Welcome to the Linux Foundation Forum!

Exercise 9.4 - Enable relaying using SMTP Auth in postfix.

Posts: 28
edited October 2017 in LFS211 Class Forum

I am not sure, but I believe there might be a confusion in this exercise.

In the beginning of the exercise we ensure that mynetworks_style is set to host


  1. postconf -e "mynetworks_style = host"

Later it is sais that any system on our subnet is permitted to relay due to permit_mynetworks.


  1. 6. Test plain text authentication from a remote host.
  2. Notice that any system on our subnet will be allowed to relay due to permit mynetworks.
  3. If you wish to test on a single machine eliminate the permit mynetworks entry from
  4. smtpd recipient restrictions to force all relaying to authenticate.

This is confusing for me because I thought that we defined mynetworks to be host instead of subnet.

Is there something I am missing or maybe it is an error in the exercise? Would someone please be so kind and give us some certitude?

 

Another point is the access via telnet. I get the message


  1. Connection closed by foreign host.

In the log file under /var/log/maillog I can see the following information:


  1. Sep 17 12:31:21 localhost postfix/smtpd[3873]: warning: SASL: Connect to private/auth failed: No such file or directory
  2. Sep 17 12:31:21 localhost postfix/smtpd[3873]: fatal: no SASL authentication mechanisms

 

I try to connect via telnet from my host machine (e.g. 192.168.0.17) to my virtual machine (e.g. 192.168.0.30), on which I had set up postfix and dovecot. I am not sure why I cannot connect. When I check the status of the processes then it looks ok to me; both, postfix and dovecot, are in status active(running).

Could someone please help out with this?

Comments

  • Posts: 380
    edited October 2017

    Thank you for your input

    The first challange, the section 9.4.6.  The "smtpd_recipient_restrictions" section will allow any system access depending on the content of "permit_mynetworks" and we have it set to "host" so any other host except us will have to be authenticated. This would require a second system to test the authentication. By removing "permit_mynetworks" from "smtpd_recipiient_restrictions" ALL connections trying to relay will require authentication. 

    Does that help?   

    In the second bit, the telnet connection to port 25, lets first check that step 6 works to "localhost", if that works, try to connect to your ip address 192.168.0.30 from the vm system (same machine just a different IP).  Please check the status of the firewall (firewalld or iptables).  

  • Posts: 28
    edited October 2017

    Thank you. Now I understand it better.

    Regarding Telnet, it was my firewall. I'm getting used to it now. I wish in the logs I would have better hints in that regard though.

    Thanks for your help.

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Categories

Upcoming Training