Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 2nd June 2006, 07:42
ralexpdx ralexpdx is offline
Junior Member
 
Join Date: May 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default Can't seem to get SMTP AUTH working..

I am trying to test SMTP AUTH, because I know if I don't have it working I'll have 10000 spammers using my new server minutes after I unblock the ports.

I have NOT installed ISPConfig yet, but I intend to once I am sure mail is secure...

my host name is www.4pdx.com

I have setup "The Perfect Setup for Fedora Core 5" and everything looks ok. I try testing the SMTP server by using:


> telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 www.4pdx.com ESMTP Postfix
ehlo cnn.com
250-www.4pdx.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME
mail from: <admin@peterpan.org>
250 Ok
rcpt to: <r_alexb@hotmail.com>
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
well this doesn't work...
.
250 Ok: queued as EEC061348033
quit


As you can see it let me send the email even though none of the domains listed are on my server. I have also tried unblocking my firewall ports, (External firewall, both the Fedora firewall and SELinux are disabled) and trying an external client. I use a username and password, but don't have the SMTP Authentication on and it still lets me send mail.

This isn't secure is it? can't anyone connect to port 25 and send anything anywhere? Please help if you can. Thanks

Randy

I am including below all the outputs I can think of that you guys usually ask for. If you need one not here, please let me know and I'll send it!

---------------------------------------------------------------------
Output of netstat -tap

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 1868/mysqld
tcp 0 0 *:53452 *:* LISTEN 1532/rpc.statd
tcp 0 0 *:sunrpc *:* LISTEN 1513/portmap
tcp 0 0 192.168.1.4:domain *:* LISTEN 1495/named
tcp 0 0 192.168.1.3:domain *:* LISTEN 1495/named
tcp 0 0 192.168.1.2:domain *:* LISTEN 1495/named
tcp 0 0 192.168.1.105:domain *:* LISTEN 1495/named
tcp 0 0 localhost.localdomai:domain *:* LISTEN 1495/named
tcp 0 0 localhost.localdomain:ipp *:* LISTEN 1747/cupsd
tcp 0 0 *:smtp *:* LISTEN 1957/master
tcp 0 0 localhost.localdomain:rndc *:* LISTEN 1495/named
tcp 0 1 192.168.1.105:60781 mx4.hotmail.com:smtp SYN_SENT 2446/smtp
tcp 0 0 *:imaps *:* LISTEN 1896/dovecot
tcp 0 0 *:pop3s *:* LISTEN 1896/dovecot
tcp 0 0 *:pop3 *:* LISTEN 1896/dovecot
tcp 0 0 *:imap *:* LISTEN 1896/dovecot
tcp 0 0 *:http *:* LISTEN 1991/httpd
tcp 0 0 *:ftp *:* LISTEN 1971/proftpd: (acce
tcp 0 0 *:ssh *:* LISTEN 1755/sshd
tcp 0 0 *:https *:* LISTEN 1991/httpd
tcp 0 44 ::ffff:192.168.1.105:ssh SAPPHIRE.LUCIDNET:4596 ESTABLISHED 2383/sshd: ralex [p
-----------------------------------------------------------------------

my main.cf file (Minus the comments and commented out directives)

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.8/samples
readme_directory = /usr/share/doc/postfix-2.2.8/README_FILES

smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
------------------------------------------------------------------------
Contents of /usr/lib/sasl/smtpd.conf

pwcheck_method: saslauthd
saslauthd_version: 2

Last edited by ralexpdx; 2nd June 2006 at 07:48.
Reply With Quote
Sponsored Links
  #2  
Old 2nd June 2006, 10:20
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,421
Thanks: 834
Thanked 5,499 Times in 4,328 Posts
Default

Please add the line:

Quote:
mynetworks = 127.0.0.0/8
to your postfix main.cf.

This enables you to send emails without authentication only from localhost. All other hosts will require username and password to send email.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 2nd June 2006, 23:28
ralexpdx ralexpdx is offline
Junior Member
 
Join Date: May 2006
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till
Please add the line:



to your postfix main.cf.

This enables you to send emails without authentication only from localhost. All other hosts will require username and password to send email.

That worked great! Thank you so much! I get a MD5/CRAM authentication error. No secret in database, now. so I still have something weird. I installed Ravencore so that probably replaced something I had set up before, so I'll have to dig into it! Thanks again!

Randy
Reply With Quote
  #4  
Old 3rd June 2006, 14:20
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,744 Times in 2,577 Posts
 
Default

What's in /usr/lib64/sasl2/smtpd.conf (if you're on a x86_64 system) or /usr/lib/sasl2/smtpd.conf (if you're on a i386 system)? It should contain

Code:
pwcheck_method: saslauthd
mech_list: plain login
nothing else.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 12:20
TPSFC4 SMTP Auth question Hagforce HOWTO-Related Questions 3 10th May 2006 15:45
SMTP Auth failure debian 3.1 sarge dschmid Installation/Configuration 5 3rd April 2006 11:16
SMTP Auth problem maxx General 12 1st February 2006 02:48
Postfix SMTP Auth Configuration kisong Installation/Configuration 6 20th October 2005 01:06


All times are GMT +2. The time now is 22:36.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.