Re: mailtail

2012-08-08 Thread Alvin Wong 
With just a single binary I have 80% thought of it being a Trojan.

2012/8/8 Sascha Hüdepohl 

> Hi!
>
> A very little tool to watch mail.log in color:
> http://sascha.huedepohl.de/mailtail
>
> Sascha
>

Fwd: "no route to host" error message

2012-07-17 Thread Alvin Wong 
[Forgot to reply all, resend]

No route to host means your IP cannot reach the remote IP, not port
related. Check your IP/gateway/subnet mask settings, and try `nslookup
hotmail.com` and `traceroute hotmail.com`

On 2012-7-17 上午1:22, "Engin qwert"  wrote:
>
>
>
> 
> From: eng...@hotmail.com
> To: postfix-users@postfix.org
> Subject: RE: "no route to host" error message
> Date: Fri, 13 Jul 2012 14:33:40 +
>
> Sorry for asking everything but I want to make sure there isn't any 
> rejection. I run the  command you told me.
> To my weak understanding ther is no restrictions at all in the iptables isn't 
> it?
> --
> root@xn--hadibakalm-5ub:~# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target prot opt source   destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source   destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source   destination
>
> --
> > Date: Fri, 13 Jul 2012 16:25:54 +0200
> > From: h.rei...@thelounge.net
> > To: postfix-users@postfix.org
> > Subject: Re: "no route to host" error message
> >
> >
> >
> > Am 13.07.2012 16:20, schrieb Engin qwert:
> > > Hello and sorry for asking again.
> > >
> > > I telnet'ted the hotmail.com from both port 25 and port 587 when I telnet 
> > > directly from server or any other
> > > location in Istanbul
> > > --
> > > engin@xn--hadibakalm-5ub:~$ telnet hotmail.com 25
> > > Trying 65.55.72.183...
> > > Trying 65.55.72.135...
> > > Trying 65.55.72.151...
> > > Trying 65.55.72.167...
> > > telnet: Unable to connect to remote host: No route to host
> >
> > contact your ISP after made sure you are not
> > blocking something via iptables your own
> >
> > this is simply a firewall-rejecting
> >
> > "-j REJECT --reject-with icmp-host-unreachable" will exactly
> > trigger this repsones regardless if it is done outgoing
> > in your firewall or somewehere in the network
> > ___
> >
> > http://www.linuxtopia.org/Linux_Firewall_iptables/x4550.html
> >
> > The following reject types are currently valid:
> > icmp-net-unreachable
> > icmp-host-unreachable
> > icmp-port-unreachable
> > icmp-proto-unreachable
> > icmp-net-prohibited
> > icmp-host-prohibited.
> >
> > The default error message is to send a port-unreachable to the host.
> >
>
>Hi there, I asked to my ISP to open port 25 but they insisted on that they 
> are not blocking any of my ports. But still the below command  outputs "no 
> route to host" error message.
>
> #telnet hotmail.com 25
>
>  On the other hand to make sure I am not blocking any outgoing port 
> myself, I installed firestarter program and selected the  "allow everything 
> except selected ports" option then blocked nothing. I hope this will allow 
> any outgoing ports to be opened.
>
>   This is very weird that the mail server send mail when relayed from any 
> machine except the localhost itself. On debian how can I send mail with php 
> any suggestion would be apprecriated.

Re: Trouble using StartSSL certificate for tls

2012-06-22 Thread Alvin Wong 
Try copying the contents of the chain certificates
`sub.class1.server.ca.pem` then `ca.pem` to the contents of your
public certificate, from depth to root.

2012/6/23 Patrick Ben Koetter :
> * Neil Aggarwal :
>> Hello:
>>
>> I created a certificate for my mail server using the StartSSL service
>> located
>> at http://www.startssl.com/
>>
>> I set these lines in my main.cf (I already set up dovecot):
>>
>> # Rules for smtp auth
>> smtpd_sasl_type = dovecot
>> smtpd_sasl_path = private/auth
>> smtpd_sasl_auth_enable = yes
>> smtpd_recipient_restrictions =  permit_mynetworks,
>>     permit_sasl_authenticated,
>>     reject_unauth_destination
>>
>> # Enable SMTP TLS
>> smtpd_tls_cert_file = /etc/ssl/mail.nsa-lp.com.crt
>> smtpd_tls_key_file = /etc/ssl/mail.nsa-lp.com.key
>> smtpd_tls_CAfile = /etc/ssl/ca-bundle.cer
>> smtpd_tls_security_level = may
>> smtpd_tls_auth_only = yes
>>
>> I went to a remote server and tried to send an email manually.
>>
>> I connected to the server using this command:
>> openssl s_client -connect mail.nsa-lp.com:25 -starttls smtp
>>
>> I get this output:
>> CONNECTED(0003)
>> depth=3 /C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2
>> verify error:num=19:self signed certificate in certificate chain
>> verify return:0
>> It then prints the chain, the certificate, and some other info followed by
>> this:
>> 250 DSN
>>
>> So, it looks like postfix thinks the certificate is self signed.  It does
>> not recognize the CA.
>> That is a bit strange, but it gives me the 250 code which says things should
>> be ok
>
> The 250 is a SMTP reply unrelated to the fact that your test can't verify the
> certificate. Try this command to see a verification output that enables
> s_client to look up the CA, which signed your certificate:
>
> openssl s_client -connect mail.nsa-lp.com:25 -starttls smtp -CAfile 
> /etc/ssl/ca-bundle.cer
>
>> to move forward.
>>
>> I then issue this command: ehlo jammconsulting.com
>> I get this response:
>> 250-mail.nsa-lp.com
>> 250-PIPELINING
>> 250-SIZE 1024
>> 250-VRFY
>> 250-ETRN
>> 250-AUTH PLAIN
>> 250-ENHANCEDSTATUSCODES
>> 250-8BITMIME
>> 250 DSN
>>
>> Then, I authenticate to the server: auth plain [Base64 encoded auth]
>> I get back:
>> 235 2.7.0 Authentication successful
>>
>> I type: MAIL FROM:
>> I get back:
>> 250 2.1.0 Ok
>>
>> Then, when I type: RCPT TO:
>> I get this back:
>> RENEGOTIATING
>> depth=3 /C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2
>> verify error:num=19:self signed certificate in certificate chain
>> verify return:0
>>
>> If I type: DATA
>> I get:
>> 554 5.5.1 Error: no valid recipients
>>
>> It looks like postfix does not allow me to specify a recipient as long as it
>> thinks the certificate is self-signed.
>
> You mix error output from the openssl s_client with things that go wrong on
> the server side.
>
> Try the openssl command I showed above and see if s_client still complains
> about a "self signed certificate in certificate chain". On a sidenote:
> s_client states the cert itself is okay: "verify return:0"
>
>> How do I get Postfix to recognize this certificate as a CA signed
>> certificate?
>
> The SMTP server is dispassionate about your certificates state. It simply
> sends it. It's the client that complains, because it has to decide whether it
> is willing to accept what the server sends or not.
>
> p@rick
>
> --
> All technical questions asked privately will be automatically answered on the
> list and archived for public access unless privacy is explicitely required and
> justified.
>
> saslfinger (debugging SMTP AUTH):
>

Re: problem with postfix configuration - Relay Access Denied

2012-06-19 Thread Alvin Wong 
Are you actually trying to set up virtual mailbox? If yes you should
take a look at this
http://www.postfix.org/VIRTUAL_README.html#virtual_mailbox

2012/6/19 Wietse Venema :
> JonL:
>> postmap: fatal: file /etc/postfix/main.cf: parameter mydomain: bad parameter
>> value: mmtnetworks.com.au,           jlorenzo.com.au
> ...
>> postconf -n
> ...
>> mydomain = mmtnetworks.com.au, jlorenzo.com.au
>
> Specify ONE name in mydomain.
> http://www.postfix.org/postconf.5.html#mydomain
>
> Specify ALL local destinations in mydestination.
> http://www.postfix.org/postconf.5.html#mydestination
>
>        Wietse

Re: Emails from IPv6 addresses are blocked by DNSBLs

2012-06-16 Thread Alvin Wong 
Hi,

What if you put bl.spamcop.net below other blocklsts?

P.S. zen.spamhaus.org includes xbl.spamhaus.org, which includes
cbl.abuseat.org, so you don't actually need cbl.abuseat.org as another
entry.

2012/6/17 Wietse Venema :
> Thomas Preissler:
>> Hello,
>>
>> I have now for some time Postfix listening on IPv6 on my server.
>> When I send for example emails to boun...@freenet6.net or
>> i...@test-ipv6.veznat.com I receive them via IPv6, all is good.
>> I also (very rarely though) receive "normal" emails via IPv6. So far so
>> good.
>>
>> Basically when more and more email servers got IPv6 enabled, I sometimes
>> saw
>>
>> Jun 14 19:20:02 dumbledor postfix/smtpd[1472]: NOQUEUE: reject: RCPT
>> from unknown[2002::XXX:::XXX]: 554 5.7.1 Service unavailable;
>> Client host [2002::XXX::4d49:4f1] blocked using bl.spamcop.net;
>> from= to=
>> proto=ESMTP helo=
>>
>> Long story short:
>> * Some IPv6 addreses are DNSBL blocked, some or not. When they are
>>   blocked, they stay blocked and same for when they are not blocked
>>   (like the test IPv6 emailaddresses above).
>> * They always get blocked by the first DNSBL entry - obviously.
>> * Querying the DNSBL via their webinterface doesnt work for IPv6
>>   addresses, doing the same via the equivalent nslookup or dig command
>>   gives me NXDOMAIN.
>> * No IPv6 firewall enabled, but I run a local only bind.
>>
>> Did anybody experience the same?
>> The odd thing is, and I cannot get my head around that, is that it works
>> for some, for others it never worked.
>
> What is the IP address?
>
> What NSLOOKUP query did you use?
>
>        Wietse

Re:

2012-06-11 Thread Alvin Wong 
Perhaps this is what you're looking for:
http://php.net/manual/en/function.mail.php

I can't imagine someone not reading the php manual.

2012/6/11 achal tomar :
> So wietse can how can i send mail with PHP script to my mail server which
> has postfix on it so that the return path of mails send has the following:-
>
> Assume there is a user called ac...@example.net and that an individual,
> b...@example.org has has to be send mai.
>
> return path: achal+bob=example@example.net
> recipient: b...@example.org
>
>

Re: postfix/virtual can't deliver to virtual mailbox

2012-06-04 Thread Alvin Wong 
Thanks, it's really the SELinux problem. The labels of some files in
`/var/spool/postfix/pid` have the wrong label set. Running
`/sbin/restorecon -rv /var/spool/postfix/pid/*` fixed the problem. So
my problem is now solved.

But I have no idea why the labels are changed themselves, though. Will
it be possible that after I've enabled virtual mailboxes I re-started
postfix manually, so the files are created with the wrong label? I see
that if I start postfix manually, the process isn't running in the
expected SELinux context. Will this possibly be a bug?

Thanks,
Alvin Wong

2012/6/4 Wietse Venema :
> Alvin Wong:
>> Hi,
>>
>> First thank you for trying to help, but it seems that you missed a
>> part: if I execute `postfix stop; postfix start` manually in the
>> terminal, the problem is
>> "solved" until the next reboot.
>>
> Check your SELINUX, APPARMOR etc. "security" configuration.
>
>        Wietse

Re: postfix/virtual can't deliver to virtual mailbox

2012-06-03 Thread Alvin Wong 
Hi,

First thank you for trying to help, but it seems that you missed a
part: if I execute `postfix stop; postfix start` manually in the
terminal, the problem is
"solved" until the next reboot.

I am running in a real machine, and using real HDD not NFS.

Interestingly when I try to flush the postqueue when the problem
exists, a similar error is thrown:

~~
Jun  3 13:13:06 localhost postfix/flush[2705]: fatal: open lock file
pid/unix.flush: cannot open file: Permission denied
Jun  3 13:13:07 localhost postfix/master[1793]: warning: process
/usr/libexec/postfix/flush pid 2705 exit status 1
Jun  3 13:13:07 localhost postfix/master[1793]: warning:
/usr/libexec/postfix/flush: bad command startup -- throttling
~~

Which can also be solved by the same method.
I don't believe this is really a permission problem, because I see
that `/usr/libexec/postfix/master` is run as root even when the
problem exists.

Perhaps I will write once more: When the service is automatically
started with the system, it fails to open lock files. If I manually
start it in the terminal, everything is all right.

Here's my `postconf -n`:
~~
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/mail/vmailbox
virtual_mailbox_domains = example.com foo.bar.com
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_minimum_uid = 100
virtual_uid_maps = static:5000
~~

Thanks,
Alvin Wong

2012/6/4 Jeroen Geilman :
> On 06/03/2012 06:37 AM, Alvin Wong wrote:
>>
>> Hi,
>>
>> I am running postfix 2.6.6 on CentOS 6.2.
>> I set up postfix to use virtual mailbox referring to this
>> (http://www.postfix.org/VIRTUAL_README.html#virtual_mailbox)
>>
>> When the server starts, it can't deliver mail to virtual mailbox
>> (mails are stuck in the queue).
>> I see this in the maillog:
>>
>> ~~
>> Jun  2 20:35:43 localhost postfix/virtual[2122]: fatal: open lock file
>> pid/unix.virtual: cannot open file: Permission denied
>> Jun  2 20:35:44 localhost postfix/master[1784]: warning: process
>> /usr/libexec/postfix/virtual pid 2122 exit status 1
>> Jun  2 20:35:44 localhost postfix/master[1784]: warning:
>> /usr/libexec/postfix/virtual: bad command startup -- throttling
>> ~~
>>
>> However, when I execute `postfix stop; postfix start` in shell,
>> postfix starts delivering mail to virtual mailbox and the message
>> didn't appear again.
>> But then when the machine is restarted (both warm reboot and cold
>> reboot), the problem appears again. The only fix I know is to execute
>> `postfix stop; postfix start` manually.
>>
>> The file: `/var/spool/postfix/pid/unix.virtual` is owned by root and
>> has permission 0600 (rw for root only). It was set with `postfix
>> set-permissions`.
>>
>> This is quite strange because when the server boots and start postfix
>> automatically, it is supposed to do the same as `postfix start`.
>> Anyone have any idea?
>
>
> Is this inside a VM, or are you running the spool off NFS ?
> Also check apparmor/SELinux for oddities.
> If all else fails , examine the system for cron jobs that do weird stuff.
>
> You could also set up an inotify watch on the lock file to record who
> changed it and when, but I am not too familiar with that - you will need to
> read about it.
>
>> Thanks,
>> Alvin Wong
>
>
>
> --
> J.
>

postfix/virtual can't deliver to virtual mailbox

2012-06-02 Thread Alvin Wong 
Hi,

I am running postfix 2.6.6 on CentOS 6.2.
I set up postfix to use virtual mailbox referring to this
(http://www.postfix.org/VIRTUAL_README.html#virtual_mailbox)

When the server starts, it can't deliver mail to virtual mailbox
(mails are stuck in the queue).
I see this in the maillog:

~~
Jun  2 20:35:43 localhost postfix/virtual[2122]: fatal: open lock file
pid/unix.virtual: cannot open file: Permission denied
Jun  2 20:35:44 localhost postfix/master[1784]: warning: process
/usr/libexec/postfix/virtual pid 2122 exit status 1
Jun  2 20:35:44 localhost postfix/master[1784]: warning:
/usr/libexec/postfix/virtual: bad command startup -- throttling
~~

However, when I execute `postfix stop; postfix start` in shell,
postfix starts delivering mail to virtual mailbox and the message
didn't appear again.
But then when the machine is restarted (both warm reboot and cold
reboot), the problem appears again. The only fix I know is to execute
`postfix stop; postfix start` manually.

The file: `/var/spool/postfix/pid/unix.virtual` is owned by root and
has permission 0600 (rw for root only). It was set with `postfix
set-permissions`.

This is quite strange because when the server boots and start postfix
automatically, it is supposed to do the same as `postfix start`.
Anyone have any idea?

Thanks,
Alvin Wong