I try to setup ERC > ZNC connection over SSL. The no-SSL connections works fine. The problem is when I try to connect using Erc via erc-tls command, nothing happens, the "Opening Connection.." message stays forever.
ZNC config:
AnonIPLimit = 10
ConnectDelay = 5
ProtectWebSessions = true
ServerThrottle = 30
Skin = _default_
StatusPrefix = *
SSLCiphers = EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocols = -SSLv2 -SSLv3 -TLSv1 +TLSv1.1 +TLSv1.2
Version = 1.7.2
<Listener l>
IPv4 = true
IPv6 = false
SSL = true
AllowIRC = true
AllowWeb = false
</Listener>
...
Emacs config:
(setq tls-program
'("gnutls-cli --x509cafile %t -p %p %h"
"gnutls-cli --x509cafile %t -p %p %h --protocols ssl3"
"gnutls-cli --priority secure256 -p %p %h"))
I connect via ERC: (erc-tls :server "server.domain" :port 55555 :nick "znc-nick" :password "znc-nick/freenode:znc-password")
Any ideas?
Problem solved. The issue was caused by too strict network profile in Emacs, which disallowed incoming self signed certificates. To work around this, and keep the current settings intact I created function which I run to start ERC session. I use ZNC package to connect with ZNC server.
(defun my/znc-all ()
"Connect to all ZNC networks. Accept incoming self signed certificates."
(interactive)
(let ((tls-checktrust nil)
(gnutls-verify-error nil))
(znc-all)))
Related
I've created the server in laravel command file & set in supervisor to run the socket server continuously to accept client msg
Laravel Command file code
Server.php
$loop = React\EventLoop\Factory::create();
$IP = getHostByName(getHostName()); // this will get current server IP address // 192.168.0.50
$socket = new React\Socket\Server($IP.':8080', $loop);
$socket->on('connection', function (React\Socket\ConnectionInterface $connection) {
$connection->on('data', function ($data) use ($connection) {
// process data sent from client
});
});
$loop->run();
Client.php
$loop = React\EventLoop\Factory::create();
$connector = new React\Socket\Connector($loop);
$connector->connect('192.168.0.50:8080')->then(function (React\Socket\ConnectionInterface $connection) use ($loop,$data) {
$connection->write($data); // sent data to Server.php
});
$loop->run();
This is working fine but when I check on the next day it will be sent data from Client.php but not received at Server.php Then restart Supervisor of Server.php / php artisan server then it working fine for the whole day
I've found what exactly happen.
I've set IP with port 192.168.0.50:8080 to communicate with the server. but checked the next day the IP is changed to 127.0.0.1:8080.
Below is the solution to communicate with any IP address.
Server.php
$loop = React\EventLoop\Factory::create();
$IP = getHostByName(getHostName()); // this will get current server IP address // 192.168.0.50
$IP = '0.0.0.0'; -> set this to I/O to any IP address
$socket = new React\Socket\Server($IP.':8080', $loop);
$socket->on('connection', function (React\Socket\ConnectionInterface $connection) {
$connection->on('data', function ($data) use ($connection) {
// process data sent from client
});
});
$loop->run();
sudo lsof -i -P -n | grep LISTEN -> run this cmd to check 8080 port
with updated code, It's showing now *:8080
I have set up a simple client-server communication code and it works well in my computer when my computer itself acts as a server and the client.
Now I am trying to run this same code on two different computers in different networks( different locations) where my computer will act as a server and my friend's computer as a client.
I have done port forwarding in my router as well as in my friend's router for the port which we are trying to communicate. We both have set up a static IP in our internal network behind the router. We both had shutdown the firewall while running the code.
I am running my code on Jupiter notebook and the same is my friend too.
here is my server code:
import socket
import threading
HEADER = 64
PORT = 5064
SERVER = '0.0.0.0'
ADDR = (SERVER, PORT)
FORMAT = 'utf-8'
DISCONNECT_MESSAGE = "quit"
Receive_from_client = "get info"
server = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
server.bind(ADDR)
def handle_client(conn, addr):
print("\n" + f"[NEW Connection] detected from IP: {addr[0]} & Port:{addr[1]} ")
conn.send(f"connected to server {ADDR}".encode(FORMAT))
connected =True
while connected:
msg_length = conn.recv(HEADER).decode(FORMAT) # decode the msg from byte to utf-8 format
if msg_length:
msg_length = int(msg_length)
msg = conn.recv(msg_length).decode(FORMAT)
if msg == DISCONNECT_MESSAGE:
connected = False
print(f" [Client][{addr}] {msg}")
print("Your session is disconnected")
break
if msg == Receive_from_client:
print("\n" + f"Send your msg to client with IP: {addr[0]}")
thread = threading.Thread(target = send2client, args = (conn, addr))
thread.start()
print(f" [Client][{addr}] {msg}")
conn.send(f"Msg received by server with IP:{addr[0]}".encode(FORMAT))
conn.close()
server.close()
def start():
server.listen()
print("\n"+ f"[LISTENING] Server is listening from IP: {SERVER} ")
while True:
conn, addr = server.accept()
thread = threading.Thread(target = handle_client, args = (conn, addr))
thread.start()
Here is the client code
import socket
import threading
HEADER = 64
PORT = 5064
FORMAT = 'utf-8'
DISCONNECT_MESSAGE = "quit"
SERVER = '103.192.207.250' # SERVERS public IP
ADDR = (SERVER, PORT)
client = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
client.connect(ADDR)
def send2server():
while True:
msg = input()
message = msg.encode(FORMAT)
msg_lenght = len(message)
send_length = str(msg_lenght).encode(FORMAT)
send_length += b' '*(HEADER - len(send_length))
client.send(send_length)
client.send(message)
print(client.recv(2048).decode(FORMAT))
if msg == DISCONNECT_MESSAGE:
print("session closed")
client.close()
def start():
print("\n"+ f"[LISTENING] client is listening from IP: {ADDR} ")
send2server()
I have opened the port by going on windows firewall defender and selecting new inbound and outbound rules to open 5064 TCP port.
but still, the code doesn't works..
my server keeps waiting for connection and the client-side after few seconds of running gives this error:
TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
Even while my server is listening from port 5064 when I scan this port to check if the port is open or not it says closed.
How do I check if the port I have forwarded is for sure open and also how do I get this thing work?
I have tried all of this and if there is any other thing I am missing please tell. I am struggling to get this work for the past 3 days.
I've been trying to send an email programmatically from the server using SimpleEmail. I use Kotlin. So far it always leads to an error that seems to only use port 465 despite setting it to a different port. I've been trying to find out why it does this but I have not seen any point this out.
SimpleEmail().apply {
hostName = "smtp.gmail.com"
setSmtpPort(587)
setAuthenticator(DefaultAuthenticator("**email**", "**password**"))
setSSLOnConnect(true)
setFrom("**email**")
subject = "TEST"
setMsg("TEST")
addTo(email)
}.send()
The error:
org.apache.commons.mail.EmailException: Sending the email to the following server failed : smtp.gmail.com:465
A little late, but maybe it still helps someone.
Ports 25 and 587 use TLS, while port 465 uses SSL. If you setSSLOnConnect, then it forces the port 465, because that is the SSL port.
Instead, you have to use setStartTLSEnabled and optionally setStartTLSRequired to true, but not setSSLOnConnect.
hostName should be = "smtp.googlemail.com" but not "smtp.gmail.com", if it does not work, check the gmail settings for access to smpt.
const val myEmail = "test#gmail.com"
const val myPassword = "test"
const val receivingAddress = "test"
fun main(args: Array<String>) {
SimpleEmail().apply {
hostName = "smtp.googlemail.com"
isSSLOnConnect = true
subject = ("subject")
setSmtpPort(465)
setAuthenticator(DefaultAuthenticator(myEmail, myPassword))
setFrom(myEmail)
setMsg("message")
addTo(receivingAddress)
}.send() // will throw email-exception if something is wrong
}
We currently are running the latest version of GitLab (v8.0.1) which is installed using the Omnibus package and trying to enable the new "reply-to" feature but nothing is happening.
We followed these instructions:
http://doc.gitlab.com/ce/incoming_email/README.html (specifically the Gmail instructions). We configured a new Gmail account with lesser-security and we also use the SMTP configuration.
The email, when replied to, is being sent to the GMail account but from there nothing is happening. The doco seems a little sparse but is GitLab supposed to pick that email up (via IMAP) and update the issue? If so, nothing is happening.
Our settings in the /etc/gitlab/gitlab.rb (and I had to add the "incoming-mail" section manually because it was not there) looks like this:
# SMTP setup
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "aws"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = "AWSUSER"
gitlab_rails['smtp_password'] = "AWSPASS"
gitlab_rails['smtp_domain'] = "git.ourdomain.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
# gitlab_rails['smtp_tls'] = false
# gitlab_rails['smtp_openssl_verify_mode'] = 'none' # Can be: 'none', 'peer', 'client_once', 'fail_if_no_peer_cert', see http://api.rubyonrails.org/classes/ActionMailer/Base.html
# gitlab_rails['smtp_ca_path'] = "/etc/ssl/certs"
# gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-certificates.crt"
# Configuration for Gmail / Google Apps, assumes mailbox gitlab-incoming#gmail.com
gitlab_rails['incoming_email_enabled'] = true
gitlab_rails['incoming_email_address'] = "gitlab+%{key}#ourdomain.com"
gitlab_rails['incoming_email_email'] = "gitlab#ourdomain.com"
gitlab_rails['incoming_email_password'] = "GLPASS"
gitlab_rails['incoming_email_host'] = "imap.gmail.com"
gitlab_rails['incoming_email_port'] = 993
gitlab_rails['incoming_email_ssl'] = true
gitlab_rails['incoming_email_start_tls'] = false
gitlab_rails['incoming_email_mailbox_name'] = "inbox"
For me installing the last update and restarting the server seemed to solve the problem (I did restart the server the first time as well but it still was not working).
Trying to configure Exim mail server using this article. I can use this server inside my local network but when I try to use it from internet I taking some errors. Ports 10000-20000 translate to server machine. Everything I doing inside the docker image of CentOS 7. Host machine with CentOS 7 too.
Abbreviations:
test_domain.tk - my test domain
test1, test2 - test users
test#external.com - test external email
123.456.789.876 - my external ip (I have router with NAT)
10.0.7.30 - docker's tunnel
Starting docker with command: docker run -d --name mail -h test_domain.tk -p 10025:25 -p 10587:587 -p 10465:465 -p 10143:143 -p 10993:993 mail/server:localwork start_server
start_server:
#!/bin/bash -e
/usr/sbin/dovecot && /usr/sbin/exim -v -bdf -q30m
/etc/exim/exim.conf:
primary_hostname = test_domain.tk
domainlist local_domains = # : localhost : test_domain.tk
domainlist relay_to_domains =
hostlist relay_from_hosts =
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
av_scanner = clamd:/var/run/clamd.exim/clamd.sock
tls_advertise_hosts = *
tls_certificate = /etc/ssl/default.crt
tls_privatekey = /etc/ssl/default.key
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
allow_domain_literals
never_users = root
auth_advertise_hosts = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
begin acl
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first
warn condition = ${if eq{$sender_host_name}{} {1}}
set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons
accept
acl_check_rcpt:
accept hosts = :
control = dkim_disable_verify
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[#%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[#%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify
accept authenticated = *
control = submission
control = dkim_disable_verify
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
accept
acl_check_data:
warn condition = ${if !def:h_Message-ID: {1}}
set acl_m_greylistreasons = Message lacks Message-Id: header. Consult RFC2822.\n$acl_m_greylistreasons
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
{1}{0}}
accept
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
# if ipv6-enabled then instead use:
# ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
localuser:
driver = accept
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
transport = local_delivery
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
remote_msa:
driver = smtp
port = 587
hosts_require_auth = *
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
directory = $home/Maildir
maildir_format
maildir_use_size_file
delivery_date_add
envelope_to_add
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
exim log:
8 LOG: MAIN
8 exim 4.84 daemon started: pid=8, -q30m, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
16 LOG: host_lookup_failed MAIN
16 no host name found for IP address 123.456.789.876
16 LOG: MAIN REJECT
16 H=([10.0.7.30]) [123.456.789.876] X=SSLv3:DHE-RSA-AES128-SHA:128 F=<test1#test_domain.tk> rejected RCPT <test#external.com>: relay not permitted
16 LOG: lost_incoming_connection MAIN
16 unexpected disconnection while reading SMTP command from ([10.0.7.30]) [123.456.789.876]
When I try to connect from internet I got timeout error in mail client and empty logs in Exim. It's probably problem of work with router. How to make it works?
Ask me if you need more data. Thanks in advance.
You have your docker internal ports (for example 10025) mapped to standard smtp ports (for example 25), but you have exim listening on the standard ports instead of the mapped internal ports. Configure exim to listen on 10025, 10465, 10587 and see if the behavior changes.
It seems there's an issue with reverse DNS lookup according to this ancient post. Try disabling host_lookup and see if that works:
host_lookup = 0.0.0.0/0
If it does you'll have to fix your DNS settings to map the right domain to your host.