dovecot Outlook failure
I'm in a client office, and they use Outlook. I installed a new server
after theirs was hacked into from China (story for another time). I've installed Fedora 8 and everything is working, except dovecot from inside the network (it's not going to work from outside anymore :) ). If I sit at an XP PC and telnet 10.0.0.240 110 it just hangs for awhile, then times out and ends up back at a DOS prompt. Same for 143 (IMAP). I can telnet 10.0.0.240 25 and send email all day long. I setup an Evolution account for both POP3 and IMAP on the server and it works fine. I have configured 2 other PCs with Fedora 8 in the last 2 months and they both work fine. What am I missing here? --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
dovecot Outlook failure
Karl Pearson wrote:
I'm in a client office, and they use Outlook. I installed a new server after theirs was hacked into from China (story for another time). I've installed Fedora 8 and everything is working, except dovecot from inside the network (it's not going to work from outside anymore :) ). If I sit at an XP PC and telnet 10.0.0.240 110 it just hangs for awhile, then times out and ends up back at a DOS prompt. Same for 143 (IMAP). I can telnet 10.0.0.240 25 and send email all day long. I setup an Evolution account for both POP3 and IMAP on the server and it works fine. I have configured 2 other PCs with Fedora 8 in the last 2 months and they both work fine. What am I missing here? Uh, really dumb question, but did you "chkconfig dovecot on" to make sure it starts on boot? Did you start it via "service dovecot start"? Does "netstat -lpn" show dovecot listening on ports 110 and 143? ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Careful! Ugly strikes 9 out of 10 people! - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
dovecot Outlook failure
On Thu, 23 Oct 2008, Rick Stevens wrote:
Karl Pearson wrote: I'm in a client office, and they use Outlook. I installed a new server after theirs was hacked into from China (story for another time). I've installed Fedora 8 and everything is working, except dovecot from inside the network (it's not going to work from outside anymore :) ). If I sit at an XP PC and telnet 10.0.0.240 110 it just hangs for awhile, then times out and ends up back at a DOS prompt. Same for 143 (IMAP). I can telnet 10.0.0.240 25 and send email all day long. I setup an Evolution account for both POP3 and IMAP on the server and it works fine. I have configured 2 other PCs with Fedora 8 in the last 2 months and they both work fine. What am I missing here? Uh, really dumb question, but did you "chkconfig dovecot on" to make sure it starts on boot? Did you start it via "service dovecot start"? Does "netstat -lpn" show dovecot listening on ports 110 and 143? No, that's not the least bit dumb. I didn't and it wasn't, but that wasn't the problem because I did that pretty early on, and fixed it. The server had been rebooted a few times since. I did find the problem, though hadn't come across it before. It was iptables not 'trusting' those services to be accessed from a remote IP address. Thus, it worked on the server, but not from anywhere else. I did iptables -F and turned it off. The server is behind a very nice Linux-based firewall, and those services aren't NATted anyway. Only 25, 80 and 22 are open, and 22 to root is forbidden. The old server had been on a DMZ, with Samba and everything else open for the world to see. When I install other servers, I typically disable iptables from starting at boot because I have my own scripts to do it for me. With the information you gave in the last thread I started, I may be re-thinking that strategy. It bit me big this time. Thanks, Karl ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Careful! Ugly strikes 9 out of 10 people! - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
dovecot Outlook failure
Karl Pearson wrote:
On Thu, 23 Oct 2008, Rick Stevens wrote: Karl Pearson wrote: I'm in a client office, and they use Outlook. I installed a new server after theirs was hacked into from China (story for another time). I've installed Fedora 8 and everything is working, except dovecot from inside the network (it's not going to work from outside anymore :) ). If I sit at an XP PC and telnet 10.0.0.240 110 it just hangs for awhile, then times out and ends up back at a DOS prompt. Same for 143 (IMAP). I can telnet 10.0.0.240 25 and send email all day long. I setup an Evolution account for both POP3 and IMAP on the server and it works fine. I have configured 2 other PCs with Fedora 8 in the last 2 months and they both work fine. What am I missing here? Uh, really dumb question, but did you "chkconfig dovecot on" to make sure it starts on boot? Did you start it via "service dovecot start"? Does "netstat -lpn" show dovecot listening on ports 110 and 143? No, that's not the least bit dumb. I didn't and it wasn't, but that wasn't the problem because I did that pretty early on, and fixed it. The server had been rebooted a few times since. I did find the problem, though hadn't come across it before. It was iptables not 'trusting' those services to be accessed from a remote IP address. Thus, it worked on the server, but not from anywhere else. I did iptables -F and turned it off. The server is behind a very nice Linux-based firewall, and those services aren't NATted anyway. Only 25, 80 and 22 are open, and 22 to root is forbidden. The old server had been on a DMZ, with Samba and everything else open for the world to see. Ah! Yeah, that'd block them for sure. iptables was going to be my next question, but you beat me to it! Heheheheheh! When I install other servers, I typically disable iptables from starting at boot because I have my own scripts to do it for me. With the information you gave in the last thread I started, I may be re-thinking that strategy. It bit me big this time. I'll help if I can. I just finished my PCI-hardening stuff so I've got a pretty good grip on security stuff now...iptables, external firewalls, ssh restrictions, session timeouts, authentication and sudo off LDAP, the lot. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - I never drink water because of the disgusting things that fish do - - in it. - - -- WC. Fields - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
dovecot Outlook failure
On Fri, 24 Oct 2008, Rick Stevens wrote:
Karl Pearson wrote: On Thu, 23 Oct 2008, Rick Stevens wrote: Karl Pearson wrote: I'm in a client office, and they use Outlook. I installed a new server after theirs was hacked into from China (story for another time). I've installed Fedora 8 and everything is working, except dovecot from inside the network (it's not going to work from outside anymore :) ). If I sit at an XP PC and telnet 10.0.0.240 110 it just hangs for awhile, then times out and ends up back at a DOS prompt. Same for 143 (IMAP). I can telnet 10.0.0.240 25 and send email all day long. I setup an Evolution account for both POP3 and IMAP on the server and it works fine. I have configured 2 other PCs with Fedora 8 in the last 2 months and they both work fine. What am I missing here? Uh, really dumb question, but did you "chkconfig dovecot on" to make sure it starts on boot? Did you start it via "service dovecot start"? Does "netstat -lpn" show dovecot listening on ports 110 and 143? No, that's not the least bit dumb. I didn't and it wasn't, but that wasn't the problem because I did that pretty early on, and fixed it. The server had been rebooted a few times since. I did find the problem, though hadn't come across it before. It was iptables not 'trusting' those services to be accessed from a remote IP address. Thus, it worked on the server, but not from anywhere else. I did iptables -F and turned it off. The server is behind a very nice Linux-based firewall, and those services aren't NATted anyway. Only 25, 80 and 22 are open, and 22 to root is forbidden. The old server had been on a DMZ, with Samba and everything else open for the world to see. Ah! Yeah, that'd block them for sure. iptables was going to be my next question, but you beat me to it! Heheheheheh! When I install other servers, I typically disable iptables from starting at boot because I have my own scripts to do it for me. With the information you gave in the last thread I started, I may be re-thinking that strategy. It bit me big this time. I'll help if I can. I just finished my PCI-hardening stuff so I've got a pretty good grip on security stuff now...iptables, external firewalls, ssh restrictions, session timeouts, authentication and sudo off LDAP, the lot. Since I'm 'out of work' at the moment and back to consulting, I really ought to learn what PCI is really all about. I understand the basics, but the requirements are just about overwhelming to one as annoyingly self-taught as I am. Thanks for your help again. Karl ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - I never drink water because of the disgusting things that fish do - - in it. - - -- WC. Fields - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
| All times are GMT. The time now is 10:59 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.