Hy,
I try to send mail throught an smtp server.
It works fine with normal connection but when i try to use ssl with gmail. It makes a strange problem.
[180.882] [RECV] 220 smtp.inmail24.com ESMTP extMailer (smtp)
[180.882] [SEND] EHLO localhost
[181.156] [RECV] 250-smtp.inmail24.com
[181.156] [RECV] 250-PIPELINING
[181.156] [RECV] 250-SIZE 13631488
[181.156] [RECV] 250-ETRN
[181.156] [RECV] 250-STARTTLS
[181.156] [RECV] 250-AUTH LOGIN PLAIN
[181.156] [RECV] 250-AUTH=LOGIN PLAIN
[181.156] [RECV] 250-ENHANCEDSTATUSCODES
[181.156] [RECV] 250-8BITMIME
[181.156] [RECV] 250 DSN
[181.164] [SEND] AUTH PLAIN "The auth plain"
[181.742] [RECV] 235 2.7.0 Authentication successful
[181.75] [SEND] MAIL FROM:
[182.023] [RECV] 250 2.1.0 Ok
[182.031] [SEND] RCPT TO:
[182.195] [RECV] 250 2.1.5 Ok
[182.195] [SEND] DATA
[182.304] [RECV] 354 End data with .
[182.304] [SEND] From: asdasd#inmail24.com
[182.304] [SEND] Message-ID:
[182.312] [SEND] To: mailto#gmail.com
[182.312] [SEND] Subject: Test mail without SSL - 2011-11-09 07:31:34
[182.312] [SEND] Date: Wed, 09 Nov 2011 07:31:56 GMT-0400
[182.312] [SEND]
[182.312] [SEND] TestMessage
[182.32] [SEND] .
[182.453] [RECV] 250 2.0.0 Ok, id=28522-10, from MTA([127.0.0.1]:10027): 250 2.0.0 Ok: queued as 2537340E254E
[182.453] [SEND] QUIT
[182.515] [RECV] 221 2.0.0 Bye
But when i trying to use smtp with gmail and ssl
SSL:->CH
SSL:<-SH
SSL:<-SC
SSL:<-SHD
SSL:->CKE
SSL:->CCS
SSL:->F
SSL:<-F
[RECV] 220 mx.google.com ESMTP jb5sm6904507lab.15
[SEND] EHLO localhost:465
and no recv message :(
Just a timeout after a few second
I use j2me because i make this app for blackberry
Thanks for replys :)
You do not need to include a port number after the hostname in your EHLO command. Once you have established a connection and received the 220 greeting successfully, you do not have to do anything different in your commands then you were previously doing.
With that said, you might consider using port 587 with the STARTTLS command instead. TLS is more secure than SSL, and STARTTLS allows you to query the server to make sure it supports SSL/TLS before you activate it.
Related
I have a Linux box on Ubuntu 18.04.3 and have a working fail2ban configuration (like on all my hosts).
In this case I setup a docker-container which acts as a sftp-server for several users - the docker-container has a running rsyslogd and writes login events to /var/log/auth.log - /var/log is mounted to the host-system to /myapp/log/sftp.
So I created a second sshd-jail with this config snippet in jail.local
[myapp-sftp]
filter=sshd
enabled = true
findtime = 1200
maxretry = 2
mode = aggressive
backend = polling
logpath=/myapp/log/sftp/auth.log
The logfile /myapp/log/sftp/auth.log is absolutely there and filled with a lot of failed login tries - from myself and others.
But the jail never gets triggered with a found log entry in fail2ban.log.
I already reset the fail2ban database ... and have no clue what might be wrong.
I tried backend = polling and the default pyinotify.
Checking with fail2ban-regex says that it matches..
# fail2ban-regex /myapp/log/sftp/auth.log /etc/fail2ban/filter.d/sshd.conf
Running tests
=============
Use failregex filter file : sshd, basedir: /etc/fail2ban
Use maxlines : 1
Use datepattern : Default Detectors
Use log file : /myapp/log/sftp/auth.log
Use encoding : UTF-8
Results
=======
Failregex: 268 total
|- #) [# of hits] regular expression
| 3) [64] ^Failed \S+ for invalid user <F-USER>(?P<cond_user>\S+)|(?:(?! from ).)*?</F-USER> from <HOST>(?: port \d+)?(?: on \S+(?: port \d+)?)?(?: ssh\d*)?(?(cond_user): |(?:(?:(?! from ).)*)$)
| 4) [29] ^Failed \b(?!publickey)\S+ for (?P<cond_inv>invalid user )?<F-USER>(?P<cond_user>\S+)|(?(cond_inv)(?:(?! from ).)*?|[^:]+)</F-USER> from <HOST>(?: port \d+)?(?: on \S+(?: port \d+)?)?(?: ssh\d*)?(?(cond_user): |(?:(?:(?! from ).)*)$)
| 6) [64] ^[iI](?:llegal|nvalid) user <F-USER>.*?</F-USER> from <HOST>(?: port \d+)?(?: on \S+(?: port \d+)?)?\s*$
| 21) [111] ^<F-NOFAIL>Connection from</F-NOFAIL> <HOST>
`-
Ignoreregex: 0 total
Date template hits:
|- [# of hits] date format
| [642] {^LN-BEG}(?:DAY )?MON Day %k:Minute:Second(?:\.Microseconds)?(?: ExYear)?
`-
Lines: 642 lines, 0 ignored, 268 matched, 374 missed
[processed in 0.13 sec]
Missed line(s): too many to print. Use --print-all-missed to print all 374 lines
and
# fail2ban-client status myapp-sftp
Status for the jail: myapp-sftp
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| `- File list: /myapp/log/sftp/auth.log
`- Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
# cat /var/log/fail2ban.log | grep myapp
2019-08-21 10:35:33,647 fail2ban.jail [649]: INFO Creating new jail 'wippex-sftp'
2019-08-21 10:35:33,647 fail2ban.jail [649]: INFO Jail 'myapp-sftp' uses pyinotify {}
2019-08-21 10:35:33,664 fail2ban.server [649]: INFO Jail myapp-sftp is not a JournalFilter instance
2019-08-21 10:35:33,665 fail2ban.filter [649]: INFO Added logfile: '/wippex/log/sftp.log' (pos = 0, hash = 287d8cc2e307c5f427aa87c4c649ced889d6bf6a)
2019-08-21 10:35:33,689 fail2ban.jail [649]: INFO Jail 'myapp-sftp' started
I really never get an expected found entry... nor a ban.
Any ideas are welcome.
# fail2ban-server -V
Fail2Ban v0.10.2
Copyright (c) 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors
Copyright of modifications held by their respective authors.
log sample from /myapp/log/sftp/auth.log
Aug 21 14:03:13 a9ede63166d9 sshd[202]: Failed password for invalid user mapp from 95.85.16.178 port 41766 ssh2
Aug 21 14:03:13 a9ede63166d9 sshd[202]: Received disconnect from 95.85.16.178 port 41766:11: Normal Shutdown, Thank you for playing [preauth]
Aug 21 14:03:13 a9ede63166d9 sshd[202]: Disconnected from 95.85.16.178 port 41766 [preauth]
Aug 21 14:03:49 a9ede63166d9 sshd[204]: Connection from 95.85.16.178 port 34722 on 172.17.0.3 port 22
Aug 21 14:03:49 a9ede63166d9 sshd[204]: Invalid user mapp from 95.85.16.178 port 34722
Aug 21 14:03:49 a9ede63166d9 sshd[204]: input_userauth_request: invalid user mapp [preauth]
Aug 21 14:03:49 a9ede63166d9 sshd[204]: error: Could not get shadow information for NOUSER
Aug 21 14:03:49 a9ede63166d9 sshd[204]: Failed password for invalid user mapp from 95.85.16.178 port 34722 ssh2
Aug 21 14:03:49 a9ede63166d9 sshd[204]: Received disconnect from 95.85.16.178 port 34722:11: Normal Shutdown, Thank you for playing [preauth]
Aug 21 14:03:49 a9ede63166d9 sshd[204]: Disconnected from 95.85.16.178 port 34722 [preauth]
Problem is "solved". The docker container simply used a different timezone than the host and the logfile timestamps didnt contain the timezone.
So fail2ban assumed the timestamps were written in the same timezone as it´s running environment (on host) and didn´t interprete "old" log entries (2 hr. diff).
See https://github.com/fail2ban/fail2ban/issues/2486
I simply set the host timezone to UTC now - but will try now to set rsyncd to use a timezoned dateformat
ERORR:
Feb 14 14:09:04 es1 postfix/smtp[16443]: connect to mx3.hotmail.com[65.54.188.94]:25: Connection timed out
Feb 14 14:09:34 es1 postfix/smtp[16443]: connect to mx1.hotmail.com[104.44.194.231]:25: Connection timed out
Feb 14 14:10:04 es1 postfix/smtp[16443]: connect to mx1.hotmail.com[207.46.8.167]:25: Connection timed out
Feb 14 14:10:34 es1 postfix/smtp[16443]: connect to mx2.hotmail.com[65.55.37.104]:25: Connection timed out
Feb 14 14:11:04 es1 postfix/smtp[16443]: connect to mx1.hotmail.com[65.55.92.136]:25: Connection timed out
Feb 14 14:11:04 es1 postfix/smtp[16443]: 228D519C06D: to=<xxxx#hotmail.com>, relay=none, delay=395818, delays=395668/0.01/150/0, dsn=4.4.1, status=deferred (connect to mx1.hotmail.com[65.55.92.136]:25: Connection timed out)
I've host Mail Server on CentOS 6 with Postfix/Dovecot, I can receive mail from outside, but can't not sending mail to outside.
Things I've done:
Add spf record to dns, also validate successfully from http://www.kitterman.com/spf/validate.html?
v=spf1 ip4:x.x.x.x -all
Note:
I've change the default port 25 to 26 due to ISP block issue by adding etc/postfix/master.cf
26 inet n - n - - smtpd
Your ISP is probably blocking outbound port 25. Its very common. Your SPF record and inbound SMTP port makes no difference. I suggest you contact your ISP.
I am trying to play a MP4 video on a LG TV using the Connect SDK 1.4.1. We have a working implementation with Chromecast and Apple TV.
When first starting our app, we are able to successfully connect to the LG TV. When trying to play one of our own videos the first time, we receive no response from the Connect SDK, nor do we see the video play on the TV. In the console output, it appears that the TV disconnects from the app. The console output can be seen in the Console Output below.
However, we are able to successfully play the Sintel video provided in your demo. After playing that video, any future attempt to play a video from my app results in the Sintel video being played instead.
I used Charles to redirect the path to the Sintel video, to a video used in my app, and found that the video played fine. This appears to be a communication issue between the App and the TV causing this unintended behavior.
Am I doing something wrong that is specific to the LG platform? Is there any additional information I can provide to solve this problem?
Thank you!
Specs:
ConnectSDK 1.4.1 (installed using Cocoa Pods)
Platform: iOS 8.1.2 (12B440)
LG TV Model #: 47LA6200 (January 2014)
Stream Format: MP4; H.264#1280x720; AAC 44100 Hz Stereo
Console Output.
[DEBUG] Did open connection on socket 27
[DEBUG] Did connect
[DEBUG] Did start background task
[DEBUG] Did open connection on socket 29
[DEBUG] Connection received 909 bytes on socket 29
[DEBUG] Connection received 350 bytes on socket 27
[DEBUG] Connection on socket 29 preflighting request "NOTIFY /RenderingControl/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" with 909 bytes body
[DEBUG] Connection on socket 29 processing request "NOTIFY /RenderingControl/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" with 909 bytes body
[DEBUG] Connection received 2379 bytes on socket 27
[DEBUG] Connection on socket 27 preflighting request "NOTIFY /ConnectionManager/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" with 2729 bytes body
[DEBUG] Connection on socket 27 processing request "NOTIFY /ConnectionManager/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" with 2729 bytes body
[DEBUG] Did open connection on socket 32
[DEBUG] Connection sent 122 bytes on socket 29
[DEBUG] Did close connection on socket 29
[VERBOSE] [192.168.1.121:49291] 192.168.1.144:38356 200 "NOTIFY /RenderingControl/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" (909 | 122)
[DEBUG] Connection received 1724 bytes on socket 32
[DEBUG] Connection on socket 32 preflighting request "NOTIFY /AVTransport/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" with 1724 bytes body
[DEBUG] Connection on socket 32 processing request "NOTIFY /AVTransport/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" with 1724 bytes body
[DEBUG] Connection sent 122 bytes on socket 27
[DEBUG] Did close connection on socket 27
[VERBOSE] [192.168.1.121:49291] 192.168.1.144:38355 200 "NOTIFY /ConnectionManager/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" (2729 | 122)
[DEBUG] Connection sent 122 bytes on socket 32
[DEBUG] Did close connection on socket 32
[VERBOSE] [192.168.1.121:49291] 192.168.1.144:38357 200 "NOTIFY /AVTransport/45d7f4f5-ebfc-4d0b-f5bd-79e51d2b2006/event.xml" (1724 | 122)
2015-01-13 16:47:32.843 Connect-Demo[1853:1424495] TeamStreamConnectVideo downloaded manifest...
[DEBUG] Did disconnect
[DEBUG] Did end background task
I have an issue where if I'm trying to create a ssh connection to a specific host, the connection hangs without timing out. I have tried connecting to this host from the same machine from outside the rails console and it works so I'm assuming this shouldn't be anything related to routing/firewall. I can also confirm I have several other hosts with the exact same OS configuration in different places and they work.
This is the log when running Net::SSH.start in debug mode:
ssh = Net::SSH.start("1.2.3.4", "user", password: "password", verbose: :debug)
2014-02-27 13:17:43 +0100 [DEBUG] establishing connection to 1.2.3.4:22
2014-02-27 13:17:43 +0100 [DEBUG] connection established
2014-02-27 13:17:43 +0100 [INFO] negotiating protocol version
2014-02-27 13:17:43 +0100 [DEBUG] remote is `SSH-2.0-OpenSSH_4.3'
2014-02-27 13:17:43 +0100 [DEBUG] local is `SSH-2.0-Ruby/Net::SSH_2.6.8 i686-linux'
2014-02-27 13:17:43 +0100 [DEBUG] read 704 bytes
2014-02-27 13:17:43 +0100 [DEBUG] received packet nr 0 type 20 len 700
2014-02-27 13:17:43 +0100 [INFO] got KEXINIT from server
2014-02-27 13:17:43 +0100 [INFO] sending KEXINIT
2014-02-27 13:17:43 +0100 [DEBUG] queueing packet nr 0 type 20 len 1620
2014-02-27 13:17:43 +0100 [DEBUG] sent 1624 bytes
2014-02-27 13:17:43 +0100 [INFO] negotiating algorithms
2014-02-27 13:17:43 +0100 [DEBUG] negotiated:
* kex: diffie-hellman-group-exchange-sha1
* host_key: ssh-rsa
* encryption_server: aes128-cbc
* encryption_client: aes128-cbc
* hmac_client: hmac-sha1
* hmac_server: hmac-sha1
* compression_client: none
* compression_server: none
* language_client:
* language_server:
2014-02-27 13:17:43 +0100 [DEBUG] exchanging keys
2014-02-27 13:17:43 +0100 [DEBUG] queueing packet nr 1 type 34 len 20
2014-02-27 13:17:43 +0100 [DEBUG] sent 24 bytes
At this point the ssh connection just hangs and could stay like this for 15-30 minutes.
Unfortunately I have no error message or anything so I'm really clueless about what the problem might be.
Some specs:
ruby-2.0.0-p0
rails (3.2.13)
net-ssh-2.8.0
The IP address in the log is not a real IP on purpose.
Any suggestion about what the problem could be? Or maybe some other log or place I could check out? I found a similar problem outside SO but it didn't get a solution so I'm trying to ask here...
I solved by reducing maximum transmission unit (MTU). My environment was some specific case. I was trying ssh from VMware Virtual Machine to Openstack Instance. And openstack needed smaller packet to be connected by kitchen-openstack which is using fog, using NET::SSH. Not sure if this works for you, but have a try for these commands (assuming in Ubuntu):
check your MTU
sudo netstat -i
You'll get some output like this, in the second column, you can check MTU:
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 9658 0 0 0 308 0 0 0 BMRU
lo 16436 0 12952 0 0 0 12952 0 0 0 LRU
For network interface eth0, you can try to reduce MTU from 1500 to, for example 1400 like this:
sudo ifconfig eth0 mtu 1400
try net ssh
ssh = Net::SSH.start("1.2.3.4", "user", password: "password", verbose: :debug)
I am using sendmail to send mail from my Rails application. But, there seems to be a error happening while sending mails to a specific user domain. The error from /var/mail/*** is as follows:
Date: Tue, 11 Oct 2011 16:33:46 GMT
From: Mail Delivery Subsystem <MAILER-DAEMON#*****>
Message-Id: <201110111633.p9BGXkpR010310#******>
To: <****#*****>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="p9BGXkpR010310.1318350826/******"
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
This is a MIME-encapsulated message
--p9BGXkpR010310.1318350826/*******
The original message was received at Tue, 11 Oct 2011 16:33:42 GMT
from localhost [127.0.0.1]
----- The following addresses had permanent fatal errors -----
<****#{domain}.com>
(reason: 573 ********#****** failed to route the address)
<*****#{domain}.com>
(reason: 573 *******#****** failed to route the address)
<*****#{domain}.com>
(reason: 573 *******#******* failed to route the address)
----- Transcript of session follows -----
... while talking to *********.com.1.0001.arsmtp.com.:
>>> MAIL From:<*******#*******> SIZE=1273
<<< 573 ********#********* failed to route the address
554 5.0.0 Service unavailable
--p9BGXkpR010310.1318350826/*******
Content-Type: message/delivery-status
Reporting-MTA: dns; StreetSense
Received-From-MTA: DNS; localhost
Arrival-Date: Tue, 11 Oct 2011 16:33:42 GMT
Final-Recipient: RFC822; ****#*******.com
Action: failed
Status: 5.0.0
Diagnostic-Code: SMTP; 573 *******#******* failed to route the address
Last-Attempt-Date: Tue, 11 Oct 2011 16:33:46 GMT
Final-Recipient: RFC822; *******#********.com
Action: failed
Status: 5.0.0
Diagnostic-Code: SMTP; 573 *******#******** failed to route the address
Last-Attempt-Date: Tue, 11 Oct 2011 16:33:46 GMT
Final-Recipient: RFC822; ******#*********.com
Action: failed
Status: 5.0.0
Diagnostic-Code: SMTP; 573 *****#******** failed to route the address
Last-Attempt-Date: Tue, 11 Oct 2011 16:33:46 GMT
The bounced back emails are all from the same domain, and mails are being successfully sent to other domains. When I looked for SMTP 573 diagnostic codes, I got this "573 Internal server error, IP address related.". But I dont know what it means. Can anyone help me?
Update
From #guenter's answer, I got these commands and I run it and got the following outputs:
# dig streetsense.com MX
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> xxxxx.com MX
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61139
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;xxxxx.com. IN MX
;; ANSWER SECTION:
xxxxx.com. 3600 IN MX 10 xxxxx.com.1.0001.arsmtp.com.
xxxxxx.com. 3600 IN MX 20 xxxxx.com.2.0001.arsmtp.com.
;; AUTHORITY SECTION:
xxxxx.com. 155394 IN NS ns04.ntiva.net.
xxxxx.com. 155394 IN NS ns01.ntiva.net.
xxxxx.com. 155394 IN NS ns02.ntiva.net.
xxxxx.com. 155394 IN NS ns03.ntiva.net.
;; ADDITIONAL SECTION:
ns01.ntiva.net. 147 IN A xxx.xx.xx.xxx
ns02.ntiva.net. 147 IN A xxx.xx.xx.xxx
ns03.ntiva.net. 147 IN A xxx.xx.xx.xxx
ns04.ntiva.net. 147 IN A xxx.xx.xx.xxx
;; Query time: 45 msec
;; SERVER: xxx.xxx.x.x#xx(xxx.xxx.x.x)
;; WHEN: Tue Oct 11 18:08:23 2011
;; MSG SIZE rcvd: 262
ping also seem to be working:
# ping xxxxxxx.com
PING xxxxxxxx.com (xxx.xx.xx.xx) xx(xx) bytes of data.
64 bytes from linux06.ntiva.com (xxx.xx.xx.xx): icmp_seq=1 ttl=53 time=29.0 ms
64 bytes from linux06.ntiva.com (xxx.xx.xx.xx): icmp_seq=2 ttl=53 time=27.4 ms
64 bytes from linux06.ntiva.com (xxx.xx.xx.xx): icmp_seq=3 ttl=53 time=27.4 ms
64 bytes from linux06.ntiva.com (xxx.xx.xx.xx): icmp_seq=4 ttl=53 time=27.4 ms
Edit
also my hostname of my server seems to be same as the domain name causing issue
# hostname
xxxxxxx
This is same as the domain xxxxxxx.com. Can this cause the issue?
failed to route the address is the key here.
Seems that your sendmail doesn't know how to route that address. You need some mail-debugging here. First step could be to check the DNS for MX-records for this domain - dig example.com MX.
If there is no MX record, that is the problem. If there are MX record(s), you might try to ping that hosts.