How to configure exim to send mails to LAN without DNS - email

I am trying to configure exim to send mails directly over LAN without DNS, but I have no luck doing it...
On both ends there is a server with one Internet-facing interface and one local interface. I need to use the local interface.
When I telnet to port 25 from one server to another, it works like a charm. However, when I try to send mail via exim, it insist that I am trying to send the mail to myself.
I have added this router to server with local interface 11.11.0.1:
new_router:
driver = manualroute
domains = 11.11.0.2
transport = remote_smtp
route_list = * 11.11.0.1
and even forced the remote_smtp to use the correct interface:
remote_smtp:
driver = smtp
interface = 11.11.0.1
This is what I get if I try to send a mail form 11.11.0.1 to 11.11.0.2:
2014-03-16 22:11:38 1WPILK-0004YD-O1 == test#11.11.0.2 R=new_router defer (-1): remote host address is the local host
2014-03-16 22:11:39 1WPILK-0004YD-O1 Frozen
This should be the relevant part of the log:
--------> new_router router <--------
local_part=test domain=11.11.0.2
checking domains
11.11.0.2 in "11.11.0.2"? yes (matched "11.11.0.2")
calling new_router router
new_router router called for test#11.11.0.2
domain = 11.11.0.2
route_item = * 11.11.0.1
11.11.0.2 in "*"? yes (matched "*")
original list of hosts = "11.11.0.1" options =
expanded list of hosts = "11.11.0.1" options =
set transport remote_smtp
finding IP address for 11.11.0.1
calling host_find_byname
gethostbyname2(af=inet6) returned 1 (HOST_NOT_FOUND)
local host found for non-MX address
fully qualified name = 11.11.0.1
gethostbyname2 looked up these IP addresses:
name=11.11.0.1 address=11.11.0.1
LOG: MAIN
remote host address is the local host: 11.11.0.2
new_router router: defer for test#11.11.0.2
message: remote host address is the local host
added retry item for R:11.11.0.2: errno=-1 more_errno=0 flags=0
post-process test#11.11.0.2 (1)
LOG: MAIN
== test#11.11.0.2 R=new_router defer (-1): remote host address is the local host
Do you have any idea how to convince exim to not treat 11.11.0.2 as a local address?
Thanks,
Drasha

It seems your exim thinks 11.11.0.2 refers to your own machine, i.e. you have some configuration setting (local_interfaces, extra_local_interfaces or hosts_treat_as_local) that includes 11.11.0.2.
By default the manualroute router is intended to give you a remote host, but that can also be adjusted by adding
self = send
to your new_router configuration, although it would be better to fix the original problem instead of patching the symptoms as you might run into all kinds of other strange problems if you have messed up what is considered local hosts and not.
BTW, what does the command exim -bP | grep local show?

Related

Sendmail Error : opendaemonsocket: daemon TLSMTA: cannot bind: Address already in use

I am installing sendmail/dovecot on my mail sever.
I edited file /etc/mail/sendmail.mc
and add the below lines to make sure the domain name is used in sending mail
#add for domain email by deo malamo
define(`confDOMAIN_NAME', `desaonline.co.tz')dnl
FEATURE(`relay_entire_domain')dnl
#end add domail based email by deo malamo
i installed and Used tls/ssl from Let's Encrypt
#add for Let's Encrypt ssl by deo malamo
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`CERT_DIR', `/etc/letsencrypt/live/mail.desaonline.co.tz/')dnl
define(`confCACERT', `CERT_DIR/chain.pem')dnl
define(`confCACERT_PATH',`/etc/ssl/certs/')dnl
define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/privkey.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/privkey.pem')dnl
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
#DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
#DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
#end add Let's Encrypt ssl by dmalamo
MY PROBLEM is the ports 25,465 and 587 are coming up and then shutdown because of port already in use ,Can any one assist me to fix this problem?
When i save the config (/etc/mail/sendmail.mc) and restart sendmail ,port 465 seems to be used and shutdown the whole outgoing ports 25,465 and 587.
logs file have the below entries
daemon TLSMTA: problem creating SMTP socket
Feb 9 13:26:43 mail sm-mta[20646]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon TLSMTA: cannot bind: Address already in use
NOQUEUE: SYSERR(root): opendaemonsocket: daemon TLSMTA: cannot bind: Address already in use
daemon TLSMTA: problem creating SMTP socket
NOQUEUE: SYSERR(root): opendaemonsocket: daemon TLSMTA: server SMTP socket wedged: exiting
MY PROBLEM is the ports 25,465 and 587 are coming up and then shutdown because of port already in use ,Can any one assist me to fix this problem?
Short list to check...
1st) have You compiled sendmail.mc into sendmail.cf ?
2nd) TLSMTA: cannot bind: Address already in use... means that one process already use this port (smtps: 465),
- check who is using port (e.g. "netstat -lntp|grep 465")
- and stop this, sometimes port can be in use by connection, maybe instead restart You should: stop, wait few sec./minutes and then start sendmail
- "netstat -lntp|grep sendmail" can be usefull to see sendmail's listening ports
- before start be sure that ports are not occupied (not in use)
- problem may also be in SELINUX (investigate how to allow program to use ports)
Regards
K.

Multicast between server and client with or without a router not knowing server IP in advance and possible diferent sub-net

I'm writing in Python software that runs on my Windows (and Linux) PC, while the PC is connected via LAN (with or without a router) to a second device.
The second device sends UDP multicast packets to a known multicast group address and port.
The software in the computer is configured to be part of the same multicast group.
This is working OK as long as both my computer and the server network configuration are on the same sub-net.
Now, most of the times I will don't know the IP of the device in advance and I'll be connecting my computer directly to the server point-to-point. (Imagine the software that comes with IP security cameras that allows you to discover or know the IP of the camera when connecting directly to them with out knowing it in advance and without being in the same sub-net). E.g my computer has IP 169.x.x.x/24 and the server has IP 10.1.1.100 but I do not know the server IP in advance.
For reasons out of my control, the device cannot be configured to be a DHCP server so it cannot assign IP to my computer and cannot use DNS.
How can I receive the UDP multicast packets without raw capture?
This is my current code for the socket configuration that is working when both the computer and the server have the same sub-net. Ex 10.1.1.100/16 and 10.1.1.60/16 but needs to work also as mentioned above.
class MulticastSocket(object):
"""Sends UDP packets to multicast addressses."""
def __init__(self, bind_ip=None):
self._create(bind_ip)
def _create(self, bind_ip):
self.bind_addr = bind_ip
# chosen arbitrary from IANA's Scoped Multicast Range
# https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml#unicast-prefix-based
self.multicast_group = '239.6.2.86'
self.multicast_port = 6286
"""Creates a multicast UDP socket"""
self._sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
self._sock.settimeout(6)
ttl = 2
self._sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, ttl)
self._sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_IF, socket.inet_aton(self.bind_addr))
membership_request = struct.pack('4s4s', socket.inet_aton(self.multicast_group),
socket.inet_aton(self.bind_addr))
self._sock.setsockopt(
socket.IPPROTO_IP, socket.IP_ADD_MEMBERSHIP, membership_request)
self._sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
if sys.platform == 'linux':
bind_addr = self.multicast_group
else:
bind_addr = self.bind_addr if self.bind_addr else ''
self._sock.bind((bind_addr, self.multicast_port))
def get(self):
"""use to get the socket object to work with the select as select only accept sockets objects"""
return self._sock
def send(self, msg):
return self._sock.sendto(msg, (self.multicast_group, self.multicast_port))
def recv(self, len):
try:
response = self._sock.recvfrom(len)
return response
except socket.timeout:
return "", ""
def close(self):
self._sock.close()

Getting files from Windows host with Perls Net::FTP

The laptops in our company go to the network either about LAN (workplace) or about WLAN (conference room). Depending on how they go to the net, they get from DHCP different IPs.
Certain Perl application on a server, copies files from the client (e.g. laptop above) with Net::FTP. The piece of code looks like this:
# don't wait for ftp-timeout if the host is not reachable
my $alive = Net::Ping::External(host => $clnt_host);
if ($alive) {
$ftp = Net::FTP->new($clnt_host, Debug => 0, Timeout => 200)
or return "Cannot connect to $clnt_host: $#\n";
....
....
}
else {
dbgout(1, "Host $clnt_host unreachable.\n");
$st = "'FTPGETFAILED'";
return ($st);
}
Sometimes the code above doesn't work: Net::Ping::External() returns "alive", but Net::FTP->new() gets a "timeout".
Obviously "FTP" and "ping" resolve the hostname differently.
On the OS ping reslove as follows:
C:\Users\converter>ping -n 1 lap314-034
Ping wird ausgeführt für lap314-034.domain.de [10.140.12.110] mit 32 Bytes Daten:
Antwort von 10.140.12.110: Bytes=32 Zeit=2ms TTL=127
However, "nslookup" returns 2 possibilities:
C:\Users\converter>nslookup lap314-034
Server: domaincontroller.domain.de
Address: 123.123.123.123
Name: lap314-034.domain.de
Addresses: 10.192.3.145
10.140.12.110
The not active IP address is delivered from nslookup at the first place back.
I suppose that Net::FTP also uses this address to connect to the client.
How can I "convince" FTP to use the active DNS entry for the connection?
=============================================================
Thanks for your answers. I followed your suggestions. The solution bases on: http://code.activestate.com/lists/perl-win32-users/32624/
#------------------------------------------------------------------
sub getActiveIP {
#------------------------------------------------------------------
my $hostname = shift;
my $host = (gethostbyname ($hostname))[0] or return undef;
my #addr = gethostbyname ($host);
# delete the first 4 array elements
splice #addr, 0, 4;
foreach (#addr) {
my $IPstr = sprintf ("%s", &inet_ntoa ($_));
my $alive = ping(host => $IPstr);
if ($alive) {
return $IPstr;
}
}
return undef;
}
Nevertheless, I believe that a widespread Perl-library should not make such surprises to the user.
How can I "convince" FTP to use the active DNS entry for the connection?
There is no good way to let Net::FTP decide it.
Instead you should determine it outside of Net::FTP and then use the usable IP address instead of the hostname in Net::FTP.
Maybe you would be able to use only Net::FTP with the new versions (Net::FTP > 3.0) which can use IO::Socket::IP instead of IO::Socket::INET as the underlying module. This module can try all the IP addresses returned for a hostname until it gets a successful connection. But these retries will be done for every connection, that is the control connection and every data transfer. Since the connection to the inactive host only fails after some timeout everything will just be horribly slow.
The solution seems obvious: Get the IP addresses, ping them, figure out which one is live, and use the IP address instead of host name in the Net::FTP constructor.

exim4 cannot send email to root (all localhost users)

I have a problem with exim4 configuration. I try to send email to root, but email stay frozen in queue.
I tried this:
root#server2:~# echo TEST | mail -s "Hello this is testing email" root
and email is in queue (frozen), please see some outputs below.
In log (/var/log/exim4/mainlog) is this message:
2014-06-11 11:47:36 1Wuf84-0004o3-E4 <= root#server2.mydomain.cz U=root P=local S=416
2014-06-11 11:47:36 1Wuf84-0004o3-E4 remote host address is the local host: server2.mydomain.cz
2014-06-11 11:47:36 1Wuf84-0004o3-E4 == mailer-daemon#server2.mydomain.cz R=dnslookup defer (-1): **remote host address is the local host**
2014-06-11 11:47:36 1Wuf84-0004o3-E4 Frozen
Local host is routable (I hope):
root#server2:~# exim -bt localhost
LOG: MAIN
remote host address is the local host: server2.danielblazek.cz (while routing <localhost#server2.mydomain.cz>)
localhost#server2.mydomain.cz cannot be resolved at this time: remote host address is the local host
root#server2:~#
Configuration of hostname is right:
root#server2:~# hostname && hostname -f
server2
server2.mydomain.cz
Aliases seems to be OK:
root#server2:~# cat /etc/aliases
# /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root
root: root
clamav: root
Do have any idea how can I fix it? With Postfix I never have problem like that. System emails always was delivered to /var/mail folder. But with exim4 I' m on the rocks. It's required for me receive system emails...
Please ask me if you need more information or outputs. Thank you for all replies!
Daniel
remote host address is the local host is an exim error message which indicates that the sender or recipient's domain has your machine's hostname/IP, but exim is not configured to accept mail for that domain.
Exim has a standard domainlist named +local_domains that pretty much every different exim configuration system uses. See what domains are configured for your system by running:
exim -bP '+local_domains'
You will probably see a command that looks up a list of domains from a file. Put your hostname (in this case, it looks like it's an implicit hostname "localhost") in that file and exim should begin to work properly. Your test was slightly incorrect; you must pass the username you are delivering to, not the hostname:
exim -bt root

How configure roundcube to work with imaps?

I recently installed Postfix, Dovecot to setup a mail server on my own VPS ( using this tutorial: Email with Postfix, Dovecot, Mysql)
Imaps server uses port 993 for Authentication, and Postfix uses port 25 to send mails.
In this tutorial, users stored in a Database ( so imaps use mysql to authenticate users).
i'm sure every thing works fine with imaps and postfix , because few days ago i installed Kmail client (on my linux) and receive mails from my server. sending mails also works fine, i sent a mail to Gmail and google received it without a problem (in my "Gmail inbox" not spam folder)
So to get to my Emails from a web mail client, i installed Roundcube on /var/www/mail directory.
I configured Roundcube many times. but each time it gives me this Error:
IMAP Error: Login failed for [me#mydomain] from X.x.X.x . Empty
startup greeting (localhost:993) in
/var/www/mm/program/lib/Roundcube/rcube_imap.php on line 184 (POST
/mm/?_task=login?_task=login&_action=login)
When i do log in from roundcube, imap server says ( in /var/log/mail.log ):
May 20 07:05:16 my-server dovecot: imap-login: Disconnected (no auth
attempts): rip=::1, lip=::1, TLS handshaking: Disconnected
Here is my roundcube config file :
$config['db_dsnw'] = 'mysql://roundcubeuser:myPassword#localhost/roundcubemail';
// ----------------------------------
// IMAP
// ----------------------------------
$config['debug_level'] = 13;
$config['default_host'] = 'ssl://127.0.0.1';
$config['default_port'] = 993;
// ----------------------------------
// SMTP
// ----------------------------------
$config['smtp_server'] = 'ssl://localhost';
What's the problem? i really have no idea what is happening !
Thank you.
I'm using postfix + dovecot + roundcube a few months now and it's working for me. In my configuration, postfix rejects plaintext sessions, so roundcube has to connect with ssl - and it's working.
This is from my main.inc.php. I don't remember editing anything here, it's just the initial config created during the installation.
Now that I'm looking at it, default_port doesn't make any sense, I think it's just ignored.
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// Supported replacement variables:
// %n - http hostname ($_SERVER['SERVER_NAME'])
// %d - domain (http hostname without the first part)
// %s - domain name after the '#' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %d = domain.tld
// TCP port used for IMAP connections
$rcmail_config['default_port'] = 143;
$rcmail_config['default_host'] = array("ssl://localhost:993");
// TCP port used for IMAP connections
$rcmail_config['default_port'] = 143;
In case the other answer does not work, this is what worked for me. My config.inc.php now contains:
$config['default_host'] = 'ssl://localhost';
$config['default_port'] = 993;
NOTE: using tls://localhost did not work for me. I had to specify ssl:// as the URI scheme.
Via PhpMyAdmin, I also ran this SQL command (all my user accounts are on the same machine that runs RoundCube):
UPDATE `rc_users` SET `mail_host`='ssl://localhost'
I got the port number 993 from running sudo netstat -tulnp in order to determine the port on which Dovecot was listening.