OT Sendmail and Motorola smartphones
Steve Campbell
campbell at cnpapers.com
Tue Apr 17 19:42:32 IST 2012
On 4/16/2012 4:33 PM, Alex Neuman wrote:
> What happens when you telnet into port 587 and ask for capabilities?
Not sure how I ask for capablilities. I can definitely telnet in on that
port though.
>
> Can you share the 'net connection on the phone and do it from a
> computer "from the phone's point of view"?
Again, I'm a little lost here on what you mean.
>
> What does the log say right at the time when the phone connects?
The only thing I see in the logs for these connection attempts are
something like the following:
sendmail[15298]: q3F7XEBe015298: 70-32-205-105.unass
igned.ntelos.net [70.32.205.105] did not issue MAIL/EXPN/VRFY/ETRN
during connec
tion to MSA
>
> Can you try opening another port, such as 1587?
I can give that a try, but I'm not sure why that would matter. What's
your line of thinking here?
>
> Is there any sort of iptables filtering going on?
iptables and ip6tables are both turned off. I run a perimeter firewall.
The new machine replaced a machine that used to work fine. It assumed
the hostname and IP addresses, so this firewall doesn't know the
difference between the old and the new machine.
I'm really a little unsure of what is right and wrong now as far as what
I see when I google "smtp auth". In some instances I see where the
Sendmail.conf for saslauthd should have the following:
pwcheck_method:pam
mech_list: plain login
Others say just :
pwcheck_method:pam
And others say just:
pwcheck_method:saslauthd
I'm also seeing in my messages file errors like:
sendmail[20640]: unable to open Berkeley db /etc/sasldb2: No such file
or directory
These seemed to have stopped once I changed the above from saslauthd to pam.
It's hard to tell what's going on without a phone to test with. And
nTelos has provided us with a relay we can use that seems to work. I'm
not sure how far along word of that server has spread to our users.
I've not been able to spend tons of time on this due to getting called
away from my desk for problems elsewhere in the building. Sorry since
everyone seems so willing to help and I can't even provide some of the
details you all need.
Thanks
steve
>
> On Mon, Apr 16, 2012 at 2:21 PM, Steve Campbell<campbell at cnpapers.com> wrote:
>>
>> On 4/16/2012 2:50 PM, Alex Neuman wrote:
>>> Or saslauthd is down. Or the AUTH methods aren't specified properly.
>>> Or port 587 is being listened to on the wrong interface.
>>>
>>> Without some more investigation at layer 3, it's a bit hard to say.
>>>
>>> On Mon, Apr 16, 2012 at 1:37 PM, Ken A<ka at pacific.net> wrote:
>>>>
>>>> On 4/16/2012 11:20 AM, Steve Campbell wrote:
>>>>> Completely off topic - just curious if anyone has had problems similar.
>>>>>
>>>>> I've upgraded email servers from an old Centos 3 to a new Centos 6
>>>>> sendmail server. Just recently our company renewed it's contract and all
>>>>> smartphones were upgraded to the Motorola Milestone X2. These are used
>>>>> by our sales staff when they're out in the field and are allowed to
>>>>> relay through our servers using smtp auth.
>>>>>
>>>>> I have port 587 set up with smtp auth. I'm fairly certain that this was
>>>>> working shortly after the upgrade, but now smtp to this port does not
>>>>> work. It doesn't seem to matter what settings I put in the phone, my
>>>>> maillog returns:
>>>>>
>>>>> sendmail[2765]: q3GG1Gng002765: 70-32-205-105.unassigned.ntelos.net
>>>>> [70.32.205.105] did not issue MAIL/EXPN/VRFY/ETRN during connection to
>>>>> MSA.
>>>>
>>>> That usually means that the client isn't sending the authentication info
>>>> -
>>>> user& pass.
>>>>
>>>>
>>>> Do you have one of these new phones to test this with?
>>>>
>>>> You could turn up logging in sendmail -
>>>> define(`confLOG_LEVEL', `14')dnl
>>>>
>>>> Ken
>>>>
>>>>
>>>>
>>>>> I don't think it's sendmail because the sendmail.mc is identical to the
>>>>> old server's file.
>>>>>
>>>>> I can set up an account using things like Thunderbird just fine, but
>>>>> then I'm using our network, but I'm still able to use port 587.
>>>>>
>>>>> Originally the problem was with one of the dnsbl I was using. (Seems
>>>>> that our provider had blocked their own IPs in one of the spamhaus.org
>>>>> RBLs to protect themselves from spam and using that blocked us from
>>>>> using the IPs they had assigned their smartphones). I switched from
>>>>> zen.spamhaus.org to sbl-xbl.spamhaus.org and that fixed it for a while.
>>>>>
>>>>> My main question is about the Motorola Milestone mail client. Anyone
>>>>> have an opinion on how reliable it is? Does it follow the settings I set
>>>>> on it and has anyone run into problems using this phone as I'm trying to
>>>>> use them?
>>>>>
>>>>> Thanks for any clues.
>>>>>
>>>>> steve campbell
>>>>>
>>>>>
>>>> --
>>>> Ken Anderson
>>>> Pacific Internet - http://www.pacific.net
>>>> Latest Pacific.Net Status - http://twitter.com/pacnetstatus
>>>>
>>>> --
>> ps ax shows saslauthd running using Pam.
>>
>> my sendmail.mc has the following:
>> define(`confAUTH_OPTIONS', `A')dnl
>> TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
>> define(`confAUTH_MECHANISMS',`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN
>> PLAIN')
>>
>> I can't think of any other options right now
>>
>> netstat is showing:
>> tcp 0 0 0.0.0.0:587 0.0.0.0:*
>> LISTEN
>>
>> For the time being, I've only got one NIC active, one real address and one
>> virtual on it.
>>
>> Thanks for the help
>> steve
>>
>>
>>>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list