Re: [SLE] Postfix question
From: Bob S (usr_at_sanctum.com)
Date: 09/23/04
- Previous message: Chadley Wilson: "Re: [SLE] hw_random"
- In reply to: Carlos E. R.: "Re: [SLE] Postfix question"
- Next in thread: Patrick Shanahan: "Re: [SLE] Postfix question"
- Reply: Patrick Shanahan: "Re: [SLE] Postfix question"
- Reply: Carlos E. R.: "Re: [SLE] Postfix question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: suse-linux-e@suse.com Date: Thu, 23 Sep 2004 01:59:47 -0400
On Tuesday 21 September 2004 19:39, Carlos E. R. wrote:
>The Tuesday 2004-09-21 at 02:05 -0400, Bob S wrote:
...............<snip all kinds of stuff throughout the message - Getting
awfully long> Hope that this has not made it too confusing though.
First of all at end of the last message Carlos asked about my system. (No
crystal ball) Anyway 8.2 with stock kernel 2.4 KDE 3.3 upgraded not too
long ago which has Kmail 1.7. That is when problem with the outgoing mail
started. I have never ever set up a MTA (since SuSE 6 something) Always used
either Mozilla or Kmail. Kmail being my favorite and used now for several
years. When I received the returned mail and saw Postfix and linux.localhost
it surprised me and prompted my question for this thread. I do remember
though back about 7.2 or somewhere therein, I used to get root messages in my
mailbox. Have not now for quite a long time.
OK - Back to basics - Configuring Kmail -Let's forget about Postfix for now!.
Kmail - configure - Network - sending - When I set it for smtp.sanctum.com
When attempting to send a message I receive a message that the server is
unknown - When set for mail.sanctum.com or just sanctum.com receive a message
that the address for the recipient is unknown. When authentication for either
of those addresses is added - Get message that authentication failed, most
likely the password. (password IS correct.)
Now, that being the case, and thinking that Postfix is somehow involved, (due
to info in the returned mail) went into YAST and configured my MTA (Postfix?)
Kind of repeated what was configured in Kmail. (including authentication)(as
a little further down)
An aside: The second message from me to my ISP and their reply:
-----------------------------------------------------
>>Tried it out by sending first - rejected- then did download - sent again -
>>went through. Seems that I cannot send mail until after I fetch mail.
>SMTP Auth is apparently failing, but POP before SMTP is working.
---------------------------------------------------------
OK - Now back to configuring Postfix
Carlos said:
> >No, no, don't do that. Alias root to a local user. Scott Leighton
> >explained how to do that in Yast, but use your local user name instead,
>> >not the address your ISP gave you.
Went into YAST - networks - MTA - Couldn't find anything as an "alias root"
So, under the incoming mail section; server, I put sanctum.com, under Remote
user name, i put bob@linux.local Under local user, I put bob Think I
may have set it up correctly ?
>
>Yast does it, and I suppose it is explained on the printed manual. Any
>way, it is point and click. As I said, Scott explained it, just use a
>local name.
As per above
>
(me)
>> >> Now, on to my final understanding:
(Carlos)
>> >As I said, Kmail needs an SMTP server. It can be your local postfix or
>> >sendmail or qmail, or it can be another one on your intranet, or
>> > extranet, at your ISP, or at the other end of the world. It doesn't
>> > matter. It needs one, but you are not required to provide one on your
>> > machine.
>>
(me)
>> OK, ....so smtp.sanctum.com would suffice??
>
(Carlos)
>Yes, if you like it, you can use it.
No, didn't mean that. I was referring to what should be the address for the
external server if I didn't have a local server.
>
>Or you can use localhost, which means your postfix will handle it.
OK, as per above in the YAST setup. (Hope it was done correctly)
Now, point of order: Both Kmail and Postfix have been set up. Does one take
precedence over the other ??
>
>The advantage (and disadvantage) of using a local smtp server for sending
>to internet is that you have more control over it. Your machine would be
>sending directly to every body you write to, without using an intermediary
>server under someone else's control.
>
>The problem is that some recipients reject them.
Also, I think, not sure, that my ISP blocks them and I must use them as a
relay.
>
>> >I assume that the message was now handled to the POP server of your ISP.
>> >This is not seen on the headers, I suppose because you clipped them.
>>
>> No, I did not clip anything.
>
>And you clicked on full headers? If that is so, something weird happened.
What I posted was "View source" ( Seems that in 1.7 that this has replaced the
"headers" when you right click on the message) ( seems to show everything) and
I copied it word for word.
>
>> >Finally, you fetch it back, read it, and start typing questions at us :-p
>> >
Yeah !!! How true, Have to call on the experts when I have no idea as to what
is going on. :-(
>> >It is possible to configure postfix so that it knows that rnr at
>> > sanctum.com is you, and send it to your local user directly.
>> > Another day.
>>
>> Is it?? Yes, I hope so. Have to figure out how to do that. That would
>> avoid all of that sending to the ISP and back thing. Right??
>
>Right. It is very simple. As root:
> nimrodel:~ # cd /etc/postfix/
> nimrodel:/etc/postfix # mcedit virtual (or your favorite editor)
>
>add the line:
>
> rnr at sanctum.com bob
Did not try that as I am not sure what that will do, Is that a manual method
in lieu of setting up Postfix in YAST?? Will do anything at this point. Just
like to know what is happening and why.
>
>and save. Replace the at by @, of course. I assume "bob" is your local
>name. Finally:
Correct about bob
>
> nimrodel:/etc/postfix # postmap virtual
> nimrodel:/etc/postfix # rcpostfix reload
> Reload mail service (Postfix) done
> nimrodel:/etc/postfix #
>
>and to double check:
>
> nimrodel:/etc/postfix # less /var/log/mail
>
>go to the end of the log file, you should see something like:
>
> Sep 22 00:36:15 nimrodel postfix/master[5233]: reload configuration
>
>and a few more lines if there are pending mails (or problems), like:
>
> Sep 22 00:36:15 nimrodel postfix/qmgr[12185]: 28D0720D17:
> from=<robin1.listas at tiscali.es>, size=2124, nrcpt=1 (queue active) Sep
> 22 00:36:35 nimrodel postfix/smtp[12188]: 28D0720D17: to=<suse-linux-s at
> suse.com>, relay=none, delay=8438, status=deferred (Host or domain name not
> found. Name service error for name=suse.com type=MX: Host not found, try
> again)
>
>
>
>Then send and email to yourself, and check, with command "mailq". By the
>way, if you want to delete and email on the mail queue, once you know its
>ID, the command is "postsuper -d MAIL_ID_HEX
>
>Notice that the queued email above is giving right now a DNS error, try
>again. That's normal, I'm not connected.
>
>> > You can easily find out if this is happening right now.
>> > Type:
>> >
>> > mailq
>>
>> Showed nothing. Even though last night I tried sending a test message. (
>> when I was verifying the POP before SMTP authentication)
>
>Then it was sent.
No, it wasn't - The message was that the mail would be held in the outbox
until the problem was resolved or I deleted it. mailq showed nothing even
though right now I have two mails waiting to be sent which had been rejected
for as per the three examples I posted near the top of this message.
As stated in the above paragraph, tonight I composed an email and tried to
send it at least a half dozen times while trying different configurations in
Kmail and Postfix. mailq showed nothing.
>
>Notice that postfix is not affected by POP before SMTP of your ISP, unless
>you use a relay server, because it is not sending to you ISP (as a relay).
>It sends directly to the destination, bypassing your ISP and not asking
>for permission.
Unless the ISP is blocking? right? And, mail.cf says that sanctum.com is my
relay server.
>
>However, if your postfix is configured to relay all your mail to your ISP
>SMTP server, your ISP will request some type of authentication.
But as per way above, the message is stating - authentication failed -Perhaps
an incorrect password ??........ ( NO, password IS correct)(It is the same as
what logs me on to the ISP )
>Postfix can not handle POP before SMTP. Instead, the passwords are stored in
>/etc/postfix/sasl_passwd, where domain would be your ISP domain:
>
> domain username:password
OK - that is now changed - was as above and now contains the required username
and password
>
>(with a "postmap sasl_passwd" command to apply it) and a configuration
>change is done in the main.cf file:
>
> smtp_sasl_auth_enable = yes
> smtp_sasl_security_options =
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtpd_sasl_auth_enable = no
>
>(last line set to no, because your postfix does not receive).
I have only two of the above:
smtp_sasl_auth_enable = yes (which was set to no and changed to yes) and:
smtpd_sasl_auth_enable = no (which is the same and left it alone)
But, I did a SuSEconfig on postfix and I got this message:
rebuilding /etc/postfix/sasl_passwd.db
*** WARNING ***
Found /etc/postfix/main.cf.SuSEconfig, exiting...
*** WARNING ***
>
>I don't think you need all this, I just explain for completion, and
>because of the time lapse between you and me. Just in case.
>
I appreciate that. And this is not a horrible must solve problem because I can
just send a request to download POP, and then send the queued messages in the
outbox. It is just very aggravating and should work properly.
>
>A bit of background.
>
>Postfix (as any SMTP server) is designed to send directly to destinations.
>If you send an email to somebody@somemachine.somedomain, postfix first
>finds the IP number of that machine, using the DNS, and then talks
>directly to that machine, and transfer the email. The
>"somemachine.somedomain" machine should accept all email that is directed
>to its own users, it can not ask for authentication (this "might" not be
>so in some cases, but I don't know much about that strange case). It
>should reject mail for anybody else, unless you are a user of that
>machine.
OK - good. When I spoke with my ISP I explained that I could send messages
within it's domain, but any messages outside it's domain failed. The reply
was, (after sending example messages ) "It appears as though you are trying
to send messages on your own" Not understanding what they had said at that
moment I said I would check it out.
>
>Instead of that, it
(Meaning Postfix ??)
>can hand off all email to an intermediary, for example smtp.yourisp.domain.
>Your ISP is acting as a "relay server". It must authenticate you, or else
>it will become a spammer sanctuary or nest.
It appears that is true in my case. Do some ISP's require their accounts to
use them as a relay server?
>There are many methods for that, and user/password pairs is very flexible,
>IMO.
>
>Much more about all this stuff can be found at the howtos at
>"/usr/share/doc/howto/en/txt/":
>
>Mail-Administrator-HOWTO.gz
>Mail-Queue.gz
>Mail-User-HOWTO.gz
Will read it all.
>
>I hope I have not confused you further :-)
Yes and no, you have certainly educated me on how this works.
{In last message I ask about Postfix files }
>
>Ok, they are somewhere under "/var/spool/postfix/*":
>
>. .. active bounce corrupt defer deferred flush hold incoming maildrop
> pid private public trace
>
>Don't touch that. To know what mails are in there, and why, use "mailq".
>If you need to hold, delete mails, use postsuper. If you want to have a
>look, use "mc" to browse files. If you want to read a mail that is there,
>use "postcat file".
OK, for curiosity's sake, I went and browsed those directories.Out of the
hundred or more directories, there is not one mail in there. 0 -nothing -
only contains one pid file of 17 bytes.
>
>For example, "postcat -q 28D0720D17|less" displays my queued email (one)
>by that ID.
Couldn't do that, nothing there. (have two messages in the outbox of Kmail
though)
>
>Postfix has a good documentation in
>/usr/share/doc/packages/postfix/html/index.html, including a FAQ.
OK, will read that also.
>
>> >No, POP before SMTP has nothing to do here, for this particular email. It
>> >did not get out.
Yes, but it could be that if failed smtp authentication and did not get out,
right ??
>>
>No. Unless you have configured postfix to relay to your ISP, and that is
>not the default config. It could be, but I doubt it.
But, when I looked at main.cf it showed relay host=sanctum.com
>
>> >Why the DNS queries failed.
>>
>> Don't know ! /related to not accepting it?
>>
>> I think, and jump on me if I am dead wrong, the internet name was not
>> found because the ISP would not accept it. ie: "the POP before SMTP
>> authentication" thing. Following are excerpts which I sent to the ISP and
>> their reply.
>
>No, no. A DNS query can not be denied. The problem would be reported
>differently (no route to host, for example, or rejected for a reason).
>
>Didn't you say your machine was not connected?
>
No, it was connected each time I attempted to send a mail.
>> -----------------------------------------------------
Message I sent to my ISP:
>> >> Are you using POP before SMTP authentication ?? I assume you are also
>> >>blocking mail sent outside your SMTP server.
>>
>> They replied:
>> >Either POP before SMTP authentication or straight SMTP authentication
>> > will work fine.
>> ----------------------------------------------------------
>> So, ??? so what???? To check this out I tried to send by sending first -
>> rejected- then did download of mail - sent again - went through. Seems
>> that I cannot send mail until after I fetch mail.
>
>Then configure the sasl file as I said above. Only needed if relaying.
>Could be the case.
Made those changes as suggested - As per above - Attempted to send a message
and got an "authentication failed" message. Don't know what to do next.
Guess I will be downloading mail before I can send out new mail.
Here is my ISP's last message to me:
The mail server should be mail.sanctum.com or just plain sanctum.com.
"If SMTP authentication isn't working it would be because your system isn't
sending the smtp login/password correctly. That's sort of odd since you are
clearly sending the POP before SMTP correctly."
Soooooo..... I guess there is something wrong in my confirguration someplace.
Darned if I know what or where, or could it be some kind of bug in 1.7 ??
That is why I asked apout what takes precedence, Kmail or Postfix, Since I
think that Postfix is now properly configured. Just don't know.
>
Thanks to all, and especially to you Carlos, who contributed to this thread.
Must have been at least 50 replies.
Bob S.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Chadley Wilson: "Re: [SLE] hw_random"
- In reply to: Carlos E. R.: "Re: [SLE] Postfix question"
- Next in thread: Patrick Shanahan: "Re: [SLE] Postfix question"
- Reply: Patrick Shanahan: "Re: [SLE] Postfix question"
- Reply: Carlos E. R.: "Re: [SLE] Postfix question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
