Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I can connect with thunderbird from my laptop over port 110 and sendmail using port 25, I've tested delivery to my test domain and also an other email account which works.
When using tcpdump though I cant see any passwords, however using the same tcpdump syntax on my work server I can see them? I have set /etc/dovecot/dovecot.conf to "disable_plaintext_auth = no"
Does anyone know how I lessen the security, or change something so I can see my mail in a less secure way. (makes me laugh, I'm always the one wanting more security on my linux servers and today I'm trying to do the opposite)
Code:
[root@mail paul]# tcpdump port smtp or port imap or port pop3 -l -A
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
18:34:33.098089 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [S], seq 807491961, win 8192, options [mss 1260,nop,wscale 2,nop,nop,sackOK], length 0
E..4B:@.....R......|qc..0!Yy...... .L.................
18:34:33.098135 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [S.], seq 3002523238, ack 807491962, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
E..4..@.@.2....|R.....qc...f0!Yz..9.................
18:34:33.120347 IP cpc84003-pool15-2-0-cust175.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [.], ack 1, win 4410, length 0
E..(B>@.....R......|qc..0!Yz...gP..:
>...N....
18:34:33.236777 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 1:97, ack 1, win 115, length 96
E.....@.@......|R.....qc...g0!YzP..s.a..220 mail.greenmatrix.duckdns.org ESMTP Sendmail 8.14.4/8.14.4; Wed, 18 Sep 2019 18:34:33 +0100
18:34:33.261624 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 1:23, ack 97, win 4386, length 22
E..>B?@.....R......|qc..0!Yz....P..".S..EHLO [192.168.1.101]
18:34:33.261657 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [.], ack 23, win 115, length 0
E..(..@.@......|R.....qc....0!Y.P..s....
18:34:33.261953 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 97:334, ack 23, win 115, length 237
E.....@.@......|R.....qc....0!Y.P..s....250-mail.greenmatrix.duckdns.org Hello cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net [82.17.243.176], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
18:34:33.281453 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 23:92, ack 334, win 4326, length 69
E..mBA@....cR......|qc..0!Y.....P.... ..MAIL FROM:<bob@mail.greenmatrix.duckdns.org> BODY=8BITMIME SIZE=495
18:34:33.320855 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [.], ack 92, win 115, length 0
E..(..@.@......|R.....qc....0!Y.P..s.]..
18:34:33.681938 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 334:393, ack 92, win 115, length 59
E..c..@.@......|R.....qc....0!Y.P..s.<..250 2.1.0 <bob@mail.greenmatrix.duckdns.org>... Sender ok
18:34:33.698688 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 92:131, ack 393, win 4312, length 39
E..OBJ@....xR......|qc..0!Y.....P.......RCPT TO:<rob@greenmatrix.duckdns.org>
.[.
18:34:33.698740 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [.], ack 131, win 115, length 0
E..(..@.@......|R.....qc....0!Y.P..s....
18:34:34.080573 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 393:450, ack 131, win 115, length 57
E..a..@.@......|R.....qc....0!Y.P..s.:..250 2.1.5 <rob@greenmatrix.duckdns.org>... Recipient ok
18:34:34.102328 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 131:137, ack 450, win 4297, length 6
E...BN@.....R......|qc..0!Y....(P...b...DATA
18:34:34.102365 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [.], ack 137, win 115, length 0
E..(. @.@......|R.....qc...(0!Z.P..s....
18:34:34.103108 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 450:500, ack 137, win 115, length 50
E..Z.
@.@......|R.....qc...(0!Z.P..s.3..354 Enter mail, end with "." on a line by itself
18:34:34.108860 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 137:632, ack 500, win 4285, length 495
E...BQ@.....R......|qc..0!Z....ZP....6..To: rob@greenmatrix.duckdns.org
From: Bob <bob@mail.greenmatrix.duckdns.org>
Subject: Test 18:35
Message-ID: <7a575bf9-45ca-fcd3-4161-4044267d5eb9@mail.greenmatrix.duckdns.org>
Date: Wed, 18 Sep 2019 18:34:30 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Another test :)
18:34:34.112188 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 632:635, ack 500, win 4285, length 3
E..+BR@.....R......|qc..0![....ZP....8...
...
18:34:34.112332 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [.], ack 635, win 123, length 0
E..(..@.@......|R.....qc...Z0![.P..{....
18:34:34.158491 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 500:556, ack 635, win 123, length 56
E..`..@.@......|R.....qc...Z0![.P..{.9..250 2.0.0 x8IHYXBo006043 Message accepted for delivery
18:34:34.178605 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [P.], seq 635:641, ack 556, win 4271, length 6
E...BU@.....R......|qc..0![.....P...^b..QUIT
18:34:34.178898 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [P.], seq 556:615, ack 641, win 123, length 59
@.@......|R.....qc....0![.P..{.<..221 2.0.0 mail.greenmatrix.duckdns.org closing connection
18:34:34.179165 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [F.], seq 615, ack 641, win 123, length 0
E..(..@.@......|R.....qc....0![.P..{....
18:34:34.198978 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [.], ack 616, win 4256, length 0
E..(BV@.....R......|qc..0![.....P.............
18:34:34.338707 IP cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027 > 192.168.1.124.smtp: Flags [F.], seq 641, ack 616, win 4256, length 0
E..(BZ@.....R......|qc..0![.....P.............
18:34:34.338746 IP 192.168.1.124.smtp > cpc84003-pool15-2-0-cust75.15-1.cable.virginm.net.29027: Flags [.], ack 642, win 123, length 0
E..(..@.@.2....|R.....qc....0![.P..{....
When looking at tcpdump on my office server I see output like this.
At this stage, the burden of proof is on you to show us what's failing on the problem machine. Seeing as you failed to recreate the problem, why not restore a backup of it to a disk and try with that, wherever they will allow you to do so. I'd also compare versions of programs. I personally dislike the way RH uses ancient versions with backported patches, which always has the potential to throw up some other issue.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.