I have configured postfix over SSL and dovecot over SSL and it work fine if I send local relay , and it delivers to mailboxes within my domain name MX record point mail server.
mysysopmnds.com MX 10 mail.mysysopminds.com
However if I send an email to another domain , it bounces... and one of the error in the log is , as below
Jan 10 19:34:56 mail postfix/smtp[5334]: 37FADC28BB: to=, relay=none, delay=34, delays=34/0/0.01/0, dsn=5.4.6, status=bounced (mail for murugeshdomain.com loops back to myself)
what are key configuration that I should check or take care of to send email to other domains or any domains
TIA
hariharan
The is a good chance your internet serivice provider (ISP) is blocking out port 25 for outgoing email. I can tell you, mine is. This is also when i got the bounce message.
You can confirm this problem by typing:
telnet aspmx.l.google.com 25
If it does not generate Connected to aspmx.l.google.com but a timeout after half a minute or so than your ISP is blocking your outgoing traffic on port 25.
If this is the case you can solve it by redirecting your outgoing mail through for example a google mail account. You could use this link as guide to set the up the redirection.
It looks like this domain (murugeshdomain.com) has no MX record. For sending mails to another domain just take look in that domain has MX record. To check whether that domain has MX record dig MX domainname(in the case of linux command)
Related
I am working on the wireshark project for school. And need to analyze POP3 packets over the network. I have tried capturing traffic over the network and have sent the mail from my phone to my pc using gmail. All protocols are enabled in the Wwireshark. But when filtering through the packets there wasn't POP or SMTP or IMAP packets to be shown, but I do not know why. Then I have tried using Thunderbird and hMailServer to capture the traffic, but I can not manage them to work together, since thunderbird doesn't allow me to create mail account from the hMailServer.
What I want to ask is for advice how to capture POP3 over the network, does it need special configuration when capturing for Gmail and Hotmail accounts. Or something else.
Some background for you to understand the process. Whenever anyone (including yourself) sends mail to your mail address, it's delivered to Gmail server and rests there. You have number of options to access it:
View mail on server web interface by opening "mail.google.com" in your browser. Browser uses HTTP (actually HTTPS) to get site content as it usually do with other sites. The fact, that site represents server's state doesn't mean "receiving mail" neither it uses POP/IMAP/anything else.
Download email to your PC via mail client such as Thunderbird. It requires proper configuration to point client at server address/port/protocol/credentials/etc. Protocol used for downloading is the part of configuration, you're free to use POP whenever server supports it.
So all you need is to configure your Thunderbird to download mails from Gmail via desired protocol and enjoy capturing. Instructions for POP mail clients from Gmail perspective.
I am an email server noob. I own a domain 'mydomain.org' and I'd like to forward emails sent to that domain to other email address, perhaps at 'gmail.com' or 'university.edu'. I thought I set this up right, but my email log is giving me errors like this:
connect to mx1.university.edu[171.67.219.71]:25: Connection timed out
and
Dec 22 05:17:24 mail-server postfix/smtp[6370]: connect to alt1.gmail-smtp-in.l.google.com[2607:f8b0:400d:c00::1a]:25: Network is unreachable
I don't know too much about this, but I imagine there must be some kind of authentication that I need to set up, but I'm shy of the laundry list blog posts. Does this look like "authentication stuff"? If so, what do I need to set up next? If not, any idea why the receiving mail servers drop my server?
Yes, network issue. For future folks, Google does not allow outgoing connections for SMTP servers, maybe to prevent spam? Here's info about how to set that up: https://cloud.google.com/compute/docs/sending-mail
my application needs to send out emails to its users, but somehow I can't make it work. I have installed the SMTP server and in IIS I have set SMTP to use localhost, with port 25 without authentication. But when I try to send email, I am allways getting error
No connection could be made because the target machine actively refused it 127.0.0.1:25
When I choose the option to store email in directory, it works fine, so the problem isn't in my app. Why does this happen? The only thing I am thinking about, is if I need to have port 25 opened or not?
This would happen if you don't have an SMTP server listening on port 25.
I have a situation where a 2008 server with IIS7 has been application level compromised and is sending spam from port 25. We have ran a virus scan and removed the infected files yet the spam is still being sent.
We know the spam is coming from a local file as the firewall has port 25 blocked inbound and the SMTP log is showing all requests appearing from the local server. We have ran a LogParser scan of the sites (which there are many) for any POST data to files on the server but the results all look genuine. The PID sending the data on port 25 is simply inetinfo.exe so this isn't much use either.
I would like to identify what file is sending this e-mail, can anyone think of a way to do this?
Have you shut down the smtp server under properties for local outbound? meaning 127. etc...? also, have you looked in the que folder under inetpub to see if the offending message is in there? In some cases a file can change the remote server on smtp in IIS to send via aproxy or some other service so it would ignore your scans.
in addition, not all mail has to use port 25 to send emails. it can hit any port if the creator tells it to.
I am about to setup SmarterMail v9.0 on our Windows 2008 server (IIS7) and would first like to know what some security considerations are when opening up port 25 and/or 587 - ie how to prevent relaying, etc.
Thank you.
You must not accept email from untrusted users/sources which is not bound for domains you control.
An open relay is a mail server which allows anyone on the Internet to email anyone else, without verifying that either the source or the destination is known - thus, a relay.
You can check that the source is known by looking for a trusted IP subnet, or by requiring authentication before mail can be sent (via LOGIN over TLS, GSSAPI [called "Integrated Windows Authentication" or whatever], X.509 client certs, or the like).
You can check that the destination is known by comparing it to the list of domains for which your mail server will be the "last stop" (or a relay to another domain you control).
Either a known source or a known destination should be sufficient, but you may also want to make sure that mail inbound for your domains is at least borderline valid (originates from a domain with an MX server, for instance).
Separately, you must be conscious of DoS issues (rate limit inbound mail), and the ability to use your server to send backscatter spam. Backscatter is when I connect to your mail server and say, "why yes, I am unsuspecting_target#not_my_domain.com, please queue up this message for not_an_address#yourdomain.com". Then your mail server delivers a "bounce" message to the unsuspecting target. To mitigate this, you can verify that the recipient is known before accepting mail, or limit the rate at which mail can be accepted from one host, or try to check that the host delivering a message is authorized to use that envelope sender.
These are all well-solved problems.