Telnet failing with postfix, following gentoo mail guide

Message

gazj · Post by **gazj** » Thu Oct 22, 2009 8:58 am

I have moved my server from slackware to gentoo. I am having problems setting up my MTA. I am following this guide http://www.gentoo.org/doc/en/virt-mail-howto.xml

However when I get to the telnet test step

Code listing 6.2: Verify sasl and tls support

Code: Select all

# telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.domain.com ESMTP Postfix
EHLO domain.com
250-mail.domain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-XVERP
250 8BITMIME
^]
telnet> quit

This is not working, I only get as far as

Code: Select all

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.foxjames.co.uk ESMTP Postfix
421 4.4.2 mail.foxjames.co.uk Error: timeout exceeded
Connection closed by foreign host.

Here is the tail of /var/log/messages

Code: Select all

Oct 22 10:30:01 reddwarf cron[16012]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )
Oct 22 10:30:01 reddwarf cron[16018]: (root) CMD (/usr/local/bin/mirror-swj >> /var/log/mirror-swj)
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: > localhost[127.0.0.1]: 421 4.4.2 mail.foxjames.co.uk Error: timeout exceeded
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostname: localhost ~? 192.168.1.0/24
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostaddr: 127.0.0.1 ~? 192.168.1.0/24
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostname: localhost ~? 127.0.0.0/8
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: timeout after CONNECT from localhost[127.0.0.1]
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: disconnect from localhost[127.0.0.1]
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: master_notify: status 1
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: connection closed
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: proxymap stream disconnect
Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: auto_clnt_close: disconnect private/tlsmgr stream
Oct 22 10:33:46 reddwarf postfix/smtpd[16006]: idle timeout -- exiting
Oct 22 10:34:00 reddwarf postfix/qmgr[15363]: 2C33E46D64: from=<root@mail.foxjames.co.uk>, size=1790, nrcpt=1 (queue active)
Oct 22 10:34:00 reddwarf postfix/qmgr[15363]: A689D46D31: from=<root@mail.foxjames.co.uk>, size=1790, nrcpt=1 (queue active)
Oct 22 10:34:00 reddwarf postfix/qmgr[15363]: B28C346D4B: from=<root@mail.foxjames.co.uk>, size=1790, nrcpt=1 (queue active)
Oct 22 10:34:00 reddwarf postfix/smtp[16034]: connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused
Oct 22 10:34:00 reddwarf postfix/smtp[16035]: connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused
Oct 22 10:34:00 reddwarf postfix/smtp[16036]: connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused
Oct 22 10:34:00 reddwarf postfix/smtp[16034]: 2C33E46D64: to=<gary@foxjames.co.uk>, orig_to=<root>, relay=none, delay=12825, delays=12825/0.04/0.19/0, dsn=4.4.1, status=deferred (connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused)
Oct 22 10:34:00 reddwarf postfix/smtp[16035]: A689D46D31: to=<gary@foxjames.co.uk>, orig_to=<root>, relay=none, delay=38028, delays=38027/0.03/0.19/0, dsn=4.4.1, status=deferred (connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused)
Oct 22 10:34:00 reddwarf postfix/smtp[16036]: B28C346D4B: to=<gary@foxjames.co.uk>, orig_to=<root>, relay=none, delay=2027, delays=2026/0.05/0.18/0, dsn=4.4.1, status=deferred (connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused)

Please help guys, I',m starting to lose the will to live on this one

ziggysquatch · Post by **ziggysquatch** » Thu Oct 22, 2009 12:30 pm

Does it give the timeout right away? If not, you have to send it the EHLO command in order for it to respond back with it's list of capabilities.

Once connected, type:

Code: Select all

EHLO domain.com

Then it should spew out the list of capabilities that you see in the guide.

gazj · Post by **gazj** » Thu Oct 22, 2009 8:26 pm

I cannot type amything it does not even connect unfortunately

ziggysquatch · Post by **ziggysquatch** » Thu Oct 22, 2009 8:56 pm

can you post your /etc/postfix/main.cf?

gazj · Post by **gazj** » Thu Oct 22, 2009 9:12 pm

/etc/postfix/main.cf

Code: Select all

reddwarf ~ # cat /etc/postfix/main.cf | grep -v "#"
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.foxjames.co.uk
mydomain = foxjames.co.uk
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.1.0/24, 127.0.0.0/8
home_mailbox = Mailbox/
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 10
debug_peer_level = 2

debugger_command =
	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
	 ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = /usr/share/doc/postfix-2.5.7/html
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix-2.5.7/readme
home_mailbox = .maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =

smtpd_recipient_restrictions =
  permit_sasl_authenticated,
  permit_mynetworks,
  reject_unauth_destination

smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/newkey.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

Hope this gives you some leads

elgato319 · Post by **elgato319** » Fri Oct 23, 2009 10:03 am

Does it work if you disable tls?

Code: Select all

#smtp_use_tls = yes
#smtpd_use_tls = yes

is your key/cert file correct?

gazj · Post by **gazj** » Sat Oct 24, 2009 1:09 pm

Sorry will get wound to trying this tonight, work has been hectic, Thanks

gazj · Post by **gazj** » Sat Oct 24, 2009 1:43 pm

Ok, it seems my ssl signing is not working for me

Code: Select all

reddwarf misc # ./CA.pl -sign
Using configuration from /etc/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:
unable to load certificate
29343:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:Expecting: TRUSTED CERTIFICATE
Signed certificate is in newcert.pem

this is from step 5.1 of the documentation, the file newcert.pem never gets created.