I have setup JAMES email server on my local windows system. Now I am trying to send mail to my yahoo account but I am getting the following error
13/11/10 12:39:56 INFO James.Mailet: RemoteAddrNotInNetwork: Authorized addresses: [127.0.0.1/255.255.255.255, 0.0.0.0/255.255.255.255, 192.168.2.0/255.255.255.0]
13/11/10 12:39:56 INFO James.Mailet: RemoteDelivery: maxRetries is larger than total number of attempts specified. Increasing last delayTime with 19 attempts
13/11/10 12:39:56 INFO James.Mailet: RemoteDelivery: Delay of 21600000 msecs is now attempted: 20 times
13/11/10 12:40:04 INFO James.Mailet: RemoteDelivery: Attempting delivery of Mail1289631302656-0-to-yahoo.co.in to host mx1.mail.in.yahoo.com. at 180.222.96.138 for addresses [abhilash#yahoo.co.in]
13/11/10 12:40:04 INFO James.Mailet: RemoteDelivery: Could not connect to SMTP host: 180.222.96.138, port: 25, response: 553
13/11/10 12:40:04 INFO James.Mailet: RemoteDelivery: Temporary exception delivering mail (Mail1289631302656-0-to-yahoo.co.in:
13/11/10 12:40:04 INFO James.Mailet: RemoteDelivery: Storing message Mail1289631302656-0-to-yahoo.co.in into outgoing after 0 retries
As per the FAQs most probably I have some problem configuring my DNS server. So what I should set my DNS server to - my system's internal IP, my router's IP, my public IP. I'm confused. Any suggestions kindly share.
In the startguide of JAMES it is said:
Determine the DNS server to use. On Windows, type ipconfig /all and look for the DNS servers. On Unix, look at /etc/resolv.conf. You will need this information in step #9.
https://wiki.apache.org/james/JamesQuickstart
Related
I've been on this VPN tunnel for over a week now and keep getting Peer not responding when I bring up the tunnel.
I have Strongswan installed and I have also created 1 tunnel which is working fine and connection established, then I added a second one, but whenever I bring up the second tunnel, after 5 attempts, I get Peer not responding. The remote server cannot see any connection from me.
Here's my ipsec.conf file:
config setup
charondebug="all"
conn %default
ikelifetime=24h
keylife=20m
rekeymargin=3m
keyingtries=1
authby=secret
mobike=no
conn Foo-to-Bar
keyexchange=ikev1
left=196.xxx.xxx.xx #PUBLIC IP of my server
leftsubnet=196.xxx.xx.xx/32 #PUBLIC IP of my server
leftid=196.xxx.xx.xx #PUBLIC IP of my server
leftfirewall=yes
right=41.xxx.xx.xx #Remote Peer IP
rightsubnet=41.xxx.xx.xx/32 #Remote Host IP
rightid=41.xxx.xx.xx
auto=route
esp=3des-sha1
ike=3des-sha1-modp1024
type=tunnel
lifetime=24h
dpdaction=clear
ike_dhgroup=group2
conn Foo-to-Bar2
also=Foo-to-Bar
rightsubnet=xxx.xxx.xx.xx/32 #Another remote host
esp=3des-sha1
When I do strongswan up Foo-to-Bar here's what I get:
strongswan up Foo-to-Bar
initiating Main Mode IKE_SA Foo-to-Bar[2] to xxx.xxx.xx.xx
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 1 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 2 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 3 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 4 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
sending retransmit 5 of request message ID 0, seq 1
sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
giving up after 5 retransmits
establishing IKE_SA failed, peer not responding
establishing connection 'Foo-to-Bar' failed
Also when I check my /var/log/messages I get
# localhost charon: 04[NET] sending packet: from 196.xxx.xxx.xx[500] to 41.xxx.xx.xx[500] (248 bytes)
# localhost charon: 03[NET] error writing to socket: Network is unreachable
What could be the cause?
I am a bit confuse that I have one config just above this on the same file which is able to establish the connection, while this one does not and the remote host cannot see my connection attempts on their log.
I'd appreciate any help.
I recently started using flutter to create an app that has video and audio calling, so I thought of using WebRTC to accomplish this. However, when I tried to create a local WebRTC server from the WebRTC Github it doesn't let me connect to it. When I run the server from the command prompt it tells me that the server is listening at the given local IP, but when I try to connect to it, it says the site can't be reached. Also when I ping the url it says the ping request could not find the host. Any kind of help would really be appreciated.
WebRTC server: https://github.com/flutter-webrtc/flutter-webrtc-server
Starting server in command prompt
netstat when server running
pinging server
The IP 0.0.0.0 is not the IP address the server is binding/listening too.
It is a common way that servers allow configurion 0.0.0.0 to express binding to all IPv4 the host has (see https://en.wikipedia.org/wiki/0.0.0.0 ). To acually reach your server use whatever IP you have on the host (if you are starting the server on your workstation 127.0.0.1 ought to work)
Ping on Windows is only ICMP if I am not mistaken, this means a TCP port number is not part of it's expected input. Eg. "0.0.0.0:8086" is not a valid target for that command (see https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/ping )
>ping 0.0.0.0:8086
Ping request could not find host 0.0.0.0:8086. Please check the name and try again.
>ping 0.0.0.0
Pinging 0.0.0.0 with 32 bytes of data:
PING: transmit failed. General failure.
PING: transmit failed. General failure.
Ping statistics for 0.0.0.0:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
>ping 127.0.0.1
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C
^C
Since what you are trying to connect to is a webserver you could use something like curl instead to try to verify your connection. Should be available without any further install if you are on Windows 10 1803 or newer.
>curl https://0.0.0.0:8086
curl: (7) Failed to connect to 0.0.0.0 port 8086: Address not available
>curl https://127.0.0.1:8086
<html><head><title>Unauthorized</title></head><body><h1>401 Unauthorized</h1></body></html>
Some browsers might support https://0.0.0.0:8086 in a similar way server do but I wouldn't rely on it. Go with https://127.0.0.1:8086 or a non localhost IP address of the host.
I have plesk 12.5.30 on my server which is often blacklisted on Symantec Mail Security reputation.
The ip is new (I have purchased the server on 13.02.2017).
Also my ip is blacklisted on BACKSCATTERER.
Seeing the log of postfix I have a lot of entries like
Mar 22 14:51:43 server postfix/smtpd[14204]: connect from 75-143-80-240.dhcp.aubn.al.charter.com[75.143.80.240]
Mar 22 14:51:45 server postfix/smtpd[14204]: lost connection after EHLO from 75-143-80-240.dhcp.aubn.al.charter.com[75.143.80.240]
Mar 22 14:51:45 server postfix/smtpd[14204]: disconnect from 75-143-80-240.dhcp.aubn.al.charter.com[75.143.80.240]
Mar 22 14:51:50 server postfix/smtpd[14204]: connect from 128.128.72.76.cable.dhcp.goeaston.net[76.72.128.128]
Mar 22 14:51:51 server postfix/smtpd[14204]: lost connection after EHLO from 128.128.72.76.cable.dhcp.goeaston.net[76.72.128.128]
Mar 22 14:51:51 server postfix/smtpd[14204]: disconnect from 128.128.72.76.cable.dhcp.goeaston.net[76.72.128.128]
Mar 22 14:52:19 server postfix/smtpd[14204]: connect from mail.dedeckeraccountants.be[91.183.46.186]
Mar 22 14:52:19 server postfix/smtpd[14204]: disconnect from mail.dedeckeraccountants.be[91.183.46.186]
I have
Changed the smtp port to a non standard one (9456)
Installed firewall and fail2ban on plesk and setted as in image
Setted mail settings of plesk as in image
Installed a spamassasin
I have noticed also that some days ago i have lines in log like these
Mar 19 06:47:00 server postfix/smtp[13517]: CCC1C510023D: to=<229e7dc3183452c7d3290d1ba28f073e#www.lablue.de>, relay=none, delay=235637, delays=235636/0.05/0.09/0, dsn=4.4.1, status=deferred (connect to www.lablue.de[217.22.195.26]:25: Connection refused)
Mar 19 06:47:00 server postfix/smtp[13503]: 7EDD55100138: to=<Weber226#brockel.kirche-rotenburg.de>, relay=kirche-rotenburg-verden.de[136.243.213.122]:25, delay=239980, delays=239979/0.01/0.35/0.1, dsn=4.0.0, status=deferred (host kirche-rotenburg-verden.de[136.243.213.122] said: 451 Temporary local problem - please try later (in reply to RCPT TO command))
Mar 19 06:47:00 server postfix/smtp[13504]: 97B055100233: to=<office#angerlehner.at>, relay=none, delay=222922, delays=222922/0.01/0.64/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=angerlehner.at type=MX: Host not found, try again)
Mar 19 06:47:00 server postfix/smtp[13509]: 1E15F510019B: host mx1.leventboru.com.tr[89.19.1.69] said: 450 4.7.1 Recipient address rejected: Requested action not taken: mailbox unavailable or not local (in reply to RCPT TO command)
And i noticed a very long mail queue in plesk settings (i have deleted all mail in queue)
Any advice to block this attack??
Thanks in advance
Edit: I want to share my plesk-postfix settings
[plesk-postfix]
enabled = true
filter = postfix-sasl
action = iptables-multiport[name="plesk-postfix", port="http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve", protocol=tcp]
logpath = /var/log/maillog
maxretry = 2
There is somenthing can i improve here?
You might consider to use a Fail2Ban - filter with the following regex - expressions:
failregex = ^%(__prefix_line)slost connection after (AUTH|UNKNOWN|EHLO) from [^\[]*\[<HOST>\]\s*$
If you need further Fail2Ban regex - expressions, pls. consider to ADD the corresponding log - file entries, because some general standart ones may not suit your needs or/and your qmail/postfix/imap-courier/dovecot version, installed on your server. ;-)
Edit:
In order to be more precise, I now add the full suggestion, incl. the regex, that #MattiaDiGiuseppe already used in his comments - it's just a bit better formatted this way.
[Definition]
_daemon = postfix(-\w+)?/(?:submission/|smtps/)?smtp[ds]
failregex = ^%(__prefix_line)swarning: (.*?)does not resolve to address <HOST>: Name or service not known$
^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(:[ A-Za-z0-9+/:]*={0,2})?\s*$
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .* Relay access denied.*$
^%(__prefix_line)sSSL_accept error from \S+\s*\[<HOST>\]: lost connection$
^%(__prefix_line)sSSL_accept error from \S+\s*\[<HOST>\]: -1$
^%(__prefix_line)slost connection after (AUTH|UNKNOWN|EHLO) from [^\[]*\[<HOST>\]\s*$
ignoreregex = authentication failed: Connection lost to authentication server$
Pls. consider to have a look at all standart filters ( for Fail2Ban 0.10 AND older versions), by visiting:
=> https://github.com/fail2ban/fail2ban/tree/0.10/config/filter.d
If you desire to view the standarts for older versions, just click on the "Branch: 0.10" dropdpwn - button, pls.
My WHM server seems to be storing all its email in the queue manager, I get the following errors from EXIM
LOG: MAIN
cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1ZHBnT-0003rU-0v
delivering 1ZHBnT-0003rU-0v
LOG: MAIN
SMTP connection identification H=localhost A=::1 P=60184 M=1ZHBnT-0003rU-0v U=root ID=0 S=root B=authenticated_local_user
Connecting to gmail-smtp-in.l.google.com [74.125.70.27]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
H=gmail-smtp-in.l.google.com [74.125.70.27] Connection timed out
Connecting to alt1.gmail-smtp-in.l.google.com [173.194.204.27]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
H=alt1.gmail-smtp-in.l.google.com [173.194.204.27] Connection timed out
Connecting to alt2.gmail-smtp-in.l.google.com [74.125.141.27]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
H=alt2.gmail-smtp-in.l.google.com [74.125.141.27] Connection timed out
Connecting to alt3.gmail-smtp-in.l.google.com [64.233.190.27]:25 ... failed: Connection timed out (timeout=5m)
LOG: MAIN
H=alt3.gmail-smtp-in.l.google.com [64.233.190.27] Connection timed out
Port 25 is open.
I think your server mail IP is blocked on gmail server and due to that you are getting this issues. May be your one of the user is sending spam mails from your server and that is the reason your server IP is blocked. You can check your mail server IP status through http://mxtoolbox.com/blacklists.aspx URL.
I have problem with exim MTA, it can not send any mail.
I have followed a simple and straight forward guide in how to setup the MTA : https://library.linode.com/email/exim/send-only-mta-ubuntu-12.04-precise-pangolin
But when I test the configuration at the end it fails to send.
I don't get any error message when issuing the commands :
echo "This is test 1." | mail -s Testing_1 myemail#gmail.com
echo "This is test 2." | mail -s Testing_2 myemail#hotmail.com
But I can read in the log (/var/log/exim4/mainlog) that it was not successfully sent (and I don't receive any of the emails).
What should I do, I have no idea about what's wrong...??
My first thought was that the router (or firewall) was blocking my MTA, but the log shows that it has been in contact with the out side, so I don't think tht is the issue
I appriciate all the help I can get.
Edit : I had to use ISPs mailhost by setting config : dc_smarthost='mailout.isp.com' and adding a rewrite rule for Exim, matching my email adress for the account with the ISP.
/John
exim4.conf-file (/etc/exim4/update-exim4.conf.conf):
dc_eximconfig_configtype='internet'
dc_other_hostnames='PandaBoard; mydomain.net; meetup; localhost.localdomain; localhost'
dc_local_interfaces='127.0.0.1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
Exim4 Log:
2013-09-13 00:13:35 exim 4.76 daemon started: pid=17823, -q30m, listening for SMTP on [127.0.0.1]:25 [::1]:25
2013-09-13 00:13:35 Start queue run: pid=17825
2013-09-13 00:13:35 End queue run: pid=17825
2013-09-13 00:23:11 exim 4.76 daemon started: pid=18570, -q30m, listening for SMTP on [127.0.0.1]:25 [::1]:25
2013-09-13 00:23:11 Start queue run: pid=18572
2013-09-13 00:23:11 End queue run: pid=18572
2013-09-13 00:24:17 1VKFJB-0004pm-Uf <= john#mydomain.net U=john P=local S=404
2013-09-13 00:24:18 1VKFJB-0004pm-Uf gmail-smtp-in.l.google.com [2a00:1450:4008:c01::1b] Network is unreachable
2013-09-13 00:25:22 1VKFJB-0004pm-Uf gmail-smtp-in.l.google.com [173.194.71.26] Connection timed out
2013-09-13 00:25:22 1VKFJB-0004pm-Uf alt1.gmail-smtp-in.l.google.com [2607:f8b0:4003:c02::1a] Network is unreachable
2013-09-13 00:26:26 1VKFJB-0004pm-Uf alt1.gmail-smtp-in.l.google.com [173.194.64.27] Connection timed out
2013-09-13 00:26:26 1VKFJB-0004pm-Uf == myemail#gmail.com R=dnslookup T=remote_smtp defer (101): Network is unreachable
2013-09-13 00:46:26 exim 4.76 daemon started: pid=19280, -q30m, listening for SMTP on [127.0.0.1]:25
2013-09-13 00:46:26 Start queue run: pid=19282
2013-09-13 01:03:55 1VKFvX-00052n-9V <= john#mydomain.net U=john P=local S=402
2013-09-13 01:05:00 1VKFvX-00052n-9V mx3.hotmail.com [65.54.188.94] Connection timed out
2013-09-13 01:06:04 1VKFvX-00052n-9V mx3.hotmail.com [65.54.188.72] Connection timed out
2013-09-13 01:07:08 1VKFvX-00052n-9V mx3.hotmail.com [65.55.37.72] Connection timed out
2013-09-13 01:08:13 1VKFvX-00052n-9V mx3.hotmail.com [65.55.92.136] Connection timed out
2013-09-13 01:09:18 1VKFvX-00052n-9V mx3.hotmail.com [65.55.92.168] Connection timed out
2013-09-13 01:09:18 1VKFvX-00052n-9V == myemail#hotmail.com R=dnslookup T=remote_smtp defer (110): Connection timed out
2013-09-13 01:16:26 Start queue run: pid=19436
Looks to me like your ISP has blocked connections outbound to tcp/25. Why did you reject your initial supposition that it was the firewall? The logs you quoted indicate that your server can make DNS requests, but there are no successful attempts to connect to a mail server. It could still be a local firewall issue but these days its very common for ISPs to prevent their clients from sending email to tcp/25 unless you have explicitly requested the ability to do so (and sometimes not even then).
Take exim out of the equation and run this from the command line of your mail server:
telnet 65.54.188.94 25
if you can connect, it's a problem with your exim install. If you can't connect, it's a network issue, whether a local firewall, ISP firewall, etc.
Use should check to see that any firewall(iptables, csf...) is running on your server first.
If yes, turn it off and try to test telnet to external mail server like :
telnet external_mail_server 25
If ok, you should check the exim configuration.
If no , you should contact your hosting provider