Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34

Thread: Need to chage POP3 and SMTP server info

  1. #21

    Default Re: Need to chage POP3 and SMTP server info

    I think I've found a solution for the SMTP side. Try borgernet.com/?m=201209
    I haven't implemented it, but it looks very promising. Stunnel can be found with the software manager and installed.
    Sometimes I sits and thinks, sometimes I just sits...

  2. #22

    Default Re: Need to chage POP3 and SMTP server info

    Quote Originally Posted by RBEmerson View Post
    I think I've found a solution for the SMTP side. Try borgernet.com/?m=201209
    I haven't implemented it, but it looks very promising. Stunnel can be found with the software manager and installed.
    Yup, that works. If you already have outgoing.verizon.net working you just have to configure stunnel (using smtp.verizon.net - not outgoing.verizon.net as documented there), and then change the relay host in main.cf. Oh, you also need to add an entry for localhost in saslpass.db and run postmap on it.

  3. #23

    Default Re: Need to chage POP3 and SMTP server info

    This has become The Job From Hell.
    I plugged in the info from the Borgernet article:
    Code:
    client = yes
    [smtps]
    accept = 5000
    connect = smtp.verizon.net:465
    I tweaked main.cf to have the correct relayhost, created an entry in sasl_passwd and ran postmap on that, and changed the smtp_sasl_ lines. I restarted stunnel and...
    Code:
    Reading configuration from file /etc/stunnel/stunnel.confSnagged 64 random bytes from /dev/urandom
    PRNG seeded successfully
    /etc/stunnel/stunnel.pem: No such file or directory (2)
    So I created a null stunnel.pem:
    Code:
    Reading configuration from file /etc/stunnel/stunnel.conf
    Snagged 64 random bytes from /dev/urandom
    PRNG seeded successfully
    Wrong permissions on /etc/stunnel/stunnel.pem
    Certificate: /etc/stunnel/stunnel.pem
    Error reading certificate file: /etc/stunnel/stunnel.pem
    error queue: 140DC009 : error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib
    SSL_CTX_use_certificate_chain_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
    Well duh - it's not a real .pem file. So I commented out cert = /etc/stunnel/stunnel.pem in the .conf file and restarted stunnel again. No gripes this time.

    I sent a message from another machine, with the mail sent to the machine I'm playing with (via an ssh session run under PuTTY under Win7) and the wheels fell off again.
    Code:
    status=bounced (host 127.0.0.1[127.0.0.1] said: 550 5.7.1 Authentication Required (in reply to MAIL FROM command))
    As best I can tell, something seems to be demanding the stunnel service authenticate itself.

    The defaults under stunnel follow - note that verify is not enabled.
    Code:
    stunnel 4.36 on i586-suse-linux-gnu with OpenSSL 1.0.0k 5 Feb 2013
    Threading:PTHREAD SSL:ENGINE Auth:LIBWRAP Sockets:POLL, IPv6
     
    Global options
    debug           = daemon.notice
    pid             = /var/run/stunnel/stunnel.pid
    RNDbytes        = 64
    RNDfile         = /dev/urandom
    RNDoverwrite    = yes
     
    Service-level options
    cert            = /etc/stunnel/stunnel.pem
    ciphers         = ALL:!aNULL:!eNULL:!SSLv2
    curve           = sect163r2
    session         = 300 seconds
    stack           = 65536 bytes
    sslVersion      = SSLv3 for client, all for server
    TIMEOUTbusy     = 300 seconds
    TIMEOUTclose    = 60 seconds
    TIMEOUTconnect  = 10 seconds
    TIMEOUTidle     = 43200 seconds
    verify          = none
    At this point I'm flat out of ideas.
    Sometimes I sits and thinks, sometimes I just sits...

  4. #24

    Default Re: Need to chage POP3 and SMTP server info

    Quote Originally Posted by RBEmerson View Post
    As best I can tell, something seems to be demanding the stunnel service authenticate itself.
    That error has nothing to do with stunnel - that is an SMTP error. Go back to the stunnel configuration you had when you got this error. You can confirm that stunnel itself is working by just telnetting to port 5000 on localhost.

    The problem is that you need an entry in saslpass. You likely already have this set up if you were using outgoing.verizion.net previously. The problem is that you have an entry for outgoing.verizon.net and now postfix things you're connecting to localhost. So, just create another line in that file:
    Code:
    localhost user:pass
    Then run postmap /etc/postfix/saslpass (or whatever the path to the file is). Then run postfix reload.

    That will likely fix it.

  5. #25

    Default Re: Need to chage POP3 and SMTP server info

    Quote Originally Posted by rich7458 View Post
    That error has nothing to do with stunnel - that is an SMTP error. Go back to the stunnel configuration you had when you got this error. You can confirm that stunnel itself is working by just telnetting to port 5000 on localhost.

    The problem is that you need an entry in saslpass. You likely already have this set up if you were using outgoing.verizion.net previously. The problem is that you have an entry for outgoing.verizon.net and now postfix things you're connecting to localhost. So, just create another line in that file:
    Code:
    localhost user:pass
    Then run postmap /etc/postfix/saslpass (or whatever the path to the file is). Then run postfix reload.

    That will likely fix it.
    Actually, BTDT.
    Here's /etc/stunnel/stunnel.conf (from the openSUSE verion of stunnel) with all comments pulled save the bit about tinygrams which, I assume, can't hurt and might help avoid a problem.
    Code:
    client = yespid = /var/run/stunnel.pid
    debug = 7
    output = stunnel.log
    # disable Nagle algorithm (a.k.a. tinygram prevention, see man 7 tcp)
    socket = l:TCP_NODELAY=1
    socket = r:TCP_NODELAY=1
    cert = /etc/stunnel/stunnel.pem
    [smtps]
    accept = 5000
    connect = smtp.verizon.net:465
    Here's /etc/postfix/sasl_password. I used portmap, of course. Usernames and passwords have been changed.
    Code:
    [localhost] user1:password
    [smtp.verizon.net] VZCust:password
    [outgoing.verizon.net]  VZCust:password
    To deal with the authentication issue, I did this to create /etc/stunnel/stunnel.pem.
    Code:
    openssl req -new -out stunnel.pem -keyout stunnel.pem -nodes -x509 -days 365
    The command was lifted from https://www.wjsams.com/c/docs/Wiki/U...ttingUpStunnel Much of the business of getting stunnel to respond to postfix doesn't apply to openSUSE, but the openssl certificate command seems appropriate. NTL, I'm still tanking.

    The rest of the system seems to be refusing the attempt to either create or use the tunnel; "we don't know you - go away".
    Last edited by RBEmerson; 02-Aug-2013 at 06:02. Reason: edited for clarity - I hope
    Sometimes I sits and thinks, sometimes I just sits...

  6. #26

    Default Re: Need to chage POP3 and SMTP server info

    I tried to use stunnel to talk to the old verizon smtp address: outgoing.verizon.net. That cratered, too.
    main.cf relayhost is relayhost = [127.0.0.1]:5001 (5001 was used to avoid going to the smtp.verizon.net address via my port 5000). I used the localhost IP because localhost or localhost.mydomain both caused errors (another day's mystery to solve).

    stunnel.conf has
    [smtp]
    accept = 5001
    connect = outgoing.verizon.net


    sasl_passwd has
    [127.0.0.1] user1:passwd
    and postmap was used on sasl_passwd

    Postfix and stunnel services were restarted. At that point I'd hoped that any outgoing mail would pass through stunnel and on to Verizon's old SMTP server. With the exception of adding stunnel to the process of mailing something, using outgoing.verizon.net is where I started. No such luck. I get this in mail.log when I try to mail something via stunnel:
    lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting

    What am I doing wrong??
    Sometimes I sits and thinks, sometimes I just sits...

  7. #27

    Default Re: Need to chage POP3 and SMTP server info

    I used the localhost IP because localhost or localhost.mydomain both caused errors (connect to localhost.mydomain.com[nnn.nnn.nnn.nnn]:5001: Connection refused).

    I'd edit this into the above post but I timed out on the edit window (10m).
    Sometimes I sits and thinks, sometimes I just sits...

  8. #28

    Default Re: Need to chage POP3 and SMTP server info

    Disregard the above post - why I used localhost.mydomain.com instead of localhost or localhost.localdomain is a brain burp, plain and simple. As soon as added .com, of course it'd resolve to my real IP. DOH. [/bangs head on wall]
    Sometimes I sits and thinks, sometimes I just sits...

  9. #29

    Default Re: Need to chage POP3 and SMTP server info

    All three posts above are... I wish I could delete them. They're the product of flailing around without a clue.

    I changed main.cf back to relayhost = [localhost]:5000 and restarted postfix. Stunnel.conf still has
    [smtps]
    accept = 5000
    connect = smtp.verizon.net:465


    mail.log shows the following when I try to send something out:
    Code:
    Aug  2 23:03:13 bar postfix/smtpd[19486]: connect from localhost[::1]
    Aug  2 23:03:13 bar postfix/smtpd[19486]: 2D312540542: client=localhost[::1]
    Aug  2 23:03:13 bar postfix/cleanup[19489]: 2D312540542: message-id=<51FC72F1.2010905@mydomain.com.com>
    Aug  2 23:03:13 bar postfix/qmgr[19464]: 2D312540542: from=<myWin7box@mydomain.com>, size=1142, nrcpt=1 (queue active)
    Aug  2 23:03:13 bar postfix/smtpd[19486]: disconnect from localhost[::1]
    Aug  2 23:03:13 bar postfix/smtp[19466]: warning: relayhost configuration problem
    Aug  2 23:03:13 bar postfix/smtp[19466]: 2D312540542: to=<target@foo.com>, relay=none, delay=0.15, delays=0.1/0/0.05/0, dsn=4.3.5, status=deferred (Host or domain name not found. Name service error for name=localhost type=AAAA: Host not found)
    It seems to me postfix doesn't know localhost should resolve as 127.0.0.1. Or maybe stunnel isn't working? I tried setting debug=7 (also, debug=debug - docs say that works) and defining the log file with output=/etc/stunnel/stunnel.log but the file isn't filling with debugging info:9178164 -rw-rw-rw- 1 nogroup 0 Aug 2 23:27 stunnel.log (the owner is stunnel.nogroup)
    Basta!
    Sometimes I sits and thinks, sometimes I just sits...

  10. #30

    Default Re: Need to chage POP3 and SMTP server info

    PROBLEM SOLVED!
    The answer is sooooooo simple

    Stunnel.conf had
    [smtps]
    accept = 5000
    connect = smtp.verizon.net:465

    That's what was in my original source for a how-to. But that's not how it works with postfix under openSUSE (at least with my main.cf). What should be there is
    [smtp]
    accept = 5000
    connect = smtp.verizon.net:465

    That is, the service I need to handle is smtp and not smtps. DOH!!!

    Thanks to everyone for the patience and advice. A round of virtual beers on me!
    Sometimes I sits and thinks, sometimes I just sits...

Page 3 of 4 FirstFirst 1234 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •