Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th August 2008, 23:43
websissy websissy is offline
Junior Member
 
Join Date: Aug 2008
Posts: 12
Thanks: 3
Thanked 0 Times in 0 Posts
Default The (im)Perfect Setup - Debian Etch 4.0 (Debian 4.0) - Page 5

Okay, I have encountered a puzzle here and I need some advice... This one involves the mail that's presently coming and going from my server and the software that is processing it and trying to sort out what is REALLY going on here.

From the beginning my server has allowed me to send mail. At first, that surprised me because I hadn't selected and installed an MTA yet.

Even then, I assumed it wasn't receiving mail because I'd done nothing to make that happen yet. In fact, even the sendmail part of the equation puzzled me because I didn't know how that was happening...

Eventually, I ran across a reference somewhere that said exim4 was "the base email" MTA and that it was installed on Debian by default. Frankly, I was at that point convinced I wanted (and needed) to install and use sendmail. That's what my old dedicated server used. Later, I realized sendmail ALSO seems to have been installed when the server was originally built as well; but from what I can tell, it is not being (and has not been) used on this server at all.

In the end, after much study and research, I decided postfix (with TLS and smtp auth) was my best bet for most capability, strongest security, best performance, easiest setup and least complexity in my base MTA. I'm not entirely sure even now what TLS is but I was convinced I needed it the same way a new car owner knows they need ATF, antifreeze and brake fluid and gasoline without knowing exactly why.

My intent was to install those tools first using a tutorial I found here on HowToForge and then once they were installed and running, I'd add both Spamcop and SpamAssassin to the mix to tighten security and define what was acceptable in both my inbound and outbound mail streams.

That was my plan... exorcise Exim4 and install Postfix in its place along with TLS and smtp Auth. But you KNOW what they say about the best-laid plans of mice and men...

I tried this last Thursday with mixed results. I carefully followed the HowToForge tutorial step-by-step-by-step-by-step-by-step (www.howtoforge.com/perfect_setup_debian_etch_p5). BUT when I got to the end and it said type:

Code:
ehlo localhost
and

Code:
If you see the lines 

250-STARTTLS

and 

250-AUTH PLAIN LOGIN

everything is fine.
What I actually got was this:

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 myhost.com ESMTP Postfix (Debian/GNU)
ehlo localhost
250-myhost.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS <<-- Hey, here's ONE of those two 'expected' lines...
250-AUTH PLAIN LOGIN <<-- And here's the OTHER one! Did it work? DID IT ACTUALLY FREAKIN' WORK??
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
bye
502 5.5.2 Error: command not recognized
quit
221 2.0.0 Bye
Connection closed by foreign host.

Frankly seeing all those lines displayed when I had assumed I'd see only 2 lines was pretty discouraging. At that point, I figured all was lost and had no idea what to do next. Sadly, the tutorial authors offered NO help whatsoever if the user did NOT see what was expected. But looking back now, I wonder if it didn't work flawlessly and the problem was I had been mis-lead to believe I'd see only 2 lines of response when in fact there were 11 lines?

Since then, I've realized exim4 IS gone (e.g. the exorcism DID work) and postfix, tls and smpt auth (or some form of it) do seem to be running in its place (see below); but I'm not at all sure how to test it or how to figure out what (if anything) went wrong last week; or how to fix that if I DO find something wrong.

As it stands now, I did test and found that I am able to both send and receive email to and from the test domains I have moved to the server. So, I now know the basic sending and receiving of email do work; but I'm unclear as to how to test to see whether TLS is working or how to tell if SMTP Auth is working or not. And of course, I have no way of knowing whether I'm receiving all email for the accounts involved or only part of it.

Here's what I DO know about the tasks that are presently running

Code:
myserver:~# ps aux | grep postfix
root      2630  0.0  0.0  19616  2052 ?        Ss   Aug25   0:00 /usr/lib/postfix/master
postfix   2637  0.0  0.0  20688  2132 ?        S    Aug25   0:00 qmgr -l -t fifo -u
root      2649  0.0  0.0  30312  1156 ?        Ss   Aug25   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      2651  0.0  0.0  30312   672 ?        S    Aug25   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      2652  0.0  0.0  30312   484 ?        S    Aug25   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      2653  0.0  0.0  30312   484 ?        S    Aug25   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
root      2654  0.0  0.0  30312   484 ?        S    Aug25   0:00 /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
postfix   2814  0.0  0.0  21732  2456 ?        S    Aug25   0:00 tlsmgr -l -t unix -u -c
postfix  20411  0.0  0.0  20652  1988 ?        S    11:54   0:00 pickup -l -t fifo -u -c
postfix  20430  0.0  0.0  20652  2012 ?        S    12:15   0:00 anvil -l -t unix -u -c
postfix  20438  0.0  0.0  34724  3612 ?        S    12:19   0:00 smtpd -n smtp -t inet -u -c -s 2
postfix  20439  0.0  0.0  20652  2008 ?        S    12:19   0:00 proxymap -t unix -u
postfix  20440  0.0  0.0  20664  2032 ?        S    12:19   0:00 trivial-rewrite -n rewrite -t unix -u -c
postfix  20441  0.0  0.0  20728  2128 ?        S    12:19   0:00 cleanup -z -t unix -u -c
postfix  20442  0.0  0.0  20692  2420 ?        S    12:19   0:00 local -t unix
Does anyone have any suggestions or helpful hints here?

In short, H - E - L - P ! ! ! How the HECK do I get this email installation and setup process back on track?

Thanks!

Last edited by websissy; 27th August 2008 at 00:39.
Reply With Quote
Sponsored Links
  #2  
Old 27th August 2008, 02:42
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by websissy View Post
What I actually got was this:

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 myhost.com ESMTP Postfix (Debian/GNU)
ehlo localhost
250-myhost.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS <<-- Hey, here's ONE of those two 'expected' lines...
250-AUTH PLAIN LOGIN <<-- And here's the OTHER one! Did it work? DID IT ACTUALLY FREAKIN' WORK??
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
bye
502 5.5.2 Error: command not recognized
quit
221 2.0.0 Bye
Connection closed by foreign host.
That's how it's supposed to be. The tutorial didn't say that you'd get only two lines back, but that you should look out for these two lines among the other lines.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 28th August 2008, 15:46
websissy websissy is offline
Junior Member
 
Join Date: Aug 2008
Posts: 12
Thanks: 3
Thanked 0 Times in 0 Posts
Default

I'm not sure the procedure quite said what YOU suggest either. But I admit that's probably what was intended. Nevertheless, the fact that those messages appeared "buried" in a long list of other messages did high-center me for days until I found time to try fixing "the problem" and realized I might not have a problem after all!

The point is this procedure did work! And considering the complexity of the topic, you did a fine job with it. Furthermore, I was able to BUILD on the foundation laid by this install later. The next day I installed dovecot's IMAP4 support and squirrelmail on my server and made them work together (along with Outlook) for both pop3 and Imap4 inbound mail and SMTP-AUTH outbound mail.

In the end what matters is both my inbound and outbound mail pathways are now secured and no mail relays are allowed through my new server except for authorized and password-verified users.

Thanks a lot for taking the time to write the original procedure and the personal reply, Falko! Good job!

And now I have a suggestion. In this procedure you guide the user to get Postfix working with both SMTP-AUTH and SSL. Frankly, I wasted HOURS later figuring out how to make the SMTP-AUTH setup work with squirrelmail (using dovecot's IMAP4) and with Outlook too. I haven't dared THINK about how to make those programs work with SSL.

After all the work to guide the user through this setup, it seems the obvious next-steps would be to show them how to tie it together with their mail client via SMTP-AUTH and/or with SSL. Have you considered doing that?

Thanks again!

Last edited by websissy; 28th August 2008 at 16:10.
Reply With Quote
  #4  
Old 29th August 2008, 13:31
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by websissy View Post
After all the work to guide the user through this setup, it seems the obvious next-steps would be to show them how to tie it together with their mail client via SMTP-AUTH and/or with SSL. Have you considered doing that?

Thanks again!
I might write a tutorial about it...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
websissy (9th September 2008)
  #5  
Old 29th August 2008, 17:36
sayad sayad is offline
Junior Member
 
Join Date: Feb 2008
Posts: 18
Thanks: 0
Thanked 0 Times in 0 Posts
Default

hey , you are running a good stuff , i might need that in my queries too.
Sorry , but i am gonna copy paste it , hope oyur stuff is not copyrighted !!
__________________
San Diego Home Insurance
Reply With Quote
  #6  
Old 30th August 2008, 18:36
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by sayad View Post
hope oyur stuff is not copyrighted !!
I'm sorry, but in fact it is.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 31st August 2008, 02:34
Norman Norman is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 242
Thanks: 0
Thanked 18 Times in 14 Posts
 
Default

Quote:
Originally Posted by falko View Post
I'm sorry, but in fact it is.
Although... with german law Im sure some fair use is allowed
__________________
http://www.xh.se
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Automatix on Debian Etch 4.0 r1 i386 cyberwiz HOWTO-Related Questions 2 12th August 2008 10:43
Perfect setup Debian Etch ISPConfig - DNS Server kdclaver Installation/Configuration 16 28th December 2007 01:39
The Perfect Setup - Debian Etch (Debian 4.0) mysql question paul55 HOWTO-Related Questions 9 4th November 2007 11:28
Debian Etch (Debian 4.0) apache2 file needed Dekalb Installation/Configuration 3 1st June 2007 23:40
Bind Failed christoph2k HOWTO-Related Questions 4 28th April 2007 00:57


All times are GMT +2. The time now is 01:39.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.