LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-27-2010, 08:55 PM   #46
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0

Code:
 nslookup domain.ph
Server:         208.67.222.222
Address:        208.67.222.222#53

Non-authoritative answer:
Name:   domain.ph
Address: 222.127.x.x
Code:
[root@porto ~]# nslookup 192.168.101.5
Server:         208.67.222.222
Address:        208.67.222.222#53

** server can't find 5.101.168.192.in-addr.arpa.: NXDOMAIN
Hi,

This was the output.
 
Old 09-27-2010, 09:13 PM   #47
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0
Hi,

@Noway 2: How do I bypass the standard ports?
Code:
telnet mail.domain.ph 25
Trying 222.127.x.x...
telnet: connect to address 222.127.x.x: Connection timed out
telnet: Unable to connect to remote host: Connection timed out
When I try telnet this was the output.

Thanks.

Last edited by willcastle; 09-27-2010 at 09:28 PM.
 
Old 09-27-2010, 09:22 PM   #48
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0
Code:
[root@porto ~]# traceroute mail.domain.ph
traceroute to mail.domain.ph (222.127.x.x), 30 hops max, 40 byte packets
 1  * * *
 2  124.107.153.254.pldt.net (124.107.153.254)  12.648 ms  15.545 ms  18.496 ms
 3  124.107.255.177.pldt.net (124.107.255.177)  18.515 ms  19.377 ms  20.418 ms
 4  58.71.0.97 (58.71.0.97)  20.445 ms  22.406 ms  24.280 ms
 5  210.213.128.9.static.pldt.net (210.213.128.9)  174.777 ms  174.801 ms  175.749 ms
 6  GigabitEthernet1-0-0.IG2.LAX1.ALTER.NET (157.130.230.9)  177.909 ms  167.490 ms  166.543 ms
 7  0.so-3-0-0.XL1.LAX1.ALTER.NET (152.63.114.138)  163.616 ms  165.489 ms  169.009 ms
 8  POS6-0.GW1.LAX1.ALTER.NET (152.63.112.217)  167.731 ms  174.147 ms  172.229 ms
 9  TBD-gw.customer.alter.net (157.130.247.6)  179.612 ms  168.189 ms  169.880 ms
10   (120.28.0.81)  335.547 ms  335.764 ms  335.487 ms
11   (120.28.0.182)  335.733 ms  336.099 ms  335.761 ms
12  10.163.111.130 (10.163.111.130)  332.554 ms  334.444 ms  333.475 ms
13  10.109.9.66 (10.109.9.66)  336.607 ms  340.638 ms  332.815 ms
14  222.127.196.54 (222.127.196.54)  354.226 ms  355.900 ms  356.434 ms
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
Hi,

This was the output when I do traceroute. What do you make out of this output?

Thanks in advance.

Last edited by willcastle; 09-27-2010 at 11:01 PM.
 
Old 09-27-2010, 10:07 PM   #49
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0
Quote:
telnet yourmailserverdomain.com 25

EHLO yourmailserverdomain.com

MAIL FROM: <user1@yourmailserverdomain.com>

RCPT TO: <user2@yourmailserverdoamin.com>

DATA
Subject: Hello local-user
Hey local-user,
I just wanted to send some test mail to you :-)
Hi,

Where will I run this?

Thanks in advance.
 
Old 09-28-2010, 02:05 AM   #50
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0
Code:
smtpd_sasl_auth_enable = yes
Hi,

What's the function of this code?

Thanks in advance.
 
Old 09-28-2010, 05:46 AM   #51
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778
Quote:
smtpd_sasl_auth_enable = yes
SASL is an authentication method. It is used to allow users to authenticate themselves on your server so that it will permit mail to be transmitted to domains other than your recipients. When a message comes in, Postfix asks itself, "Is this for my user (domain, aliais, etc)?" and if the answer is no, it then relays the message to the next hop. Normally, this is prohibited (relay access denied) to avoid being an open relay. SASL allows you to authenticate so that it will allow you to relay and send mail to others.

I think the traceroute points us to the problem location. Traceroute does a ping to the final destination and sets the TTL (time to live value) +1 on each hop. As the packet traverses the router, the TTL is decremented so that it "fails" at each router stop. This way you can see where the packet was routed on its way to the destination. In your case, it tells us what was the last stop that we were able to get a response from - hence where did the traffic stop. The limitation to this is that it uses ICMP messaging which doesn't tell us much about which ports are open.

In this case, we can see that the last node to respond was at IP 222.127.196.54. If this is not your public IP, then you need to contact the network admin of this network because it is where the stoppage is occuring. You can find out the contact information by doing a whois 222.127.196.54. In this case it is globenet.com.ph.

It is also interesting that that you are passing through a couple of 10.x.x.x routes which are typically non-routable addresses, but this may be part of their internal processing. You can see that between the start and the destination it is passing through Alter.net as a provider. I notice the addresses in (), which I haven't seen before and I am not sure what this means. A nslookup of the address returns SERVFAIL, suggesting that something may be wrong with their DNS configuration, but I don't think this is the problem.

In anycase, you now have a list of the networks in the middle of the chain. By doing a whois against each of the IP addresses you can find out who owns the networks and then contact them to see if they are blocking port 25. The fact that you can't telnet in from outside your LAN when inside your lan works, and you aren't running a firewall says that someone is blocking the traffic. Start at the end of the list, globenet.com.ph, and see if you can get some results.

Off hand, I am not sure how to go around port 25 as I have never had to deal with this. I am sure there is a way, but I don't know how complicated it would be. I would google for "SMTP on non standard ports" or something similar.
 
Old 09-29-2010, 12:35 AM   #52
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0
Quote:
In this case, we can see that the last node to respond was at IP 222.127.196.54. If this is not your public IP, then you need to contact the network admin of this network because it is where the stoppage is occuring. You can find out the contact information by doing a whois 222.127.196.54. In this case it is globenet.com.ph.
Hi,

The 222.127.196.54, I think is one of our public IP beacuse I called our ISP which is Globe, gave this to use instead using the one we are using right now.

I hope this will work. I have to consult the IT manager first before we use that IP address.

I noticed that whenever I use the MX lookup or other DNS tools online, it returns a:
Quote:
ERROR: No reverse DNS (PTR) entries. The problem MX records are:
118.45.127.222.in-addr.arpa -> no reverse (PTR) detected
You should contact your ISP and ask him to add a PTR record for your ips
Thank you again for all the response.
 
Old 09-29-2010, 05:19 AM   #53
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778
Your quite welcome. I hope this works for you. Please let us know one way or the other.
Regarding the reverse lookup, I agree that there does not appear to be a reverse pointer to convert that address to a name. Once you get this working, perhaps your ISP will list your domain in the reverse lookup, some of them will if you request it.
 
Old 09-30-2010, 09:13 PM   #54
willcastle
Member
 
Registered: Sep 2010
Location: Philippines
Distribution: Centos
Posts: 63

Original Poster
Rep: Reputation: 0
Code:
#ssl_disable = no
#ssl_cert_file = /etc/postfix/ssl/mail-cert.pem
#ssl_key_file = /etc/postfix/ssl/mail-key.pem

protocols = imap imaps pop3 pop3s
listen = *
login_process_size = 64
default_mail_env = maildir:/home/virtual/%u/

namespace private {
  separator = .
  prefix = INBOX.
  inbox = yes
}

namespace private {
  separator = .
  prefix =
  inbox = yes
  hidden = yes
}

mail_extra_groups = postfix
verbose_proctitle = yes
first_valid_uid = 89
first_valid_gid = 89
#umask = 0077
mbox_read_locks = fcntl
mbox_write_locks = fcntl


# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter.
ssl_key_password =

protocol imap {
  imap_client_workarounds = delay-newmail outlook-idle netscape-eoh tb-extra-mailbox-sep
}

#People who use outlook are fux0red anyway...

protocol pop3 {
  pop3_uidl_format = %08Xu%08Xv
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
  postmaster_address = postmaster@patts.edu.ph
  sendmail_path = /usr/sbin/sendmail
}

auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@

auth_debug = yes
auth_verbose = yes
auth default {

passdb sql {
        args = /etc/dovecot-mysql.conf
  }

userdb sql {
        args = /etc/dovecot-mysql.conf
  }
}
Hi,

Can anyone check the config of dovecot.

Thanks in advance.

Last edited by willcastle; 09-30-2010 at 09:14 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VectorLinux user, must make post before I can post url The Headacher LinuxQuestions.org Member Intro 2 07-02-2011 12:55 PM
Forum suggested I post a first post. So here it is. Linux user Michigan. MixAndMatch LinuxQuestions.org Member Intro 3 01-20-2010 06:52 PM
Suggestion: Minimum post count to post in old inactive threads Eternal_Newbie LQ Suggestions & Feedback 5 04-28-2008 10:34 AM
i dont want to post here but i guess i have to to post relevent links in another thre sluckz LinuxQuestions.org Member Intro 8 10-02-2007 01:55 PM


All times are GMT -5. The time now is 01:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration