Showing posts with label eMaiL. Show all posts
Showing posts with label eMaiL. Show all posts

Tuesday, July 16, 2013

MAIL EXPN VRFY ETRN



sendmail ERROR "did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA"


We had to investigate problems relaying mail from a certain IP. Looking through the MTA logs, we see:


Jul 16 15:40:29 gate sendmail[30309]: r6GCcjKJ030309: spamfilter2.starnet.md [178.168.2.134] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 15:57:11 gate sendmail[30913]: r6GCtSW0030913: spamfilter2.starnet.md [178.168.2.134] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:17:12 gate sendmail[31567]: r6GDFTme031567: spamfilter2.starnet.md [178.168.2.134] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:18:16 gate sendmail[31617]: r6GDGVie031617: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:22:57 gate sendmail[31786]: r6GDLEbe031786: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:50:59 gate sendmail[32740]: r6GDnIa1032740: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 17:22:54 gate sendmail[1672] : r6GEL9oM001672: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA


 On the other side , the error eMaiL was : 

 
Reporting-MTA: dns; spamfilter.starnet.md
Arrival-Date: Tue,  9 Jul 2013 22:03:38 +0300 (EEST)

Final-Recipient: rfc822; dircom@mydomain.com
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Spam-&-Virus-Firewall; connect to
    [27.10.97.70]: read timeout



A Cisco PIX between the host and our mail relay is performing SMTP inspection ("SMTP Fixup"). 


The sending MTA apparently does not know how to handle a "500 5.5.1" response from our MTA, and keeps the connection open for one hour (default Timeout.command in sendmail). After one hour, our MTA closes the connection.


As a workaround, enable ESMTP inspection, or disable SMTP inspection. ESMTP inspection allows commands described in RFC 2821. Note that ESMTP inspection and SMTP inspection are mutually exclusive.

http://brandonhutchinson.com/wiki/SMTP_Fixup_problems
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a008064730a.shtml
http://frustratedtech.com/post/41281442135/sendmail-dropping-connections-from-monitoring-servers
http://www.sendmail.com/sm/open_source/docs/configuration_readme/

 Sendmail Dropping Connections From Monitoring Servers?

I’ve been seeing this frequently.  We currently use IPMonitor at work.  I hate it.  But, it is what it is, gotta use what is provided.  So, this monitoring system uses snmp to check all services and then it also tries to connect to smtp.  However, one server is setup to require pop3 login before smtp access can be acquired.  This was giving plenty of false positives for the monitoring system since we were seeing this message a lot.
# tail -f /var/log/maillog
Jan 23 04:02:02 LUX5 sendmail[8278]: r0N922sj008278: [123.456.789.10] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
To fix this I needed to add the monitoring server to the access file for sendmail to accept the connection.
# nano /etc/mail/access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
connect:localhost.localdomain           RELAY
connect:localhost                       RELAY
connect:127.0.0.1                       RELAY
######ADD YOUR IP BELOW#########
connect:123.456.789.10                  OK
Then just rebuild the database and restart sendmail. You will see see the error message, but at least you will no longer get the false positives.
# makemap hash /etc/mail/access < /etc/mail/access
# service sendmail restart
Posted by at No comments:
Labels: ,

Thursday, September 29, 2011

This body part will be downloaded on demand

MOZILLA - Thunderbird & SeaMonkey :

If an email is sent with an attachment but received without it ,
and the body of the eMaiL is like this :
 << This body part will be downloaded on demand>>

- at the receiver mail client : make sure to check : View->Display Attachments Inline
Posted by at No comments:
Labels: , , ,

Thursday, May 19, 2011

FTP and e-mail on the same server

Setting up VSFTP using non-local users.


If an administrator wants for roadwarriors to set up on the same server
email and FTP , it's better that the FTP account has virtual users .

/etc/vsftpd/vsftpd.conf


local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
chroot_local_user=YES
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
# Virtual users will be logged into /home/virtualftp/[username]/
user_sub_token=$USER
local_root=/home/virtualftp/$USER
guest_enable=YES
guest_username=virtualftp
# Umask applied for virtual users and anon
anon_umask=0022
# Allows uploading by virtual users
anon_upload_enable=YES
# Allows creation of directories by virtual users
anon_mkdir_write_enable=YES
# Allows deletion of files and directories by virtual users
anon_other_write_enable=YES
# Sets a port range for passive mode. (must configure firewall to accept)
pasv_max_port=51123
pasv_min_port=51323
port_enable=YES
Setup virtual FTP usernames and their passwords (use the following format)
/etc/vsftpd/vsftpd_users.txt
username1
passwordforusername1
username2
passwordforusername2
username3
passwordforusername3
Build the vsftpd database
#db42_load -T -t hash -f /etc/vsftpd/vsftpd_users.txt /etc/vsftpd/vsftpd_users.db
#chmod 600 /etc/vsftpd/vsftpd_users.db /etc/vsftpd/vsftpd_users.txt
Create directories for each virtual FTP user
#mkdir -p /home/virtualftp/username1
Test an FTP virtual user login
#ftp localhost
Connected to localhost.
220 (vsFTPd 2.0.5)
Name (localhost:root): username1
331 Please specify the password.
Password:
230 Login successful.

Setting up VSFTPD permissions


I'm setting up a php-driven web app that serves files through a web interface. I've also set up a vsftp server to allow users to upload their data to a virtual directory. The vsftp server uses the pam-mysql module to use the web app's user database so no accounts are created on the system and we can disable ssh access.

Apache and vsftp run as different users , so we needed a way for each of them to view and edit the files created by the other. What we wound up doing was creating a group www-users and make it the group owner of /var/www. Then assigning the users apache and nobody to the group and set the permissons on the /var/www directory to 775. This will allow nobody and any other users in the www-users group to read and write to /var/www; it will also make it easier to authorize other users to write to /var/www — simply assign the user to the www-users group. Here are the steps in case any googlers need a hint.

1) set up vsftpd for umask 0027 (/etc/vsftpd.conf) [local_umask=0027]
2) create www-users group (groupadd www-users)
3) add user to group (usermod -a -G group user)
4) Set apache to run as www-users group (httpd.conf)
5) chgrp www-users /var/www
6) chmod 2775 /var/www
7) Add setgid permission to the directory: chmod g+s /var/www (I believe this is redundant)
Posted by at No comments:
Labels: , ,

Tuesday, May 3, 2011

Who is who.is

http://www.who.is/dns/who.is/
http://www.who.is/whois/who.is/
http://www.nabber.org/projects/dnscheck/?domain=who.is&nocache=on
http://mxtoolbox.com/SuperTool.aspx?action=mx%3awho.is

WHO.IS NAME SERVERS

Name Server IP Location
dns01.name.com 204.74.108.241 San Mateo, CA, US
dns02.name.com 204.74.109.241 Tempe, AZ, US
ns1.name.com 173.192.28.4
ns3.name.com 174.36.196.243 US
ping who.is

WHO.IS SOA RECORD

Name Server sdns1.name.com
Email @name.com
Serial Number 1007280102
Refresh 3 hours
Retry 1 hour
Expiry 7 days
Minimum 1 hour

WHO.IS DNS RECORDS

Record Type TTL Priority Content
*.who.is A 1 hour
174.36.202.233 (US)
test.who.is CNAME 5 minutes
ralph.name.com
who.is A 1 hour
174.36.202.233 (US)
who.is MX 5 minutes 10 mx0.name.com
who.is MX 5 minutes 10 mail.name.com
who.is NS 1 day
ns1.name.com
who.is NS 1 day
dns01.name.com
who.is NS 1 day
dns02.name.com
who.is NS 1 day
ns3.name.com
who.is SOA 1 day
sdns1.name.com. support.name.com. 1007280102 10800 3600 604800 3600
who.is TXT 5 minutes
v=spf1 a mx ~all

RELATED DOMAINS FOR WHO.IS

name.com


  http://www.who.is/whois/romtelecom.ro/
  http://www.who.is/whois/vodafone.ro/
  http://www.who.is/whois/rdsnet.ro/
  http://www.who.is/whois/terrasat.ro/

http://www.nabber.org/projects/dnscheck/?domain=vodafone.ro&nocache=on 
http://mxtoolbox.com/SuperTool.aspx?action=mx%3aromtelecom.ro

Posted by at No comments:
Labels: , ,
Subscribe to: Comments (Atom)