2019-09-20 - hschneider, Admin
Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.
XMail Forum · Newbies read here ! All about SMTP,MX-Records,DNS etc. | Help Search Members Calendar |
Welcome Guest ( Log In | Register ) | Resend Validation Email |
cmyk |
Posted: Nov 15 2003, 07:16 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
i am following the instructions from this tuorial:
http://xmailforum.homelinux.net/index.php?...st=0entry5697 1) i am having the following trouble: the documentation is very short about -PI. after i did this: /var/MailRoot/bin/XMail -PI 127.0.0.1:110 /var/MailRoot/bin/XMail -PI 127.0.0.1:25 i can't send an emails anymore... how do i set the default again? waht's the defaults? my smtp.ipmap.tab: "0.0.0.0" "0.0.0.0" "ALLOW" 1 my pop3.ipmap.tab: "0.0.0.0" "0.0.0.0" "ALLOW" 1 what i would like is, that i could use pop/smtp still without ssl, and also with ssl. 2) it seems that i have some trouble with stunnel: stunnel log: 2003.11.15 19:00:37 LOG5[14603:16384]: stunnel 4.04 on i586-mandrake-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7b 10 Apr 2003 2003.11.15 19:00:37 LOG4[14603:16384]: Wrong permissions on /usr/local/etc/stunnel/stunnel.pem 2003.11.15 19:00:37 LOG7[14603:16384]: Snagged 64 random bytes from /root/.rnd 2003.11.15 19:00:37 LOG7[14603:16384]: Wrote 1024 new random bytes to /root/.rnd 2003.11.15 19:00:37 LOG7[14603:16384]: RAND_status claims sufficient entropy for the PRNG 2003.11.15 19:00:37 LOG6[14603:16384]: PRNG seeded successfully 2003.11.15 19:00:37 LOG7[14603:16384]: Configuration SSL options: 0x00000800 2003.11.15 19:00:37 LOG7[14603:16384]: SSL options set: 0x00000800 2003.11.15 19:00:37 LOG7[14603:16384]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2003.11.15 19:00:37 LOG7[14603:16384]: Key file: /usr/local/etc/stunnel/stunnel.pem 2003.11.15 19:00:37 LOG5[14603:16384]: FD_SETSIZE=1024, file ulimit=1024 -> 500 clients allowed 2003.11.15 19:00:37 LOG7[14603:16384]: FD 4 in non-blocking mode 2003.11.15 19:00:37 LOG7[14603:16384]: SO_REUSEADDR option set on accept socket 2003.11.15 19:00:37 LOG7[14603:16384]: POP3 bound to 0.0.0.0:995 2003.11.15 19:00:37 LOG7[14603:16384]: FD 5 in non-blocking mode 2003.11.15 19:00:37 LOG7[14603:16384]: SO_REUSEADDR option set on accept socket 2003.11.15 19:00:37 LOG7[14603:16384]: SMTP bound to 0.0.0.0:8025 2003.11.15 19:00:37 LOG7[14603:16384]: FD 6 in non-blocking mode 2003.11.15 19:00:37 LOG7[14603:16384]: FD 7 in non-blocking mode 2003.11.15 19:00:37 LOG3[14604:16384]: Failed to get GID for group nobody |
cmyk |
Posted: Nov 15 2003, 08:00 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
ok got the permission straightned out:
(http://www.stunnel.org/faq/troubleshooting.html#ToC14) Answer: The stunnel.pem file contains your key (private data) and certificate (public data). In order for Stunnel to start automatically without requiring a password, the key is created without a password. This means that anyone who can read this file can compromise your SSL security. This file must be readable only by root, or the user who runs Stunnel. Use the chmod command to fix permissions on this file, ala chmod 600 /path/to/stunnel.pem and i also have this now in the stunnel.log: 2003.11.15 20:10:13 LOG7[15215:16384]: Snagged 64 random bytes from /root/.rnd 2003.11.15 20:10:13 LOG7[15215:16384]: Wrote 1024 new random bytes to /root/.rnd 2003.11.15 20:10:13 LOG7[15215:16384]: RAND_status claims sufficient entropy for the PRNG 2003.11.15 20:10:13 LOG6[15215:16384]: PRNG seeded successfully 2003.11.15 20:10:13 LOG7[15215:16384]: Configuration SSL options: 0x00000800 2003.11.15 20:10:13 LOG7[15215:16384]: SSL options set: 0x00000800 2003.11.15 20:10:13 LOG7[15215:16384]: Certificate: /etc/ssl/stunnel/stunnel.pem 2003.11.15 20:10:13 LOG7[15215:16384]: Key file: /etc/ssl/stunnel/stunnel.pem 2003.11.15 20:10:13 LOG5[15215:16384]: FD_SETSIZE=1024, file ulimit=1024 -> 500 clients allowed 2003.11.15 20:10:13 LOG7[15215:16384]: FD 4 in non-blocking mode 2003.11.15 20:10:13 LOG7[15215:16384]: SO_REUSEADDR option set on accept socket 2003.11.15 20:10:13 LOG7[15215:16384]: POP3 bound to 0.0.0.0:995 2003.11.15 20:10:13 LOG7[15215:16384]: FD 5 in non-blocking mode 2003.11.15 20:10:13 LOG7[15215:16384]: SO_REUSEADDR option set on accept socket 2003.11.15 20:10:13 LOG7[15215:16384]: SMTP bound to 0.0.0.0:8025 2003.11.15 20:10:13 LOG7[15215:16384]: FD 6 in non-blocking mode 2003.11.15 20:10:13 LOG7[15215:16384]: FD 7 in non-blocking mode 2003.11.15 20:10:13 LOG7[15216:16384]: Created pid file /tmp/stunnel.pid i hope this... POP3 bound to 0.0.0.0:995 and this... SMTP bound to 0.0.0.0:8025 ...is correct. i thought i should be 127.0.0.1 as i have it in the stunnel.conf? |
atomant |
Posted: Nov 15 2003, 08:23 PM
|
No - I'm not an answering script ... Group: Admin Posts: 1776 Member No.: 427 Joined: 18-January 03 |
Everything is ok.
Stunnel is the one who is listening to 127.0.0.1 (25, 110). -------------------- Bye,
Sasa ------------------------------------------------------------------- All electric machines work on smoke...when the smoke escape from machines, they don't work anymore Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" |
cmyk |
Posted: Nov 15 2003, 08:29 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
thanks sasa,
took me while to make this running on MDK 9.2! but i still have some things i do not understand: 1. when i bind 110 and 25 to 127.0.0.1 will the clients still be able to access pop3/smtp without ssl? 2. right now, i am not able to send any email... 3. how would i reset the binding? phil |
atomant |
Posted: Nov 15 2003, 08:37 PM
|
No - I'm not an answering script ... Group: Admin Posts: 1776 Member No.: 427 Joined: 18-January 03 |
You are only binding localhost address which is not accessible by your customer.
In the startup script xmail use command line switches to bind to a specific address eg.: -PI 192.168.0.1 -PI 205.201.25.36 etc. Don't forget to restart xmail after you make changes in the script. -------------------- Bye,
Sasa ------------------------------------------------------------------- All electric machines work on smoke...when the smoke escape from machines, they don't work anymore Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" |
cmyk |
Posted: Nov 15 2003, 08:44 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
sasa,
thanks for your reply... i don't seem to understand. how could i bind a dynamic dialp ip address? i mean, this isn't really practical. all i would like is, that my customers can use ssl or not. and both should work. so, how woul i do that? (in a way, i understand it, plz :-) ) cheer, phil |
atomant |
Posted: Nov 15 2003, 08:48 PM
|
No - I'm not an answering script ... Group: Admin Posts: 1776 Member No.: 427 Joined: 18-January 03 |
I didn't know that you have dyn ip.
Normally ( ) it should bind to all available addresses on the machine but it is not always the case. Is this server directly on the net or is it on the LAN behind some firewall machine? -------------------- Bye,
Sasa ------------------------------------------------------------------- All electric machines work on smoke...when the smoke escape from machines, they don't work anymore Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" |
cmyk |
Posted: Nov 15 2003, 09:48 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
ok sasa,
i think we got some communications problems... i guess we could talk german, but for the benefit of others, we don't (right? ) i have a static ip address. i have nice firewall. the web/email/dns/server is in a DMZ. i have found a problem: i didn't allow smtp on port 8025 from DMZ to inet in iptables... so that's cool now. i also made a mistake in setting the prefs for apple mail 1.3. that's why it didn't work anymore for normal port 25 without ssl. BUT. i still cannot send emails using STMP 8025. well. i guess it's the whole bind issue i do not understand a bit, quite frankly. cheers, phil |
atomant |
Posted: Nov 15 2003, 09:55 PM
|
No - I'm not an answering script ... Group: Admin Posts: 1776 Member No.: 427 Joined: 18-January 03 |
OK, now I understand it. You have only problem with sending via ssl on port 8025.
Which mail client do you use? I now that it works with Outlook Express but it doesn't work with netscape or mozilla mail (don't know why ). What is the error when you try to send via ssl? -------------------- Bye,
Sasa ------------------------------------------------------------------- All electric machines work on smoke...when the smoke escape from machines, they don't work anymore Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" |
cmyk |
Posted: Nov 15 2003, 10:08 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
very good!
i use apple mail 1.3 (as mentioned earlier). i don't get any error. it's just a timeout, i guess. could you give me a primer in how to do the binding with xmail (ports 995 and 8025) in the command line? and i really *still* don't understand what this binding is all about... i just tested with outlook on OS X. the same thing. just haning there and waiting for time out. the stunnel.log doesn't show anything about stmp. cheers, phil |
atomant |
Posted: Nov 15 2003, 10:21 PM
|
||
No - I'm not an answering script ... Group: Admin Posts: 1776 Member No.: 427 Joined: 18-January 03 |
ok, here is mine xmail:
As you can see I am binding my Xmail to listen on 192.168.10.10 and 127.0.0.1 (ports 25 and 110). For SMTP is switch -SI and for POP is -PI. So this is for use without SSL. Your problem with timeout is exactly what I have experienced in Netscape and Mozilla mail (only for SMTP; POP over SSL works fine). I have tried win win Outlook and Outlook E. and it works for both over SSL. So for SSL binding it will use port that U have specified (8025) and all avaiable network adresses it can find on machine. Can you setup for me a test account so I can try to connect via SSL and send mail using your SSL SMTP? Send me info on account via personal message. -------------------- Bye,
Sasa ------------------------------------------------------------------- All electric machines work on smoke...when the smoke escape from machines, they don't work anymore Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" |
||
cmyk |
Posted: Nov 15 2003, 10:48 PM
|
Member Group: Members Posts: 76 Member No.: 462 Joined: 13-February 03 |
thanks sasa,
i got your email. i just let a friend of min test with outlook 2003 and windows: worked as well. wonder how this could be fixed for apple mail, though? cheers, phil |
atomant |
Posted: Nov 15 2003, 10:50 PM
|
No - I'm not an answering script ... Group: Admin Posts: 1776 Member No.: 427 Joined: 18-January 03 |
I would like to know also. I have been asking questions in some forums but noone could answer me.
-------------------- Bye,
Sasa ------------------------------------------------------------------- All electric machines work on smoke...when the smoke escape from machines, they don't work anymore Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?" |
romee |
Posted: Dec 16 2004, 02:43 PM
|
Newbie Group: Members Posts: 11 Member No.: 1434 Joined: 16-December 04 |
Hi,
I've setup pop3s and ssmtp with Xmail 1.20 and stunnel 4.05 on Linux-2.6.7 kernel system. I have no problem with pop3s but ssmtp (I used the standard ssmtp port 465/tcp but I've tried also the 8025 and 25) is not working with any of the outlook mail clients on windows systems. While sending, I get an 0x8004210B error. |
hschneider |
Posted: Dec 16 2004, 06:57 PM
|
No - I'm not an answering script ... Group: Admin Posts: 6631 Member No.: 195 Joined: 19-June 02 |
In Outlook did you check 'Use SSL...' with POP3 and with SMTP connections ?
Also make sure that these ports are enabled on your router or firewall. XP/SP2 on client side ? Then check the builtin firewall toy. -------------------- Bye,
Harald -- Download XMail Queue Manager 1.46 NOW: XMail Server Tools -- Cross platform remote queue management! -- Message analyzing on the fly! -- Builtin diagnostics knowledge base! -- Manages multiple mail queues! Sponsored by CD-Produktion und DVD-Produktion and Homestaging Saarland - Immobilien schneller verkaufen in der Region Saarland, Rheinland-Pfalz und Luxembourg |