Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Installing Postfix and Dovecot on CentOS6
266 views
Skip to first unread message
Andre Lopes
Feb 7, 2012, 2:58:31 PM2/7/12
to
Hi all,
I have installed and configured Postfix and Dovecot in CentOS6, I have
followed this tutorials:
Postfix, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=1
Dovecot, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
Dovecot is running, I can send an e-mail to an user and receive them
in Thunderbird Client but I can't connect to Postfix...
Postfix is up:
[code]
[root@localhost andrelopes]# /sbin/service postfix status
master (pid 1888) is running...
[/code]
But I can't telnet to port 25
[code]
[root@localhost andrelopes]# telnet 192.168.59.246 25
Trying 192.168.59.246...
telnet: connect to address 192.168.59.246: Connection refused
[/code]
[code]
[root@localhost andrelopes]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
[/code]
What can I do to try to solve this? Please give me a clue.
Best Regards,
I have installed and configured Postfix and Dovecot in CentOS6, I have
followed this tutorials:
Postfix, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=1
Dovecot, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
Dovecot is running, I can send an e-mail to an user and receive them
in Thunderbird Client but I can't connect to Postfix...
Postfix is up:
[code]
[root@localhost andrelopes]# /sbin/service postfix status
master (pid 1888) is running...
[/code]
But I can't telnet to port 25
[code]
[root@localhost andrelopes]# telnet 192.168.59.246 25
Trying 192.168.59.246...
telnet: connect to address 192.168.59.246: Connection refused
[/code]
[code]
[root@localhost andrelopes]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
[/code]
What can I do to try to solve this? Please give me a clue.
Best Regards,
Andre Lopes
Feb 7, 2012, 3:35:19 PM2/7/12
to
Thank you for the reply.
I have configured my IPTABLES in several ways but I can't telnet to
eth0, here is my iptables rules:
[code]
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-I INPUT -d 192.168.0.0 -p tcp --dport 143 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[/code]
The result is always the same:
[code]
[root@localhost andrelopes]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:6B:43:E2
inet addr:192.168.59.246 Bcast:192.168.59.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe6b:43e2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13694 errors:0 dropped:0 overruns:0 frame:0
TX packets:8659 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9188890 (8.7 MiB) TX bytes:979323 (956.3 KiB)
...
Any clues on why iptables is not accepting the rule on port 25?
Best Regards,
On Tue, Feb 7, 2012 at 8:04 PM, Nick Bright <nick....@valnet.net> wrote:
> localhost. Make sure that you've set inet_interfaces to "inet_interfaces =
> all" to ensure that postfix listens on all IP addresses.
>
> Alternatively, refer to
> http://www.postfix.org/postconf.5.html#inet_interfaces for more specific
> parameter documentation.
>
> Also make sure that you've allowed port 25 in your firewall. If you're using
> the default CentOS iptables firewall, add:
>
> -A INPUT -m state --state NEW -m tcp -p tcp --dport smtp -j ACCEPT
>
> with the other similar looking lines, then do "service iptables restart" to
> apply the changes.
>
> - Nick Bright
>
I have configured my IPTABLES in several ways but I can't telnet to
eth0, here is my iptables rules:
[code]
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-I INPUT -d 192.168.0.0 -p tcp --dport 143 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[/code]
The result is always the same:
[code]
[root@localhost andrelopes]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:6B:43:E2
inet addr:192.168.59.246 Bcast:192.168.59.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe6b:43e2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13694 errors:0 dropped:0 overruns:0 frame:0
TX packets:8659 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9188890 (8.7 MiB) TX bytes:979323 (956.3 KiB)
...
[root@localhost andrelopes]# telnet 192.168.59.246 25
Trying 192.168.59.246...
telnet: connect to address 192.168.59.246: Connection refused
[/code]
By the way, I'm testing this on a VMWare Virtual Machine
Trying 192.168.59.246...
telnet: connect to address 192.168.59.246: Connection refused
[/code]
Any clues on why iptables is not accepting the rule on port 25?
Best Regards,
On Tue, Feb 7, 2012 at 8:04 PM, Nick Bright <nick....@valnet.net> wrote:
> On 2/7/2012 1:58 PM, Andre Lopes wrote:
>>
>> Hi all,
>>
>> I have installed and configured Postfix and Dovecot in CentOS6, I have
>> followed this tutorials:
>>
>> Postfix, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=1
>> Dovecot, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
>>
>>
>>
>> Hi all,
>>
>> I have installed and configured Postfix and Dovecot in CentOS6, I have
>> followed this tutorials:
>>
>> Postfix, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=1
>> Dovecot, http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
>>
>>
>> What can I do to try to solve this? Please give me a clue.
>>
>> Best Regards,
>>
>
> The default configuration of Postfix on CentOS6 specifies to only listen on
>>
>> Best Regards,
>>
>
> localhost. Make sure that you've set inet_interfaces to "inet_interfaces =
> all" to ensure that postfix listens on all IP addresses.
>
> Alternatively, refer to
> http://www.postfix.org/postconf.5.html#inet_interfaces for more specific
> parameter documentation.
>
> Also make sure that you've allowed port 25 in your firewall. If you're using
> the default CentOS iptables firewall, add:
>
> -A INPUT -m state --state NEW -m tcp -p tcp --dport smtp -j ACCEPT
>
> with the other similar looking lines, then do "service iptables restart" to
> apply the changes.
>
> - Nick Bright
>
Dudi Goldenberg
Feb 7, 2012, 3:41:01 PM2/7/12
to
>[root@localhost andrelopes]# ifconfig
>eth0 Link encap:Ethernet HWaddr 00:0C:29:6B:43:E2
> inet addr:192.168.59.246 Bcast:192.168.59.255 Mask:255.255.255.0
> inet6 addr: fe80::20c:29ff:fe6b:43e2/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:13694 errors:0 dropped:0 overruns:0 frame:0
> TX packets:8659 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:9188890 (8.7 MiB) TX bytes:979323 (956.3 KiB)
What is the output of 'ifconfig lo' ?
>eth0 Link encap:Ethernet HWaddr 00:0C:29:6B:43:E2
> inet addr:192.168.59.246 Bcast:192.168.59.255 Mask:255.255.255.0
> inet6 addr: fe80::20c:29ff:fe6b:43e2/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:13694 errors:0 dropped:0 overruns:0 frame:0
> TX packets:8659 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:9188890 (8.7 MiB) TX bytes:979323 (956.3 KiB)
Your ifconfig above does not show lo running.
D.
Andre Lopes
Feb 7, 2012, 3:44:47 PM2/7/12
to
Hi Dudi,
Thanks for the reply. It shoes "lo", but I have hide it in the e-mail.
Some clues on what can I test to see what is blocking the port 25?
Best Regards,
Thanks for the reply. It shoes "lo", but I have hide it in the e-mail.
Some clues on what can I test to see what is blocking the port 25?
Best Regards,
Dudi Goldenberg
Feb 7, 2012, 3:51:28 PM2/7/12
to
Hi Andre,
>Hi Dudi,
>
>Thanks for the reply. It shoes "lo", but I have hide it in the e-mail.
>Some clues on what can I test to see what is blocking the port 25?
Did you try 'netstat -napt' to verify that the machine is indeed listening on port 25?
If not - then the logs are your next place to look for errors.
Regards,
D.
>Hi Dudi,
>
>Thanks for the reply. It shoes "lo", but I have hide it in the e-mail.
>Some clues on what can I test to see what is blocking the port 25?
If not - then the logs are your next place to look for errors.
Regards,
D.
Andre Lopes
Feb 7, 2012, 4:01:17 PM2/7/12
to
Thanks for the reply,
Here is my netstat,
[code]
[root@localhost ~]# netstat -napt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
Stat
e PID/Program name
tcp 0 0 0.0.0.0:110 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 0.0.0.0:111 0.0.0.0:*
LIST
EN 1275/rpcbind
tcp 0 0 0.0.0.0:51506 0.0.0.0:*
LIST
EN 1293/rpc.statd
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LIST
EN 1476/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:*
LIST
EN 24048/master
tcp 0 0 0.0.0.0:993 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 0.0.0.0:995 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 192.168.59.246:143 192.168.59.1:57141
ESTA
BLISHED 2222/imap
tcp 0 0 192.168.59.246:22 192.168.59.1:55746
ESTA
BLISHED 1698/0
tcp 0 0 192.168.59.246:143 192.168.59.1:57128
ESTA
BLISHED 2217/imap
tcp 0 0 192.168.59.246:22 192.168.59.1:59458
ESTA
BLISHED 24797/1
tcp 0 0 192.168.59.246:143 192.168.59.1:57083
ESTA
BLISHED 2206/imap
tcp 0 0 :::111 :::*
LIST
EN 1275/rpcbind
tcp 0 0 :::22 :::*
LIST
EN 1476/sshd
tcp 0 0 :::42239 :::*
LIST
EN 1293/rpc.statd
[/code]
The 192.168.59.246 is not listen on port 25. How can I listen on port
25 with 192.168.59.246?
Best Regards,
Here is my netstat,
[code]
[root@localhost ~]# netstat -napt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
Stat
e PID/Program name
tcp 0 0 0.0.0.0:110 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 0.0.0.0:143 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 0.0.0.0:111 0.0.0.0:*
LIST
EN 1275/rpcbind
tcp 0 0 0.0.0.0:51506 0.0.0.0:*
LIST
EN 1293/rpc.statd
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LIST
EN 1476/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:*
LIST
EN 24048/master
tcp 0 0 0.0.0.0:993 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 0.0.0.0:995 0.0.0.0:*
LIST
EN 2017/dovecot
tcp 0 0 192.168.59.246:143 192.168.59.1:57141
ESTA
BLISHED 2222/imap
tcp 0 0 192.168.59.246:22 192.168.59.1:55746
ESTA
BLISHED 1698/0
tcp 0 0 192.168.59.246:143 192.168.59.1:57128
ESTA
BLISHED 2217/imap
tcp 0 0 192.168.59.246:22 192.168.59.1:59458
ESTA
BLISHED 24797/1
tcp 0 0 192.168.59.246:143 192.168.59.1:57083
ESTA
BLISHED 2206/imap
tcp 0 0 :::111 :::*
LIST
EN 1275/rpcbind
tcp 0 0 :::22 :::*
LIST
EN 1476/sshd
tcp 0 0 :::42239 :::*
LIST
EN 1293/rpc.statd
[/code]
The 192.168.59.246 is not listen on port 25. How can I listen on port
25 with 192.168.59.246?
Best Regards,
Dudi Goldenberg
Feb 7, 2012, 4:10:03 PM2/7/12
to
Hi Andre,
>The 192.168.59.246 is not listen on port 25. How can I listen on port
>25 with 192.168.59.246?
Look for inet_interfaces in main.cf and set it to 'inet_interfaces = all', make sure that you search all of main.cf and verify that you only have one inet_interfaces line there.
Another test would be to telnet localhost 25 which should work.
Regards,
D.
>The 192.168.59.246 is not listen on port 25. How can I listen on port
>25 with 192.168.59.246?
Another test would be to telnet localhost 25 which should work.
Regards,
D.
Andre Lopes
Feb 7, 2012, 4:20:49 PM2/7/12
to
Thanks for the reply Dudi,
It sovle the connection problem to the port 25, but I'm not able to
send e-mails, here is the error:
[code]
Feb 7 21:13:31 localhost postfix/smtpd[25108]: connect from
unknown[192.168.59.1]
Feb 7 21:13:31 localhost postfix/smtpd[25108]: warning: SASL: Connect
to private/auth failed: Permission denied
Feb 7 21:13:31 localhost postfix/smtpd[25108]: fatal: no SASL
authentication mechanisms
Feb 7 21:13:32 localhost postfix/master[25091]: warning: process
/usr/libexec/postfix/smtpd pid 25108 exit status 1
Feb 7 21:13:32 localhost postfix/master[25091]: warning:
/usr/libexec/postfix/smtpd: bad command startup -- throttling
[/code]
Any clues on what I'm missing?
Best Regards
It sovle the connection problem to the port 25, but I'm not able to
send e-mails, here is the error:
[code]
Feb 7 21:13:31 localhost postfix/smtpd[25108]: connect from
unknown[192.168.59.1]
Feb 7 21:13:31 localhost postfix/smtpd[25108]: warning: SASL: Connect
to private/auth failed: Permission denied
Feb 7 21:13:31 localhost postfix/smtpd[25108]: fatal: no SASL
authentication mechanisms
Feb 7 21:13:32 localhost postfix/master[25091]: warning: process
/usr/libexec/postfix/smtpd pid 25108 exit status 1
Feb 7 21:13:32 localhost postfix/master[25091]: warning:
/usr/libexec/postfix/smtpd: bad command startup -- throttling
[/code]
Any clues on what I'm missing?
Best Regards
Reindl Harald
Feb 7, 2012, 4:26:53 PM2/7/12
to
your dovecot configuration is wrong
"private/auth failed: Permission denied" states it clearly
# configure backend for postfix sasl-auth
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
--
Mit besten Grüßen, Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, Hofmühlgasse 17
CTO / software-development / cms-solutions
p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
icq: 154546673, http://www.thelounge.net/
http://www.thelounge.net/signature.asc.what.htm
"private/auth failed: Permission denied" states it clearly
# configure backend for postfix sasl-auth
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
Mit besten Grüßen, Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, Hofmühlgasse 17
CTO / software-development / cms-solutions
p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40
icq: 154546673, http://www.thelounge.net/
http://www.thelounge.net/signature.asc.what.htm
Dudi Goldenberg
Feb 7, 2012, 4:30:09 PM2/7/12
to
Hi Andre,
>Feb 7 21:13:31 localhost postfix/smtpd[25108]: connect from unknown[192.168.59.1]
>Feb 7 21:13:31 localhost postfix/smtpd[25108]: warning: SASL: Connect to private/auth failed: Permission denied
>Feb 7 21:13:31 localhost postfix/smtpd[25108]: fatal: no SASL authentication mechanisms
>Feb 7 21:13:32 localhost postfix/master[25091]: warning: process /usr/libexec/postfix/smtpd pid 25108 exit status 1
>Feb 7 21:13:32 localhost postfix/master[25091]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
First, try to send with no authentication, if you have mynetworks set up correctly, you should be able to send from the same subnet.
If this works, then you need to read on setting up sasl and integrating sasl into postfix.
Regards,
D.
>Feb 7 21:13:31 localhost postfix/smtpd[25108]: connect from unknown[192.168.59.1]
>Feb 7 21:13:31 localhost postfix/smtpd[25108]: warning: SASL: Connect to private/auth failed: Permission denied
>Feb 7 21:13:31 localhost postfix/smtpd[25108]: fatal: no SASL authentication mechanisms
>Feb 7 21:13:32 localhost postfix/master[25091]: warning: process /usr/libexec/postfix/smtpd pid 25108 exit status 1
>Feb 7 21:13:32 localhost postfix/master[25091]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
If this works, then you need to read on setting up sasl and integrating sasl into postfix.
Regards,
D.
Andre Lopes
Feb 7, 2012, 4:43:29 PM2/7/12
to
Hi all,
Thanks for the replies,
I'm using this tutorial for sasl configuration,
http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
There is something wrong here? Better... there is something missing here?
Best Regards,
Thanks for the replies,
I'm using this tutorial for sasl configuration,
http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
There is something wrong here? Better... there is something missing here?
Best Regards,
Dudi Goldenberg
Feb 7, 2012, 4:49:16 PM2/7/12
to
Hi Andre,
>I'm using this tutorial for sasl configuration,
>http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
>
>There is something wrong here? Better... there is something missing here?
I have no idea, and I do not intend to check, there are too many howtos out there.
Did you try Reindl's advice and mine from the previous replies?
Regards,
D.
>I'm using this tutorial for sasl configuration,
>http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
>
>There is something wrong here? Better... there is something missing here?
Did you try Reindl's advice and mine from the previous replies?
Regards,
D.
Reindl Harald
Feb 7, 2012, 4:50:09 PM2/7/12
to
Am 07.02.2012 22:43, schrieb Andre Lopes:
> Hi all,
>
> Thanks for the replies,
>
> I'm using this tutorial for sasl configuration,
> http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
>
> There is something wrong here? Better... there is something missing here?
> Best Regards
> http://www.server-world.info/en/note?os=CentOS_6&p=mail&f=2
>
> There is something wrong here? Better... there is something missing here?
do not take a ready hwoto and try making this 1:1 like it
and most important - read the logs you post, try google
after them and read how other solved the same and what
comments they made, this helps to understand the big picture
try to learn how the things are working, what services are running
in a mail-system, how they work together and do this step by step
if not you will be lost sooner or later, at least if the first
real problem in production happens
Andre Lopes
Feb 8, 2012, 5:16:49 AM2/8/12
to
Hi all,
Thanks for the help. I've discovered that I was missing some details
in SELinux (Using CentOS6)
[code]
wget linuxmail.info/files/rhel6/postfixdovecotsasl.te
checkmodule -M -m -o postfixdovecotsasl.mod postfixdovecotsasl.te
semodule_package -o postfixdovecotsasl.pp -m postfixdovecotsasl.mod
semodule -i postfixdovecotsasl.pp
[/code]
Now it is working. Thanks for all the help.
Best Regards,
Thanks for the help. I've discovered that I was missing some details
in SELinux (Using CentOS6)
[code]
wget linuxmail.info/files/rhel6/postfixdovecotsasl.te
checkmodule -M -m -o postfixdovecotsasl.mod postfixdovecotsasl.te
semodule_package -o postfixdovecotsasl.pp -m postfixdovecotsasl.mod
semodule -i postfixdovecotsasl.pp
[/code]
Now it is working. Thanks for all the help.
Best Regards,
0 new messages