Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The part where it states to:
Edit your hosts file.
Sendmail will make use of your /etc/hosts file, so you need to modify it so that mail is routed properly. Edit your /etc/hosts file and include a line that reads:
1.2.3.4 server1.mailjunkie.org
where 1.2.3.4 is the IP address that is assigned to you by your ISP.
My /etc/hosts file looks like this:
127.0.0.1 localhost.localdomain localhost
172.16.16.200 c3.mydomain.com c3
::1 localhost.localdomain localhost
Can I have 2 lines like this?:
172.16.16.200 c3.mydomain.com c3
65.256.myWAN.IP c3.mydomain.com
I have the 172.16.16.200 line there just as standard practice for my lan.
Actually by default you only need the loopback and localhost.
Code:
127.0.0.1 localhost.localdomain localhost
If you have proper DNS setup or using your ISP's DNS servers, you don't need to modify this file, unless you have more than one machine on your local private LAN and too lazy to setup your own DNS server for name resolution.
I have sendmail working and relaying mail via
define('smarthost'), ('my.isp.smtp.server')
I also have dovecot working as a pop3 server.
I tested relaying with no username & no (pop) password and it appears to be open relaying.
If mail leaves my network on TCP 25 and comes in (pop3) on 110, and I never need to send mail from outside my LAN, could I just leave port 25 closed at the router and open 110 to my pop server for mail to come in?
Would that work?
Or should I disable open relaying all together?
Thanks,
Chris
Last edited by chrisknight; 12-09-2007 at 01:48 PM.
Never ever have your MTA configured as an open relay. Never or you shall be shot for such things. Never I tell you. Close that open relay now unless you like to be called a spammer when spammers use your MTA to send everyone spam. Why are you still reading this, go close it already.
Never ever have your MTA configured as an open relay. Never or you shall be shot for such things. Never I tell you. Close that open relay now unless you like to be called a spammer when spammers use your MTA to send everyone spam. Why are you still reading this, go close it already.
I realize this. I had no intention of opening that servers port 25 to the internet.
Technically though, if I only have myself on a private LAN, could sending mail (smtp) and receiving mail (pop3) work if I ONLY open port 110 for incoming mail? ...& NOT open port 25 to the internet at all. My router will allow outbound traffic on port 25.
Now I have another issue though... I cant receive mail from the outside. I have port 110 open and an MX record pointing to my WAN IP. Is that correct?
I guess I need to research how to go about shutting off open relay if I'm going to leave this up & running.
Whats your opinion on POP before SMTP? http://spam.abuse.net/adminhelp/smPbS.shtml
An smtp server listens on port 25, but sends from any non-reserved port above 1023.
In short, server sw binds to a specified port (see /etc/services for IANA known ports), but clients send on any non-priv port ie above 1023, that is avail, chosen randomly by the system (at least as far as user is concerned.)
So, to amplify what chrism01 said, in order to send and receive mail on the Internet, you need to have TCP port 25 open, and you either need to allow all unprivileged ports (1024:65535) to come and go unhindered, or (better) use iptables to permit ESTABLISHED connections and port 25 connections.
Mail sending and reception between your server and anyone else's server takes place over connections that begin on TCP port 25. Mail transfer between your server and your desktop (laptop?) machine occur using the POP3 protocol on TCP port 110. Since (I presume) this transfer always takes place behind the firewall, you should not need to allow port 110 traffic through the firewall. (In fact, since POP3 uses plaintext passwords, I would argue that it should never be used over the public Internet; instead, use IMAP, which protects your passwords through a challenge/response scheme.)
You need port 25 open to recieve email from the world. But turn off open relaying or restrict it to your network or servers, not to the world.
Port 110 is used for POP access. 143 is IMAP, which are both totally different than 25 for the MTA.
Think of it this way, the MTA using port 25 is the Post Office to route and deliver the mail. POP 110 or IMAP 143 is your legs that allow you to go check and retrieve your mail from the mailbox once it's been delivered.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.