Postfix telnet issue

Understudy

Understudy

Hi I have been working on setting up a mail server with postfix, dovecot, apache, mysql, and php. I am trying to do the telnet test and it is not working.

Code: 
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
HELO justtesting
Connection closed by foreign host.

I thought I would see something like this:

Code: 
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
220  ESMTP
Escape character is '^]'.


So I am missing whatever turns on the 220 ESTMP setup. Since I am new to this type of setup, where would I look?

Sincerely,

Brendhan
 
It seems like something is preventing your mail server from answering your telnet because, as you mentioned, your missing the 220 status. Just for conversation here is what it should look like:
Code: 
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 argus-array ESMTP Sendmail 8.14.5/8.14.5; Sat, 23 Feb 2013 23:15:59 -0600 (CST)
^]
telnet> quit
Connection closed.
Following that you can sockstat your box to see what is going on:
Code: 
# sockstat -4
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
john.blue sshd      23116 3  tcp4   2.4.6.8:22            10.12.14.16:49876
root     sshd       23113 3  tcp4   2.4.6.8:22            10.12.14.16:49876
root     sendmail   1088  4  tcp4   127.0.0.1:25          *:*
root     sshd       1085  4  tcp4   *:22                  *:*
root     ntpd       1062  20 udp4   *:123                 *:*
root     ntpd       1062  22 udp4   2.4.6.8:123           *:*
root     ntpd       1062  25 udp4   127.0.0.1:123         *:*
root     syslogd    975   7  udp4   *:514                 *:*
?        ?          ?     ?  tcp4   127.0.0.1:16312       127.0.0.1:25

You should be able to see the connections established to port 25. Do you have any firewall rules pass in/out that are missing or mangled?
 
*snap*

Forgot about /var/log/maillog:
Code: 
Feb 23 23:16:14 argus-array sm-mta[23122]: r1O5Fxpi023122: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to Daemon0

There should be some clues in there ..
 
Here are the results of the [CMD=""]sockstat -4[/CMD]

Code: 
postal# sockstat -4
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
bhorne   sshd       47839 3  tcp4   192.168.1.16:22       192.168.1.2:35230
root     sshd       47836 3  tcp4   192.168.1.16:22       192.168.1.2:35230
www      httpd      4565  4  tcp4   *:80                  *:*
www      httpd      4565  6  tcp4   *:443                 *:*
www      httpd      3896  4  tcp4   *:80                  *:*
www      httpd      3896  6  tcp4   *:443                 *:*
root     master     3892  12 tcp4   *:25                  *:*
www      httpd      3817  4  tcp4   *:80                  *:*
www      httpd      3817  6  tcp4   *:443                 *:*
www      httpd      3816  4  tcp4   *:80                  *:*
www      httpd      3816  6  tcp4   *:443                 *:*
www      httpd      3815  4  tcp4   *:80                  *:*
www      httpd      3815  6  tcp4   *:443                 *:*
www      httpd      3814  4  tcp4   *:80                  *:*
www      httpd      3814  6  tcp4   *:443                 *:*
www      httpd      3813  4  tcp4   *:80                  *:*
www      httpd      3813  6  tcp4   *:443                 *:*
dovecot  imap-login 99460 4  tcp4   *:143                 *:*
dovecot  imap-login 99460 5  tcp4   *:993                 *:*
dovecot  imap-login 99459 4  tcp4   *:143                 *:*
dovecot  imap-login 99459 5  tcp4   *:993                 *:*
dovecot  imap-login 99458 4  tcp4   *:143                 *:*
dovecot  imap-login 99458 5  tcp4   *:993                 *:*
dovecot  pop3-login 99457 4  tcp4   *:110                 *:*
dovecot  pop3-login 99457 5  tcp4   *:995                 *:*
dovecot  pop3-login 99456 4  tcp4   *:110                 *:*
dovecot  pop3-login 99456 5  tcp4   *:995                 *:*
dovecot  pop3-login 99455 4  tcp4   *:110                 *:*
dovecot  pop3-login 99455 5  tcp4   *:995                 *:*
root     dovecot    99451 6  tcp4   *:143                 *:*
root     dovecot    99451 7  tcp4   *:993                 *:*
root     dovecot    99451 8  tcp4   *:110                 *:*
root     dovecot    99451 9  tcp4   *:995                 *:*
root     httpd      96192 4  tcp4   *:80                  *:*
root     httpd      96192 6  tcp4   *:443                 *:*
mysql    mysqld     88536 11 tcp4   *:3306                *:*
root     sshd       1465  4  tcp4   *:22                  *:*
root     ntpd       1426  20 udp4   *:123                 *:*
root     ntpd       1426  22 udp4   192.168.1.16:123      *:*
root     ntpd       1426  25 udp4   127.0.0.1:123         *:*
root     syslogd    1224  7  udp4   *:514                 *:*


Here are the results of [CMD=""]less /var/log/maillog[/CMD]

Code: 
Feb 24 09:21:45 postal postfix/smtpd[50008]: error: open database /etc/aliases.db: No such file or directory
Feb 24 09:21:45 postal postfix/proxymap[50009]: error: open /usr/local/etc/postfix
/mysql_virtual_mailbox_maps.cf: No such file or directory
Feb 24 09:21:45 postal postfix/smtpd[50008]: connect from localhost[127.0.0.1]
Feb 24 09:21:53 postal postfix/smtpd[50008]: SSL_accept error from localhost[127.0.0.1]: lost 
connection
Feb 24 09:21:53 postal postfix/smtpd[50008]: lost connection after CONNECT from localhost[127.0.0.1]
Feb 24 09:21:53 postal postfix/smtpd[50008]: disconnect from localhost[127.0.0.1]

From what I am reading it say there is no aliases.db. However there is. it is just located at:

Code: 
postal# locate aliases.db
/etc/mail/aliases.db

It also says it is looking for mysql_virtual_mailbox_maps.cf however that cannot be found.

I have been working with the instructions on http://www.purplehat.org/?page_id=4.

Sincerely,

Brendhan
 
Code: 
postal# cd /usr/local/etc/postfix/
postal# ls -a
.                                       master.cf
..                                      mysql_relay_domains_maps.cf
LICENSE                                 mysql_virtual_alias_maps.cf
TLS_LICENSE                             mysql_virtual_domains_maps.cf
bounce.cf.default                       mysql_virtual_mailbox_limit_maps.cf
main.cf                                 transport
main.cf.default                         transport.db
makedefs.out
 
I see where the mail dameon is listing on port 25, so that is a good thing.

I think that once you get those two postfix errors resolved it might lite up and start working on it's own. I have just enough time to post this, but I remember reading the purplehat guide sometime back and thought that it was, generally speaking, well done. Technology may have obsoleted some sections of it so be advised of that. Isn't there a howto in the fourms here that is loosely based on the purplehat guide?

Postfix aliases.db must be generated with command "newaliases" usually ran as root. Did you do that?
 
Okay, I have gone through and fixed a couple of the errors.

Now it just looks like the aliases.db is the issue. It currently is in /etc/mail/aliases.db and it is trying to find it in /etc/aliases.db.

I could create a sym link to it but I would prefer to not do that. So what is the best way to deal with this?

Code: 
Feb 24 13:58:44 postal postfix/smtpd[50715]: error: open database /etc/aliases.db: No such file or directory
Feb 24 13:58:44 postal postfix/smtpd[50715]: connect from localhost[127.0.0.1]
Feb 24 13:58:52 postal postfix/smtpd[50715]: SSL_accept error from localhost[127.0.0.1]: lost connection
Feb 24 13:58:52 postal postfix/smtpd[50715]: lost connection after CONNECT from localhost[127.0.0.1]
Feb 24 13:58:52 postal postfix/smtpd[50715]: disconnect from localhost[127.0.0.1]

And yes, I did run [CMD=""]newaliases[/CMD]. :)

Sincerely,

Brendhan
 
Understudy said:
Okay, I have gone through and fixed a couple of the errors.
Click to expand...
Out of curiosity, what did you fix?

Now it just looks like the aliases.db is the issue. It currently is in /etc/mail/aliases.db and it is trying to find it in /etc/aliases.db.
Click to expand...
What does /etc/postfix/main.cf say it is pointing "alias database" to?
 
The rest of the discussion aside: are you sure that Postfix does not introduce a 'connection sleep' to catch out trojans? Sendmail has a GreetPause directive for this, Postfix may have something similar. The 220 prompt showing only after x seconds is how that setting manifests itself, as does breaking the connection when responding too soon. Have you tried waiting for 30 seconds before typing EHLO, to see if the 220 prompt shows up first?
 
johnblue said:
Out of curiosity, what did you fix?

What does /etc/postfix/main.cf say it is pointing "alias database" to?
Click to expand...

I fixed an issue with this:

Code: 
Feb 24 09:21:45 postal postfix/proxymap[50009]: error: open /usr/local/etc/postfix
/mysql_virtual_mailbox_maps.cf: No such file or directory

I had forgotten to create it. I did and than I restarted dovecot, postfix and apache. Now I just get the error about the alises.db.

I am not sure if that would fix the problem with the 220 ESMTP not showing up on a telnet or not.

Sincerely,

Brendhan
 
DutchDaemon said:
The rest of the discussion aside: are you sure that Postfix does not introduce a 'connection sleep' to catch out trojans? Sendmail has a GreetPause directive for this, Postfix may have something similar. The 220 prompt showing only after x seconds is how that setting manifests itself, as does breaking the connection when responding too soon. Have you tried waiting for 30 seconds before typing EHLO, to see if the 220 prompt shows up first?
Click to expand...

If it does I am not sure where the setting is. However I have tried your point and it did not change.


Code: 
postal# date
Mon Feb 25 08:26:39 EST 2013
postal# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
postal# date
Mon Feb 25 08:31:50 EST 2013

I just waited for five minutes. Never showed up.

Sincerely,

Brendhan
 
Understudy said:
Feb 24 13:58:44 postal postfix/smtpd[50715]: connect from localhost[127.0.0.1]
Feb 24 13:58:52 postal postfix/smtpd[50715]: SSL_accept error from localhost[127.0.0.1]: lost connection
Feb 24 13:58:52 postal postfix/smtpd[50715]: lost connection after CONNECT from localhost[127.0.0.1]
Feb 24 13:58:52 postal postfix/smtpd[50715]: disconnect from localhost[127.0.0.1]
Click to expand...

The "SSL_accept error" looks interesting to me. Why is it mentioning SSL? I'm thinking for some reason port 25 is expecting an SSL negotiation before it outputs anything. Try this:

# openssl s_client -connect localhost:25

and see if it negotiates SSL and then outputs the ESMTP message you are expecting. If it does then your configuration is weird. Although usually to enable SSL you would have had to configure a certificate and key and it seems unlikely it would allow SSL if you hadn't done so.
 
johnblue said:
What does /etc/postfix/main.cf say it is pointing "alias database" to?
Click to expand...

Code: 
postal# grep aliases main.cf                                                   
# a domain-wide alias database that aliases each user to
# and /etc/aliases or their equivalent.
#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
# database, then the NIS alias database. See aliases(5) for syntax
# If you change the alias database, run "postalias /etc/aliases" (or
# "newaliases" to build the necessary DBM or DB file.
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# are built with "newaliases" or "sendmail -bi".  This is a separate
#alias_database = dbm:/etc/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
# aliases, canonical, virtual, relocated and .forward file lookups.
# to use after processing aliases and .forward files. This parameter
# newaliases_path: The full pathname of the Postfix newaliases command.
newaliases_path = /usr/local/bin/newaliases
 
xtaz said:
The "SSL_accept error" looks interesting to me. Why is it mentioning SSL? I'm thinking for some reason port 25 is expecting an SSL negotiation before it outputs anything. Try this:

# openssl s_client -connect localhost:25

and see if it negotiates SSL and then outputs the ESMTP message you are expecting. If it does then your configuration is weird. Although usually to enable SSL you would have had to configure a certificate and key and it seems unlikely it would allow SSL if you hadn't done so.
Click to expand...


Here is the result certain parts abbreviated for security and length.

Code: 
postal# openssl s_client -connect localhost:25
CONNECTED(00000003)
depth=0 /C=US/ST=Florida/L=West Palm Beach/O=Bee Barf Apiaries/CN=Brendhan /emailAddress=admin@xxxxxxxxxxxx.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=Florida/L=West Palm Beach/O=Bee Barf Apiaries/CN=Brendhan /emailAddress=admin@xxxxxxxxxxxx.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Florida/L=West Palm Beach/O=Bee Barf Apiaries/CN=Brendhan /emailAddress=admin@xxxxxxx.com
   i:/C=US/ST=Florida/L=West Palm Beach/O=Bee Barf Apiaries/CN=Brendhan /emailAddress=admin@xxxxxxxxx.com
---
Server certificate
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
subject=/C=US/ST=Florida/L=West Palm Beach/O=Bee Barf Apiaries/CN=Brendhan /emailAddress=admin@xxxxxxxxxxxx.com
issuer=/C=US/ST=Florida/L=West Palm Beach/O=Bee Barf Apiaries/CN=Brendhan /emailAddress=admin@xxxxxxxxxxxx.com
---
No client certificate CA names sent
---
SSL handshake has read 1521 bytes and written 337 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    Session-ID-ctx: 
    Master-Key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    Key-Arg   : None
    Start Time: 1361825476
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
220 mail.xxxxxxxxxxxxxxx.com ESMTP Postfix


So it is there. Now what, I think my brain my melt. :)

Sincerely,

Brendhan
 
Understudy said:
Code: 
postal# grep aliases main.cf                                                   
# a domain-wide alias database that aliases each user to
# and /etc/aliases or their equivalent.
#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
# database, then the NIS alias database. See aliases(5) for syntax
# If you change the alias database, run "postalias /etc/aliases" (or
# "newaliases" to build the necessary DBM or DB file.
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# are built with "newaliases" or "sendmail -bi".  This is a separate
#alias_database = dbm:/etc/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
# aliases, canonical, virtual, relocated and .forward file lookups.
# to use after processing aliases and .forward files. This parameter
# newaliases_path: The full pathname of the Postfix newaliases command.
newaliases_path = /usr/local/bin/newaliases
Click to expand...
Unless I am missing something, the reason why you are getting this error:
Code: 
error: open database /etc/aliases.db: No such file or directory
is because main.cf is telling Postfix to look for the alias_map at /etc/aliases. Why there is an alias file at /etc/mail/aliases.db is anybody's guess.
 
johnblue said:
Unless I am missing something, the reason why you are getting this error:
Code: 
error: open database /etc/aliases.db: No such file or directory
is because main.cf is telling Postfix to look for the alias_map at /etc/aliases. Why there is an alias file at /etc/mail/aliases.db is anybody's guess.
Click to expand...

/etc/mail/aliases.db is where Sendmail puts it. In other words, that is Where It Is Supposed To Be. :)

On my 9-STABLE system, /etc/aliases is a link to /etc/mail/aliases. There is no link for /etc/aliases.db, though.
 
wblock@ said:
/etc/mail/aliases.db is where Sendmail puts it. In other words, that is Where It Is Supposed To Be. :)

On my 9-STABLE system, /etc/aliases is a link to /etc/mail/aliases. There is no link for /etc/aliases.db, though.
Click to expand...

If I delete the current /etc/mail/aliases.db and run [CMD=""]newaliases[/CMD] would that fix it? or do I need to edit a file and tell it where to look?

Sincerely,

Brendhan
 
wblock@ said:
/etc/mail/aliases.db is where Sendmail puts it. In other words, that is Where It Is Supposed To Be. :)
Click to expand...
*smacks forhead*

Ya know, when I was typing that I thought .. this doesn't feel right.

:D
 
You could make a separate aliases file in /usr/local/etc for postfix to avoid any confusion of which one is for which MTA.
 
Understudy said:
If I delete the current /etc/mail/aliases.db and run [CMD=""]newaliases[/CMD] would that fix it? or do I need to edit a file and tell it where to look?
Click to expand...

For Sendmail, both files are really in /etc/mail/. For Postfix... I don't know. Deleting aliases.db should not be necessary, rebuilding with newaliases(1) will overwrite it.
 
Okay, we have made some progress but still have the issue.

In order to get the aliases.db recognized. I had to rerun from /usr/local/etc/postfix. Now I have this:

Code: 
postal# find / -name aliases.db
/etc/mail/aliases.db
/etc/aliases.db

So now when I do the telnet I still get the same thing:

Code: 
postal# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
HELO justtesting
Connection closed by foreign host.

However on the positive when I look at /var/log/maillog I get this:

Code: 
Feb 25 19:02:22 postal postfix/smtpd[2565]: connect from localhost[127.0.0.1]
Feb 25 19:02:29 postal postfix/smtpd[2565]: SSL_accept error from localhost[127.0.0.1]: -1
Feb 25 19:02:29 postal postfix/smtpd[2565]: warning: TLS library problem: 2565:error:140760FC:SSL 
routines:SSL23_GET_CLIENT_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl
/ssl/s23_srvr.c:578:
Feb 25 19:02:29 postal postfix/smtpd[2565]: lost connection after CONNECT from localhost[127.0.0.1]
Feb 25 19:02:29 postal postfix/smtpd[2565]: disconnect from localhost[127.0.0.1]

So it now appears that it doesn't like the SSL.

Sincerely,

Brendhan
 
Understudy said:
Okay, we have made some progress but still have the issue.
Click to expand...
As I said before, the purplehat guide was good, but I have a nagging feeling that there was/is holes in the guide that may be tripping this install up especially if it has not been updated recently. Just say'n ..
 
johnblue said:
As I said before, the purplehat guide was good, but I have a nagging feeling that there was/is holes in the guide that may be tripping this install up especially if it has not been updated recently. Just say'n ..
Click to expand...


I can agree but it is still the best tutorial I have found and what it probably needs are some minor updates. So I guess I am finding out what some of those are.

The create of the smtp ssl is done like this:

Code: 
# mkdir -p /etc/ssl/postfix
# cd /etc/ssl/postfix
# openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650
# chmod 640 /etc/ssl/postfix/smtpd.pem
# chgrp -R postfix /etc/ssl/postfix

The apache ssl is done like this:

Code: 
# mkdir -p /etc/ssl/apache
# cd /etc/ssl/apache
# openssl genrsa -des3 -out server.key 1024
# openssl req -new -key server.key -out server.csr
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

The dovecot ssl is done like this:

Code: 
# mkdir -p /etc/ssl/dovecot
# cd /etc/ssl/dovecot
# openssl req -new -x509 -nodes -out cert.pem -keyout key.pem -days 365


So which ssl is causing the problem?

Sincerely,

Brendhan
 
You must log in or register to reply here.
Back
Top