the answer is if you > > get one. > > p.s. I do have to tread lightly; I contract for this company and the > person I emailed is my point of contact -- I'm not sure how they will > react if I tell them how hard I've been working to 'figure out' their > system *grin* I'd stop by the sysadmin's desk on the way to the coffee pot and ask her/him, assuming it's the kind of place you can walk around in. Failing that, an off-hand comment about how their email system doesn't seem to accept mail from your home address and see if they'll introduce you to the sysadmin. Point of contact may not need to know that it's widely broken, the sysadmin can help them to that knowledge. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 21:16, Michael Holt wrote: > ...> > > Except they drop connection before he could ever send From.. Maybe > > they've set a ridiculously low timeout or something, but it doesn't act > > like any real world mailserver I've ever seen. > > See, that's the thing. I haven't done any playing with cisco routers, > but I would imagine that the ios is smart enough to drop anything except > an email packet at port 25 and then with all the recent problems with > ddos attacks and virii, etc, I would think that they *would* want to > seriously filter the headers that come in. But you guys are saying that > the headers on my email - no matter which machine I'm sending from - are > absolutely normal? Nobody would or could do it differently? > Cisco routers are actually very dumb. If the router or a regular firewall is blocking the mail, then the three way TCP handshake will never complete. If a proxy-using firewall (Raptor or the so-called "security servers" in PIX and Check Point (so-called because the number one source of security holes on those firewalls)) is in use, it will accept enough headers to make a decision on. Dropping the connection right after 220 for servers that aren't on any BL is broken behavior. > Well thanks everyone for all the info -- I've definitely learned some > stuff (including that I need to do some studying!:) ) -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 21:05, Michael Holt wrote: > ...> > > your setup is probably fine. Theirs is FUBAR'd. No fault of yours. > > Well, it seems to be the general opinion that I can't really do anything > about this situation? It just seems so odd that they would make their > servers *that* inaccessible. > you assume that they know what they're doing... many people in the IT world don't. > > > p.s. thanks for doing all the footwork of hitting their servers, I don't > > > even really know where to begin :) > > > > no problem -- this sort of thing is part of what I do for a living these > > days, and I was really bored at work :-) > > LOL :) Cool. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 22:56, Bill wrote: > I dont believe it is a router issue. They could have a acl in place but then > you wouldnt see the answer from the server it would just block it alltogther. > I dont remember ever seing a Cisco router checking the header files in emails > to block a person. I think they may have a timeout issue like mentioned > before. They may be trying to prevent anyone from trying to run a script to > get in there box through there email server software. This is the first time > I have seen an email server not respond the correct way using telent to port > 25. > > In any case it seems to be there problem. I would contact there sys admin and > see whats up with this issue. Please let us know what the answer is if you > get one. p.s. I do have to tread lightly; I contract for this company and the person I emailed is my point of contact -- I'm not sure how they will react if I tell them how hard I've been working to 'figure out' their system *grin* -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #387: Your computer's union contract is set to expire at midnight. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 22:56, Bill wrote: > I dont believe it is a router issue. They could have a acl in place but then > you wouldnt see the answer from the server it would just block it alltogther. > I dont remember ever seing a Cisco router checking the header files in emails > to block a person. I think they may have a timeout issue like mentioned > before. They may be trying to prevent anyone from trying to run a script to > get in there box through there email server software. This is the first time > I have seen an email server not respond the correct way using telent to port > 25. > > In any case it seems to be there problem. I would contact there sys admin and > see whats up with this issue. Please let us know what the answer is if you > get one. Alrightty then, I'll see what I can find out from them. Hey thanks again everyone, I'll let you know what I come up with. -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #226: A star wars satellite accidently blew up the WAN. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
> > Sympa doesn't always tell us when it /dev/null's a mail. I have > > an email i have sent over a dozen times, but it just doesn't go > > thru, and i get no errors > > > > funny thing is, it sent a copy back to me :-) That's the sympa we know and love... > You guys will probably > get mine in about four days... LOL! -- Mandrake HowTo's & More: http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
I dont believe it is a router issue. They could have a acl in place but then you wouldnt see the answer from the server it would just block it alltogther. I dont remember ever seing a Cisco router checking the header files in emails to block a person. I think they may have a timeout issue like mentioned before. They may be trying to prevent anyone from trying to run a script to get in there box through there email server software. This is the first time I have seen an email server not respond the correct way using telent to port 25. In any case it seems to be there problem. I would contact there sys admin and see whats up with this issue. Please let us know what the answer is if you get one. On Star Date Wednesday 12 November 2003 09:16 pm, Michael Holt sent this sub-space message. > > > > Except they drop connection before he could ever send From.. Maybe > > they've set a ridiculously low timeout or something, but it doesn't act > > like any real world mailserver I've ever seen. > > See, that's the thing. I haven't done any playing with cisco routers, > but I would imagine that the ios is smart enough to drop anything except > an email packet at port 25 and then with all the recent problems with > ddos attacks and virii, etc, I would think that they *would* want to > seriously filter the headers that come in. But you guys are saying that > the headers on my email - no matter which machine I'm sending from - are > absolutely normal? Nobody would or could do it differently? > Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 19:27, Jack Coates wrote: > On Wed, 2003-11-12 at 17:10, Bryan Phinney wrote: > > On Wednesday 12 November 2003 07:18 pm, Michael Holt wrote: > > > > > I'm wondering if they have something set on their server to drop any > > > email that doesn't show an fqdn in the received string. Maybe to keep > > > from getting email from a server that's been taken over as a relay? If > > > this is the case, how would I set postfix so that emails originating > > > from other boxes on my lan would appear to be the server sending them? > > > So that the above headers taken from both webmail and client machines > > > would look identical? > > > > Michael, is it possible that you are using a different "From:" address when > > using Squirrelmail versus when you use Evolution? They may be whitelisting > > based on the From listed as the sender. > > Except they drop connection before he could ever send From.. Maybe > they've set a ridiculously low timeout or something, but it doesn't act > like any real world mailserver I've ever seen. See, that's the thing. I haven't done any playing with cisco routers, but I would imagine that the ios is smart enough to drop anything except an email packet at port 25 and then with all the recent problems with ddos attacks and virii, etc, I would think that they *would* want to seriously filter the headers that come in. But you guys are saying that the headers on my email - no matter which machine I'm sending from - are absolutely normal? Nobody would or could do it differently? Well thanks everyone for all the info -- I've definitely learned some stuff (including that I need to do some studying!:) ) -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #321: Scheduled global CPU outage Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 19:26, Jack Coates wrote: > > Ok, I don't fully understand the term 'whitelisting', but I assume that > > it means only specified senders get in? > right. > > > I'm able to send to any account > > I've ever tried in the past (hotmail, yahoo, my server when using > > squirrelmail), how could this be setup? I've got to be doing something > > wrong, I just don't know what. > > your setup is probably fine. Theirs is FUBAR'd. No fault of yours. Well, it seems to be the general opinion that I can't really do anything about this situation? It just seems so odd that they would make their servers *that* inaccessible. > > p.s. thanks for doing all the footwork of hitting their servers, I don't > > even really know where to begin :) > > no problem -- this sort of thing is part of what I do for a living these > days, and I was really bored at work :-) LOL :) Cool. -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #253: We've run out of licenses Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 17:10, Bryan Phinney wrote: > On Wednesday 12 November 2003 07:18 pm, Michael Holt wrote: > > > I'm wondering if they have something set on their server to drop any > > email that doesn't show an fqdn in the received string. Maybe to keep > > from getting email from a server that's been taken over as a relay? If > > this is the case, how would I set postfix so that emails originating > > from other boxes on my lan would appear to be the server sending them? > > So that the above headers taken from both webmail and client machines > > would look identical? > > Michael, is it possible that you are using a different "From:" address when > using Squirrelmail versus when you use Evolution? They may be whitelisting > based on the From listed as the sender. No - that stuff is all the same. -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #371: Incorrectly configured static routes on the corerouters. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 19:51, Eric Huff wrote: > > Try watching a mail session with ethereal sometime... it's just > > telnet to port 25, though a server is faster and has fewer typos > > than a human. > > > You can send mails though, -- I posted an example of > > how to do it earlier today, with the Dead Kennedies quote, but I > > think it's still floating around in Sympa. > > Sympa doesn't always tell us when it /dev/null's a mail. I have an > email i have sent over a dozen times, but it just doesn't go thru, > and i get no errors > > eric funny thing is, it sent a copy back to me :-) I just assume that no one else got it because two hours later someone else gave a similar answer and continued the thread. You guys will probably get mine in about four days... -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
> Try watching a mail session with ethereal sometime... it's just > telnet to port 25, though a server is faster and has fewer typos > than a human. > You can send mails though, -- I posted an example of > how to do it earlier today, with the Dead Kennedies quote, but I > think it's still floating around in Sympa. Sympa doesn't always tell us when it /dev/null's a mail. I have an email i have sent over a dozen times, but it just doesn't go thru, and i get no errors eric -- Mandrake HowTo's & More: http://twiki.mdklinuxfaq.org Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 17:10, Bryan Phinney wrote: > On Wednesday 12 November 2003 07:18 pm, Michael Holt wrote: > > > I'm wondering if they have something set on their server to drop any > > email that doesn't show an fqdn in the received string. Maybe to keep > > from getting email from a server that's been taken over as a relay? If > > this is the case, how would I set postfix so that emails originating > > from other boxes on my lan would appear to be the server sending them? > > So that the above headers taken from both webmail and client machines > > would look identical? > > Michael, is it possible that you are using a different "From:" address when > using Squirrelmail versus when you use Evolution? They may be whitelisting > based on the From listed as the sender. Except they drop connection before he could ever send From.. Maybe they've set a ridiculously low timeout or something, but it doesn't act like any real world mailserver I've ever seen. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 16:49, Michael Holt wrote: > On Wed, 2003-11-12 at 16:34, Jack Coates wrote: > > > Their server won't accept connections from anything that I have access > > too, and I have access to some pretty high traffic (and legit :-) mail > > servers -- I don't see how they can get mail from any one. They don't > > even give the chance to AUTH. Since that server is the only MX record > > listed in their zone, they're self-blackholed. My guess is they're > > whitelisting, which IMHO is The Beginning Of The End. > > Ok, I don't fully understand the term 'whitelisting', but I assume that > it means only specified senders get in? right. > I'm able to send to any account > I've ever tried in the past (hotmail, yahoo, my server when using > squirrelmail), how could this be setup? I've got to be doing something > wrong, I just don't know what. your setup is probably fine. Theirs is FUBAR'd. No fault of yours. > > p.s. thanks for doing all the footwork of hitting their servers, I don't > even really know where to begin :) no problem -- this sort of thing is part of what I do for a living these days, and I was really bored at work :-) -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wednesday 12 November 2003 07:18 pm, Michael Holt wrote: > I'm wondering if they have something set on their server to drop any > email that doesn't show an fqdn in the received string. Maybe to keep > from getting email from a server that's been taken over as a relay? If > this is the case, how would I set postfix so that emails originating > from other boxes on my lan would appear to be the server sending them? > So that the above headers taken from both webmail and client machines > would look identical? Michael, is it possible that you are using a different "From:" address when using Squirrelmail versus when you use Evolution? They may be whitelisting based on the From listed as the sender. -- Bryan Phinney Software Test Engineer Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
Yeah it looks like they have some issues with mail. There MX record shows > qualxserv.com Server: 66.47.48.51 Address:66.47.48.51#53 Non-authoritative answer: qualxserv.com mail exchanger = 5 qxssmtp2.qualxserv.com. Authoritative answers can be found from: qualxserv.com nameserver = ns1.qualxserv.com. qualxserv.com nameserver = ns2.qualxserv.com. qualxserv.com nameserver = ns3.qualxserv.com. qxssmtp2.qualxserv.com internet address = 65.246.197.34 ns2.qualxserv.com internet address = 65.246.197.33 ns3.qualxserv.com internet address = 65.246.197.151 > trying that ip you get [EMAIL PROTECTED] beau]$ telnet 65.246.197.34 25 Trying 65.246.197.34... Connected to qxssmtp2.qualxserv.com (65.246.197.34). Escape character is '^]'. 521 qxssmtp2.qualxserv.com access denied Connection closed by foreign host. [EMAIL PROTECTED] beau]$ I cant get there either so looks like you may need to call them up and find out why no one can send them mail. On Star Date Wednesday 12 November 2003 04:34 pm, Jack Coates sent this sub-space message. > Their server won't accept connections from anything that I have access > too, and I have access to some pretty high traffic (and legit :-) mail > servers -- I don't see how they can get mail from any one. They don't > even give the chance to AUTH. Since that server is the only MX record > listed in their zone, they're self-blackholed. My guess is they're > whitelisting, which IMHO is The Beginning Of The End. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 16:34, Jack Coates wrote: > Their server won't accept connections from anything that I have access > too, and I have access to some pretty high traffic (and legit :-) mail > servers -- I don't see how they can get mail from any one. They don't > even give the chance to AUTH. Since that server is the only MX record > listed in their zone, they're self-blackholed. My guess is they're > whitelisting, which IMHO is The Beginning Of The End. Ok, I don't fully understand the term 'whitelisting', but I assume that it means only specified senders get in? I'm able to send to any account I've ever tried in the past (hotmail, yahoo, my server when using squirrelmail), how could this be setup? I've got to be doing something wrong, I just don't know what. p.s. thanks for doing all the footwork of hitting their servers, I don't even really know where to begin :) -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< 100. Uh-oh. --Top 100 things you don't want the sysadmin to say Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 16:18, Michael Holt wrote: ... it's not about your message headers ... > Now, I've changed the ip's and machine name's but you get the idea. > This is sent to a test account just to see what the headers end up > like. The problem is that when I email my boss (I'm a contractor and my > point of contact works for this specific company) I get refused and my > email is bounced with this: > > connect to > qxssmtp2.qualxserv.com[65.246.197.34]: server refused mail service > > Received: from myclientmachine (unknown [192.168.0.4]) > by myemailserver (Postfix) with ESMTP id 5E918200099 > > This is just a snippet but the rest is just email information. I'm not > able to telnet to this person's email server at all, from anywhere. > > I'm wondering if they have something set on their server to drop any > email that doesn't show an fqdn in the received string. Maybe to keep > from getting email from a server that's been taken over as a relay? If > this is the case, how would I set postfix so that emails originating > from other boxes on my lan would appear to be the server sending them? > So that the above headers taken from both webmail and client machines > would look identical? > Their server won't accept connections from anything that I have access too, and I have access to some pretty high traffic (and legit :-) mail servers -- I don't see how they can get mail from any one. They don't even give the chance to AUTH. Since that server is the only MX record listed in their zone, they're self-blackholed. My guess is they're whitelisting, which IMHO is The Beginning Of The End. -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 15:40, Jack Coates wrote: > On Wed, 2003-11-12 at 15:16, Michael Holt wrote: > > On Wed, 2003-11-12 at 14:38, Jack Coates wrote: > > > > > Try watching a mail session with ethereal sometime... it's just telnet > > > to port 25, though a server is faster and has fewer typos than a human. > > > You can send mails though, -- I posted an example of how to do it > > > earlier today, with the Dead Kennedies quote, but I think it's still > > > floating around in Sympa. > > > > Ok, I'll check it out :) I'm curious though, I'm still unable to get > > through to that address via evolution, but squirrelmail goes through > > just fine. Telnet to that address gets access denied. I tried > > telnetting to my own server port 25 and it didn't get denied - so - > > yeah, I believe you. I'm still confused about why I can't email through > > postfix to that specific email address. I tried it from my wife's > > laptop using win2k and outlook to my test account and the headers looked > > almost identical to those of evolution. It obviously works because I'm > > writing to you right now using evolution. Something in their server is > > rejecting me based on something that is happening differently on > > evolution -- what the heck would it be? The only thing that I can see > > that would be different would be the "received" lines in the headers. > > > > Any thoughts? > > well, I've only sort of been following this, but if one client gets > access denied with telnet to 25 and the other doesn't, then the first is > probably tripping a blacklist rule. Does your wife's laptop connect via > a VPN (hence via a different network)? Ok, I think this has gotten confused. My server is hosting web, email, etc. You can logon from anywhere if you have an account, and use webmail. When I log on to the web mail server, which is sitting in my living room - behind the router connected to dsl, I can send email to a particular person. Now I can also specify that same server as an email server and connect to it with client machines, i.e., other boxes; with client mua's, i.e., outlook, evolution, pine, whatever. When I connect with outlook for example, the "received" line of my email header ends up looking like this: Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by mta130.mail.sc5.yahoo.com with SMTP; Wed, 12 Nov 2003 12:14:06 -0800 Received: from www.holt-tech.net (unknown [server.internal.ip.address]) by servername (Postfix) with SMTP id 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 (EST) When I use squirrelmail (my webmail server) it looks like this: Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by mta130.mail.sc5.yahoo.com with SMTP; Wed, 12 Nov 2003 12:14:06 -0800 Received: from www.holt-tech.net (unknown [server.internal.ip.address]) by servername (Postfix) with SMTP id 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 (EST) Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net ([4.35.151.34]) (SquirrelMail authenticated user michael) by server.internal.ip.address with HTTP; Wed, 12 Nov 2003 12:16:15 -0800 (PST) Now, I've changed the ip's and machine name's but you get the idea. This is sent to a test account just to see what the headers end up like. The problem is that when I email my boss (I'm a contractor and my point of contact works for this specific company) I get refused and my email is bounced with this: connect to qxssmtp2.qualxserv.com[65.246.197.34]: server refused mail service Received: from myclientmachine (unknown [192.168.0.4]) by myemailserver (Postfix) with ESMTP id 5E918200099 This is just a snippet but the rest is just email information. I'm not able to telnet to this person's email server at all, from anywhere. I'm wondering if they have something set on their server to drop any email that doesn't show an fqdn in the received string. Maybe to keep from getting email from a server that's been taken over as a relay? If this is the case, how would I set postfix so that emails originating from other boxes on my lan would appear to be the server sending them? So that the above headers taken from both webmail and client machines would look identical? -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #173: Recursive traversal of loopback mount points Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 15:16, Michael Holt wrote: > On Wed, 2003-11-12 at 14:38, Jack Coates wrote: > > > Try watching a mail session with ethereal sometime... it's just telnet > > to port 25, though a server is faster and has fewer typos than a human. > > You can send mails though, -- I posted an example of how to do it > > earlier today, with the Dead Kennedies quote, but I think it's still > > floating around in Sympa. > > Ok, I'll check it out :) I'm curious though, I'm still unable to get > through to that address via evolution, but squirrelmail goes through > just fine. Telnet to that address gets access denied. I tried > telnetting to my own server port 25 and it didn't get denied - so - > yeah, I believe you. I'm still confused about why I can't email through > postfix to that specific email address. I tried it from my wife's > laptop using win2k and outlook to my test account and the headers looked > almost identical to those of evolution. It obviously works because I'm > writing to you right now using evolution. Something in their server is > rejecting me based on something that is happening differently on > evolution -- what the heck would it be? The only thing that I can see > that would be different would be the "received" lines in the headers. > > Any thoughts? well, I've only sort of been following this, but if one client gets access denied with telnet to 25 and the other doesn't, then the first is probably tripping a blacklist rule. Does your wife's laptop connect via a VPN (hence via a different network)? -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 14:38, Jack Coates wrote: > Try watching a mail session with ethereal sometime... it's just telnet > to port 25, though a server is faster and has fewer typos than a human. > You can send mails though, -- I posted an example of how to do it > earlier today, with the Dead Kennedies quote, but I think it's still > floating around in Sympa. Ok, I'll check it out :) I'm curious though, I'm still unable to get through to that address via evolution, but squirrelmail goes through just fine. Telnet to that address gets access denied. I tried telnetting to my own server port 25 and it didn't get denied - so - yeah, I believe you. I'm still confused about why I can't email through postfix to that specific email address. I tried it from my wife's laptop using win2k and outlook to my test account and the headers looked almost identical to those of evolution. It obviously works because I'm writing to you right now using evolution. Something in their server is rejecting me based on something that is happening differently on evolution -- what the heck would it be? The only thing that I can see that would be different would be the "received" lines in the headers. Any thoughts? -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #309: firewall needs cooling Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 14:07, Michael Holt wrote: > On Wed, 2003-11-12 at 13:37, Jason Williams wrote: > > > $ telnet 65.246.197.34 25 > > Trying 65.246.197.34... > > Connected to 65.246.197.34. > > Escape character is '^]'. > > 521 qxssmtp2.qualxserv.com access denied > > Connection closed by foreign host. > > Ok, question -- why would a server let you telnet into port 25? I would > think that a connection like that would get dropped for sure. Try watching a mail session with ethereal sometime... it's just telnet to port 25, though a server is faster and has fewer typos than a human. You can send mails though, -- I posted an example of how to do it earlier today, with the Dead Kennedies quote, but I think it's still floating around in Sympa. > > > You may want to consider upgrading to a new version of Postfix. There have > > been quite a few enhancements as well as security features that have > > changed since this release. A quick note: If you do upgrade, note that the > > way rules are applied (UCE specifically) into Postifx 2.x are slightly > > different than 1.x. > > I think I'm going to hold off upgrading pf for just now; time > constraints and all. I'm planning on migrating the server to mdk9.2 > here soon - just waiting to make sure enough release bugs are squashed > :) > > > Hope that helps. Let me know if you have any other questions. > > > > Jason > > Thanks so much for your help! -- Jack Coates Monkeynoodle: A Scientific Venture... Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 13:37, Jason Williams wrote: > $ telnet 65.246.197.34 25 > Trying 65.246.197.34... > Connected to 65.246.197.34. > Escape character is '^]'. > 521 qxssmtp2.qualxserv.com access denied > Connection closed by foreign host. Ok, question -- why would a server let you telnet into port 25? I would think that a connection like that would get dropped for sure. > You may want to consider upgrading to a new version of Postfix. There have > been quite a few enhancements as well as security features that have > changed since this release. A quick note: If you do upgrade, note that the > way rules are applied (UCE specifically) into Postifx 2.x are slightly > different than 1.x. I think I'm going to hold off upgrading pf for just now; time constraints and all. I'm planning on migrating the server to mdk9.2 here soon - just waiting to make sure enough release bugs are squashed :) > Hope that helps. Let me know if you have any other questions. > > Jason Thanks so much for your help! -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #266: All of the packets are empty. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
At 01:25 PM 11/12/2003 -0800, you wrote: > I dont see anything in your headers that would warrant them being malicious > or spam. > The only real thing I can see is that when you logged in remotely, its > showing the verizon connection that was initiated. Is this a bad thing? This is just saying where I logged in from, no? My router does NAT loopback, so I just log onto my webpage using my domain name and then hit the webmail page and log in. I assumed that this is what is being added here. Nope. It's just part of the normal email tracking process. Just adds it all into the headers, tracking the path it took. It should be no problem at all. > There are no other messages regarding why it was blocked? No bounce backs? connect to qxssmtp2.qualxserv.com[65.246.197.34]: server refused mail service Not sure what server this is, but this is a quick test I did running from one of my boxes: $ telnet 65.246.197.34 25 Trying 65.246.197.34... Connected to 65.246.197.34. Escape character is '^]'. 521 qxssmtp2.qualxserv.com access denied Connection closed by foreign host. It's not your setup. Its the remote mail server. Looks like SMTP is not running on this server at the moment. I didn't save any others. It's only been a few, but since I just tried using a different system, everything is suspect. No worries. This particular system is doing something on its end. > What version of postfix are you running? postfix-1.1.11-4mdk / Mandrake 9.0 You may want to consider upgrading to a new version of Postfix. There have been quite a few enhancements as well as security features that have changed since this release. A quick note: If you do upgrade, note that the way rules are applied (UCE specifically) into Postifx 2.x are slightly different than 1.x. Hope that helps. Let me know if you have any other questions. Jason Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
On Wed, 2003-11-12 at 13:10, Jason Williams wrote: > I dont see anything in your headers that would warrant them being malicious > or spam. > The only real thing I can see is that when you logged in remotely, its > showing the verizon connection that was initiated. Is this a bad thing? This is just saying where I logged in from, no? My router does NAT loopback, so I just log onto my webpage using my domain name and then hit the webmail page and log in. I assumed that this is what is being added here. > There are no other messages regarding why it was blocked? No bounce backs? connect to qxssmtp2.qualxserv.com[65.246.197.34]: server refused mail service I didn't save any others. It's only been a few, but since I just tried using a different system, everything is suspect. > What version of postfix are you running? postfix-1.1.11-4mdk / Mandrake 9.0 > Jason -- Michael Holt Snohomish, WA (o_ [EMAIL PROTECTED] (o_ (o_ //\ www.holt-tech.net (/)_ (/)_ V_/_ www.mandrakelinux.com ==< SysAdmin excuse #194: We only support a 1200 bps connection. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [expert] postfix headers
At 01:01 PM 11/12/2003 -0800, you wrote: Hey all, Sorry for the long post, but I'm confused here. I've been using squirrelmail for several months now, but I wanted to switch to a local mail client. Squirrelmail really is local because my postfix email server is behind the firewall along with my host machines. I want to use the webmail when I'm outside the firewall and Evolution/Pine/Outlook/whatever when I'm inside. Anyway, I've gotten a couple of returned emails since I've started using evolution saying that the destination server refused the email. I don't have any way of testing their systems to see why it's being rejected so I just tried sending a couple messages to an external test account on yahoo and then comparing the headers. The following are two sets of headers; the first is from squirrelmail where I was logged on remotely to webmail but from the same side of the firewall. The second is from evolution, also on the same side of the firewall. ** X-Apparently-To: [EMAIL PROTECTED] via 66.218.93.72; Wed, 12 Nov 2003 12:14:06 -0800 X-YahooFilteredBulk:4.35.151.34 Return-Path:<[EMAIL PROTECTED]> Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by mta130.mail.sc5.yahoo.com with SMTP; Wed, 12 Nov 2003 12:14:06 -0800 Received: from www.holt-tech.net (unknown [server.internal.ip.address]) by servername (Postfix) with SMTP id 13833205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:16:15 -0500 (EST) Received: from evrtwa1-ar17-4-35-151-34.evrtwa1.dsl-verizon.net ([4.35.151.34]) (SquirrelMail authenticated user michael) by server.internal.ip.address with HTTP; Wed, 12 Nov 2003 12:16:15 -0800 (PST) Message-ID: <[EMAIL PROTECTED]> Date: Wed, 12 Nov 2003 12:16:15 -0800 (PST) Subject:another test From: "Michael Holt" <[EMAIL PROTECTED]> | Add to Address Book To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.0 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal *** X-Apparently-To: [EMAIL PROTECTED] via 66.218.93.80; Wed, 12 Nov 2003 12:00:02 -0800 X-YahooFilteredBulk:4.35.151.34 Return-Path:<[EMAIL PROTECTED]> Received: from 4.35.151.34 (EHLO servername) (4.35.151.34) by mta156.mail.scd.yahoo.com with SMTP; Wed, 12 Nov 2003 12:00:02 -0800 Received: from machinename (unknown [host.internal.ip]) by servername (Postfix) with ESMTP id 0606E205CFC for <[EMAIL PROTECTED]>; Wed, 12 Nov 2003 15:02:11 -0500 (EST) Subject:test From: "Michael Holt" <[EMAIL PROTECTED]> | Add to Address Book To: [EMAIL PROTECTED] Content-Type: text/plain Message-Id: <[EMAIL PROTECTED]> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.4-8mdk Date: Wed, 12 Nov 2003 12:01:59 -0800 Content-Transfer-Encoding: 7bit Both messages were written in ascii (html turned off) but I've noticed that they don't have the same type of tags at the bottom. The "received" lines for both also seem to be quite different. What I need to know is, are these differences enough to keep my email from getting through on some systems? Could someone be considering my email to be potentially dangerous or spam or something of that nature because of these headers? I dont see anything in your headers that would warrant them being malicious or spam. The only real thing I can see is that when you logged in remotely, its showing the verizon connection that was initiated. There are no other messages regarding why it was blocked? No bounce backs? What version of postfix are you running? Jason Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com