[glux] Postfix

Guerrisi Antonio guerrisi.antonio@gmail.com
Lun 13 Apr 2015 15:47:31 CEST


Ecco, sulla 587 funziona correttamente. Il fornitore non credo blocchi la
25, altrimenti sarebbe un delirio.
A questo punto credo sia il firewall blindatissimo


--
Guerrisi Antonio
sito: http://antonio.guerrisi.info

Il giorno 13 aprile 2015 15:40, Michele Ripamonti <michele@qualcosa.net> ha
scritto:

> Hai dato tutte le informazioni necessarie, non serve altro.
>
> Metti postfix in ascolto sulla 587 (submission in master.cf se ricordo
> bene) e ritenta la connect in telnet, se funziona è il tuo fornitore di
> connettività che filtra il traffico smtp in uscita sulla 25
>
>
>
> Il giorno 13 aprile 2015 14:20, Guerrisi Antonio <
> guerrisi.antonio@gmail.com> ha scritto:
>
>> Daje Michele, se non sono entrato nei dettagli prima, sarà che non posso,
>> ti pare. La VM non è in ufficio, altrimenti non avrebbe senso parlare di IP
>> dell'ufficio. Sarebbe in LAN in tal caso. E' una servizio offerto, tipo
>> digitalocean...lato server non ci può essere nessun problema, altrimenti
>> significa che è un servizio di merda, e a giudicare dalla dimensione del
>> fornitore direi proprio che è da escludere. Escludo anche problemi di
>> configurazione, altrimenti non si connetterebbe nessuna macchina da nessun
>> ip.
>>
>> Il problema è l'ip dell'ufficio
>>
>>
>>
>> --
>> Guerrisi Antonio
>> sito: http://antonio.guerrisi.info
>>
>> Il giorno 13 aprile 2015 14:14, Michele Ripamonti <michele@qualcosa.net>
>> ha scritto:
>>
>>> Se descrivi un po' la topologia di rete vediamo di risolvere. Questa
>>> benedetta VM sta nel tuo ufficio? Ha un ip pubblico o è nascosta dietro un
>>> dnat? La sua interfaccia di rete è in bridge o nat?
>>> Il 13/apr/2015 13:46, "Guerrisi Antonio" <guerrisi.antonio@gmail.com>
>>> ha scritto:
>>>
>>>> Concordo...ho provato a comfigurare l'smtp dal cellulare e riesce ad
>>>> inviare correttamente. E' proprio l'ip del mio ufficio che sta sul cazzo
>>>> alla rete.
>>>>
>>>> Non riesco a capire qual'è il problema però...routing non credo perchè
>>>> la risoluzione dell'host è corretta. blacklist? porte chiuse dalla mia
>>>> parte (il firewall dell'ufficio è abbastanza restrittivo in ingresso)?
>>>>
>>>>
>>>> --
>>>> Guerrisi Antonio
>>>> sito: http://antonio.guerrisi.info
>>>>
>>>> Il giorno 13 aprile 2015 13:29, Michele Ripamonti <michele@qualcosa.net
>>>> > ha scritto:
>>>>
>>>>> Al 99% il problema non è postfix. Direi che potrebbe essere un
>>>>> problema di routing se la VM sta nel tuo ufficio
>>>>>
>>>>>
>>>>>
>>>>> Il giorno 13 aprile 2015 12:46, Guerrisi Antonio <
>>>>> guerrisi.antonio@gmail.com> ha scritto:
>>>>>
>>>>>> Ho provato a connettermi in telnet da un server hostato da
>>>>>> digitalocean e si connette correttamente in telnet, e riesco a dialogare
>>>>>> con la macchina.
>>>>>>
>>>>>> con un server linux qui in ufficio telnet non riesce proprio a
>>>>>> connettersi
>>>>>>
>>>>>> *root@support:~# telnet host 25*
>>>>>> *Trying ip...*
>>>>>> *telnet: Unable to connect to remote host: Connection refused*
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Guerrisi Antonio
>>>>>> sito: http://antonio.guerrisi.info
>>>>>>
>>>>>> Il giorno 13 aprile 2015 12:43, Michele Ripamonti <
>>>>>> michele@qualcosa.net> ha scritto:
>>>>>>
>>>>>>> E' stranissimo che non ci sia nulla nel mail.log, dovresti vedere
>>>>>>> almeno che c'è un tentativo di connect.
>>>>>>> Ma questa VM ha un ip pubblico? Sta dietro un destination nat? Come
>>>>>>> è raggiungibile?
>>>>>>> Con un telnet sulla 25 vedi almeno il banner di postfix o resta
>>>>>>> appeso in "trying..."?
>>>>>>>  Il 13/apr/2015 11:34, "Guerrisi Antonio" <
>>>>>>> guerrisi.antonio@gmail.com> ha scritto:
>>>>>>>
>>>>>>>> mail.log e mail.err entrambi muti e non pare esserci nient'altro
>>>>>>>> che faccia riferimento alle mail
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Guerrisi Antonio
>>>>>>>> sito: http://antonio.guerrisi.info
>>>>>>>>
>>>>>>>> Il giorno 13 aprile 2015 11:16, Stefano Villa Polimi <
>>>>>>>> stefano.villa@polimi.it> ha scritto:
>>>>>>>>
>>>>>>>>> Guarda in /var/log/maillog che cosa risulta quando cerchi di
>>>>>>>>> collegarti via client, ci dovrebbero essere delle righe di log
>>>>>>>>> taggate
>>>>>>>>> con postfix/smtpd
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 2015-04-13 11:03 GMT+02:00 Guerrisi Antonio <
>>>>>>>>> guerrisi.antonio@gmail.com>:
>>>>>>>>> > Eccomi,
>>>>>>>>> >
>>>>>>>>> > scusate il ritardo ma avevo la macchina virtuale spenta, ed era
>>>>>>>>> necessario
>>>>>>>>> > tornare in ufficio per prendere la configurazione.
>>>>>>>>> >
>>>>>>>>> > http://pastebin.com/gsVGcVei
>>>>>>>>> >
>>>>>>>>> > E' un main.cf abbastanza standard. Non ho apportato grosse
>>>>>>>>> modifiche se non
>>>>>>>>> > il relayhost (oscurato in questo caso) che ho già testato e
>>>>>>>>> funziona, e l'ip
>>>>>>>>> > autorizzato al relay. Ma il problema persiste. Riesco ad inviare
>>>>>>>>> in telnet
>>>>>>>>> > ma non riesco a configurare i browser di posta per usarlo come
>>>>>>>>> server SMTP
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > --
>>>>>>>>> > Guerrisi Antonio
>>>>>>>>> > sito: http://antonio.guerrisi.info
>>>>>>>>> >
>>>>>>>>> > Il giorno 9 aprile 2015 19:35, Michele Ripamonti <
>>>>>>>>> michele@qualcosa.net> ha
>>>>>>>>> > scritto:
>>>>>>>>> >>
>>>>>>>>> >> Dovresti postare il main.cf, altrimenti è un po' difficile
>>>>>>>>> aiutarti
>>>>>>>>> >>
>>>>>>>>> >> Il 09/apr/2015 17:30, "Guerrisi Antonio" <
>>>>>>>>> guerrisi.antonio@gmail.com> ha
>>>>>>>>> >> scritto:
>>>>>>>>> >>>
>>>>>>>>> >>> No, ok...ho fatto altre prove.
>>>>>>>>> >>>
>>>>>>>>> >>> Il telnet da un altro server funziona e riesco a mandare
>>>>>>>>> correttamente
>>>>>>>>> >>> anche dall'esterno, impostando le giuste relay auth, quindi
>>>>>>>>> non è un
>>>>>>>>> >>> problema di porta
>>>>>>>>> >>>
>>>>>>>>> >>> è con putty che non riesco a connettermici in telnet
>>>>>>>>> sbattendomi fuori, e
>>>>>>>>> >>> con SMTP Mail Sender non riesco a inviare. Mi torna un errore
>>>>>>>>> abbastanza
>>>>>>>>> >>> generico nei log e non mi dice per quale motivo non riesce a
>>>>>>>>> mandare.
>>>>>>>>> >>>
>>>>>>>>> >>> boh, continuo a capire sempre di meno
>>>>>>>>> >>>
>>>>>>>>> >>>
>>>>>>>>> >>> --
>>>>>>>>> >>> Guerrisi Antonio
>>>>>>>>> >>> sito: http://antonio.guerrisi.info
>>>>>>>>> >>>
>>>>>>>>> >>> Il giorno 9 aprile 2015 17:25, Stefano Villa Polimi
>>>>>>>>> >>> <stefano.villa@polimi.it> ha scritto:
>>>>>>>>> >>>>
>>>>>>>>> >>>> non e' che ci sono delle acl di selinux o qualcosa altro che
>>>>>>>>> blocca la
>>>>>>>>> >>>> porta 25 a livello di sistema?
>>>>>>>>> >>>> prova a vedere se dalla macchina stessa facendo un telnet
>>>>>>>>> sulla porta
>>>>>>>>> >>>> 25 ma sull' IP pubblico invece che 127.0.0.1 risponde... se
>>>>>>>>> no puo'
>>>>>>>>> >>>> darsi che il postfix sia bloccato da qualche helper (per es.
>>>>>>>>> la
>>>>>>>>> >>>> verifica dell' IP del mittente)  e non ci riesce... boh
>>>>>>>>> >>>>
>>>>>>>>> >>>>
>>>>>>>>> >>>> 2015-04-09 17:15 GMT+02:00 Guerrisi Antonio
>>>>>>>>> >>>> <guerrisi.antonio@gmail.com>:
>>>>>>>>> >>>> > Non è la stessa macchina.
>>>>>>>>> >>>> >
>>>>>>>>> >>>> > Io devo consentire il relay DA 81.208.96.45, che è il mio
>>>>>>>>> ufficio,
>>>>>>>>> >>>> > attraverso un'altra macchina che sto configurando.
>>>>>>>>> >>>> > Ma non mi ci fa proprio attaccare in telnet, e non capisco
>>>>>>>>> perchè
>>>>>>>>> >>>> >
>>>>>>>>> >>>> >
>>>>>>>>> >>>> >
>>>>>>>>> >>>> > --
>>>>>>>>> >>>> > Guerrisi Antonio
>>>>>>>>> >>>> > sito: http://antonio.guerrisi.info
>>>>>>>>> >>>> >
>>>>>>>>> >>>> > Il giorno 9 aprile 2015 17:12, Stefano Villa Polimi
>>>>>>>>> >>>> > <stefano.villa@polimi.it> ha scritto:
>>>>>>>>> >>>> >>
>>>>>>>>> >>>> >> Funziona, ma devi mettere le regole di relay (ovvero
>>>>>>>>> definisci tu i
>>>>>>>>> >>>> >> set di IP della tua rete che possono inviare messaggi),
>>>>>>>>> oppure devi
>>>>>>>>> >>>> >> definire delle regole di autenticazione, gli utenti ed
>>>>>>>>> allora puoi
>>>>>>>>> >>>> >> inviare usando un protocollo SMTP autrenticato.
>>>>>>>>> >>>> >> Stefano
>>>>>>>>> >>>> >>
>>>>>>>>> >>>> >> telnet  81.208.96.45 25
>>>>>>>>> >>>> >> Trying 81.208.96.45...
>>>>>>>>> >>>> >> Connected to 81.208.96.45.
>>>>>>>>> >>>> >> Escape character is '^]'.
>>>>>>>>> >>>> >> 220 ****************************************************
>>>>>>>>> >>>> >> helo polimi.it
>>>>>>>>> >>>> >> 250 postfixtest.netvisory.com
>>>>>>>>> >>>> >> mail from:<pippuzzo@sdsdsd.nn>
>>>>>>>>> >>>> >> 250 2.1.0 Ok
>>>>>>>>> >>>> >> rcpt to:<willas69@gmail.com>
>>>>>>>>> >>>> >> 554 5.7.1 <willas69@gmail.com>: Relay access denied
>>>>>>>>> >>>> >> quit
>>>>>>>>> >>>> >> 221 2.0.0 Bye
>>>>>>>>> >>>> >> Connection closed by foreign host.
>>>>>>>>> >>>> >>
>>>>>>>>> >>>> >> 2015-04-09 17:04 GMT+02:00 Guerrisi Antonio
>>>>>>>>> >>>> >> <guerrisi.antonio@gmail.com>:
>>>>>>>>> >>>> >> > Salve ragazzi,
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > scrivo per chiedere la mano di qualcuno che se la cava
>>>>>>>>> con postfix.
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > Sono riuscito ad installarlo e a configurarlo per
>>>>>>>>> inviare mail, e
>>>>>>>>> >>>> >> > ci
>>>>>>>>> >>>> >> > riesco
>>>>>>>>> >>>> >> > abbastanza bene con un telnet da locale sulla porta 25
>>>>>>>>> inserendo i
>>>>>>>>> >>>> >> > comandi a
>>>>>>>>> >>>> >> > manina, però se lo configuro per accettare connessioni
>>>>>>>>> su tutte le
>>>>>>>>> >>>> >> > interfacce e autorizzare all'invio un determinato ip, la
>>>>>>>>> cosa non
>>>>>>>>> >>>> >> > funziona.
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > inet_interfaces = all
>>>>>>>>> >>>> >> > mynetworks = 127.0.0.0/8 10.0.0.0/27 81.208.96.45/32
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > un netstat -na mi dice che è in ascolto 0.0.0.0:25,
>>>>>>>>> quindi
>>>>>>>>> >>>> >> > tecnicamente
>>>>>>>>> >>>> >> > dovrebbe funzionare.
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > Cosa diamine c'è che non va? :'(
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > --
>>>>>>>>> >>>> >> > Guerrisi Antonio
>>>>>>>>> >>>> >> > sito: http://antonio.guerrisi.info
>>>>>>>>> >>>> >> >
>>>>>>>>> >>>> >> > _______________________________________________
>>>>>>>>> >>>> >> > glux mailing list
>>>>>>>>> >>>> >> > glux@lists.linux.it
>>>>>>>>> >>>> >> > http://lists.linux.it/listinfo/glux
>>>>>>>>> >>>> >> > http://www.lecco.linux.it
>>>>>>>>> >>>> >> _______________________________________________
>>>>>>>>> >>>> >> glux mailing list
>>>>>>>>> >>>> >> glux@lists.linux.it
>>>>>>>>> >>>> >> http://lists.linux.it/listinfo/glux
>>>>>>>>> >>>> >> http://www.lecco.linux.it
>>>>>>>>> >>>> >
>>>>>>>>> >>>> >
>>>>>>>>> >>>> >
>>>>>>>>> >>>> > _______________________________________________
>>>>>>>>> >>>> > glux mailing list
>>>>>>>>> >>>> > glux@lists.linux.it
>>>>>>>>> >>>> > http://lists.linux.it/listinfo/glux
>>>>>>>>> >>>> > http://www.lecco.linux.it
>>>>>>>>> >>>> _______________________________________________
>>>>>>>>> >>>> glux mailing list
>>>>>>>>> >>>> glux@lists.linux.it
>>>>>>>>> >>>> http://lists.linux.it/listinfo/glux
>>>>>>>>> >>>> http://www.lecco.linux.it
>>>>>>>>> >>>
>>>>>>>>> >>>
>>>>>>>>> >>>
>>>>>>>>> >>> _______________________________________________
>>>>>>>>> >>> glux mailing list
>>>>>>>>> >>> glux@lists.linux.it
>>>>>>>>> >>> http://lists.linux.it/listinfo/glux
>>>>>>>>> >>> http://www.lecco.linux.it
>>>>>>>>> >>
>>>>>>>>> >>
>>>>>>>>> >> _______________________________________________
>>>>>>>>> >> glux mailing list
>>>>>>>>> >> glux@lists.linux.it
>>>>>>>>> >> http://lists.linux.it/listinfo/glux
>>>>>>>>> >> http://www.lecco.linux.it
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> > _______________________________________________
>>>>>>>>> > glux mailing list
>>>>>>>>> > glux@lists.linux.it
>>>>>>>>> > http://lists.linux.it/listinfo/glux
>>>>>>>>> > http://www.lecco.linux.it
>>>>>>>>> _______________________________________________
>>>>>>>>> glux mailing list
>>>>>>>>> glux@lists.linux.it
>>>>>>>>> http://lists.linux.it/listinfo/glux
>>>>>>>>> http://www.lecco.linux.it
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> glux mailing list
>>>>>>>> glux@lists.linux.it
>>>>>>>> http://lists.linux.it/listinfo/glux
>>>>>>>> http://www.lecco.linux.it
>>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> glux mailing list
>>>>>>> glux@lists.linux.it
>>>>>>> http://lists.linux.it/listinfo/glux
>>>>>>> http://www.lecco.linux.it
>>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> glux mailing list
>>>>>> glux@lists.linux.it
>>>>>> http://lists.linux.it/listinfo/glux
>>>>>> http://www.lecco.linux.it
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> glux mailing list
>>>>> glux@lists.linux.it
>>>>> http://lists.linux.it/listinfo/glux
>>>>> http://www.lecco.linux.it
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> glux mailing list
>>>> glux@lists.linux.it
>>>> http://lists.linux.it/listinfo/glux
>>>> http://www.lecco.linux.it
>>>>
>>>
>>> _______________________________________________
>>> glux mailing list
>>> glux@lists.linux.it
>>> http://lists.linux.it/listinfo/glux
>>> http://www.lecco.linux.it
>>>
>>
>>
>> _______________________________________________
>> glux mailing list
>> glux@lists.linux.it
>> http://lists.linux.it/listinfo/glux
>> http://www.lecco.linux.it
>>
>
>
> _______________________________________________
> glux mailing list
> glux@lists.linux.it
> http://lists.linux.it/listinfo/glux
> http://www.lecco.linux.it
>
-------------- parte successiva --------------
Un allegato HTML è stato rimosso...
URL: <http://lists.linux.it/pipermail/glux/attachments/20150413/a38f760d/attachment-0001.html>


Maggiori informazioni sulla lista glux