Dear List,
I recently spent some time out of the USA, and found myself in a hotel that blocked port 25 which prevented my laptop's ability to connect to my office mail server. I did a scan on the internet and made the observation that this was a common problem. I had port 22 available so I was able to get my office server set up to accept mail on 25 and 587 without difficulty. The command "telnet mail.server.com 587" to my office mail server connects without difficulty.
However, I have not been able to get sendmail on my laptop to connect to sendmail on my mail server at home using port 587.
I have added the following to sendmail.mc on my laptop without success :
define(`RELAY_MAILER_ARGS', `TCP $h 587') define(`ESMTP_MAILER_ARGS', `TCP $h 587')
I finally made it back home, but have decided to change my configuration to use 587 by default so that this problem will be avoided, but I have been unable to get my laptop to connect.
Anyone having ideas would be appreciated.
Greg Ennis
Gregory P. Ennis wrote:
Dear List,
I recently spent some time out of the USA, and found myself in a hotel that blocked port 25 which prevented my laptop's ability to connect to my office mail server. I did a scan on the internet and made the observation that this was a common problem. I had port 22 available so I was able to get my office server set up to accept mail on 25 and 587 without difficulty. The command "telnet mail.server.com 587" to my office mail server connects without difficulty.
However, I have not been able to get sendmail on my laptop to connect to sendmail on my mail server at home using port 587.
I have added the following to sendmail.mc on my laptop without success :
define(`RELAY_MAILER_ARGS', `TCP $h 587') define(`ESMTP_MAILER_ARGS', `TCP $h 587')
I finally made it back home, but have decided to change my configuration to use 587 by default so that this problem will be avoided, but I have been unable to get my laptop to connect.
Anyone having ideas would be appreciated.
Usually you would block 587 inbound on your own office firewall and use that to distinguish between locally-submitted mail and internet-received. You definitely don't want to permit relaying from un-authenticated internet sources. If you need access to other office resources, one approach would be to set up openvpn on an office server and the laptop so you have an encrypted connection through the firewall. Another would be to set up sendmail to require authentication on port 587 and also set up your laptop to send authentication.
On Sun, 2010-03-21 at 16:18 -0500, Les Mikesell wrote:
Gregory P. Ennis wrote:
Dear List,
I recently spent some time out of the USA, and found myself in a hotel that blocked port 25 which prevented my laptop's ability to connect to my office mail server. I did a scan on the internet and made the observation that this was a common problem. I had port 22 available so I was able to get my office server set up to accept mail on 25 and 587 without difficulty. The command "telnet mail.server.com 587" to my office mail server connects without difficulty.
However, I have not been able to get sendmail on my laptop to connect to sendmail on my mail server at home using port 587.
I have added the following to sendmail.mc on my laptop without success :
define(`RELAY_MAILER_ARGS', `TCP $h 587') define(`ESMTP_MAILER_ARGS', `TCP $h 587')
I finally made it back home, but have decided to change my configuration to use 587 by default so that this problem will be avoided, but I have been unable to get my laptop to connect.
Anyone having ideas would be appreciated.
Usually you would block 587 inbound on your own office firewall and use that to distinguish between locally-submitted mail and internet-received. You definitely don't want to permit relaying from un-authenticated internet sources. If you need access to other office resources, one approach would be to set up openvpn on an office server and the laptop so you have an encrypted connection through the firewall. Another would be to set up sendmail to require authentication on port 587 and also set up your laptop to send authentication.
Dear Les,
I appreciate your advice about having un-authenticated relaying, and understand the importance of having this blocked. My sendmail office server will only allow relaying with authentication using :
define(`confAUTH_OPTIONS', `A p y')dnl
My problem is using port 587 on the laptop sendmail that is trying to send e-mail to my office sendmail server. I have been unable to get sendmail on the laptop to connect to the office server using port 587.
Your idea of using openvpn is interesting. I have not experimented with this yet, but will download it and take a look. My presumption is that it needs to be on both the laptop as well as office server.
If you have other ideas would appreciate your assistance.
Thanks for your help!!!
Greg
On Sun, 2010-03-21 at 16:47 -0500, Gregory P. Ennis wrote:
If you have other ideas would appreciate your assistance.
--- I have an idea... Dump Sendmail on your laptop!!!
Use Evolution or Pine to fetch and read your mail from your office server. Seems a way lot simpler the sendmail.mc way. Configure them to use the ports on your office server. How simple can it get?
John
O n Sun, 2010-03-21 at 18:07 -0400, JohnS wrote:
If you have other ideas would appreciate your assistance.
I have an idea... Dump Sendmail on your laptop!!!
Use Evolution or Pine to fetch and read your mail from your office server. Seems a way lot simpler the sendmail.mc way. Configure them to use the ports on your office server. How simple can it get?
John
John,
I actually evaluated your solution first in that your way was the normal way I sent mail. The problem I had was that port 25 was being blocked by the hotel and I could not figure out how to get evolution to use a port different than 25 to send mail. Receiving mail was no problem it was just sending mail.
sendmail is supposed to be able to use port 587 to send mail so that is where I turned next, but have not made it work yet.
Thanks for responding!!!!
Greg
Install dovecot on the server. Use firewall rules to block out all networks for 993 BUT the network of your laptop (whatever ISP your on). Use thunderbird (or whatever) to read you email.
I do that with all our mobiles/laptops.
Jobst
On Sun, Mar 21, 2010 at 03:55:47PM -0500, Gregory P. Ennis (PoMec@PoMec.Net) wrote:
Dear List,
I recently spent some time out of the USA, and found myself in a hotel that blocked port 25 which prevented my laptop's ability to connect to my office mail server. I did a scan on the internet and made the observation that this was a common problem. I had port 22 available so I was able to get my office server set up to accept mail on 25 and 587 without difficulty. The command "telnet mail.server.com 587" to my office mail server connects without difficulty.
However, I have not been able to get sendmail on my laptop to connect to sendmail on my mail server at home using port 587.
I have added the following to sendmail.mc on my laptop without success :
define(`RELAY_MAILER_ARGS', `TCP $h 587') define(`ESMTP_MAILER_ARGS', `TCP $h 587')
I finally made it back home, but have decided to change my configuration to use 587 by default so that this problem will be avoided, but I have been unable to get my laptop to connect.
Anyone having ideas would be appreciated.
Greg Ennis
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Mon, 2010-03-22 at 09:21 +1100, Jobst Schmalenbach wrote:
Install dovecot on the server. Use firewall rules to block out all networks for 993 BUT the network of your laptop (whatever ISP your on). Use thunderbird (or whatever) to read you email.
I do that with all our mobiles/laptops.
Jobst
Jobst,
I had been doing what you suggested above. This resulted in being able to read all e-mail, but I could not send any e-mail in that port 25 was being blocked by the hotel.
Greg
On 22/03/10 10:01, Gregory P. Ennis wrote:
I had been doing what you suggested above. This resulted in being able to read all e-mail, but I could not send any e-mail in that port 25 was being blocked by the hotel.
I use thunderbird and have configured it to use multiple outgoing SMTP servers for various circumstances. There is an option in the outgoing SMTP server settings to specify the port that it uses.
Another option which is simpler than sendmail (and even postfix) is to use a simple SMTP relay like ssmtp (get off centos repos). This has a very simple configuration file and even an example of what you want to do. This way you dont have to change your favourite email client :-)
Hope this helps!
Kal
On Mon, 2010-03-22 at 10:25 +1100, Kahlil Hodgson wrote:
On 22/03/10 10:01, Gregory P. Ennis wrote:
I had been doing what you suggested above. This resulted in being able to read all e-mail, but I could not send any e-mail in that port 25 was being blocked by the hotel.
I use thunderbird and have configured it to use multiple outgoing SMTP servers for various circumstances. There is an option in the outgoing SMTP server settings to specify the port that it uses.
Another option which is simpler than sendmail (and even postfix) is to use a simple SMTP relay like ssmtp (get off centos repos). This has a very simple configuration file and even an example of what you want to do. This way you dont have to change your favourite email client :-)
Hope this helps!
Kal _______________________________________________
Kai,
You can read my mind about evolution, I am about ready to change :) I'll take a look at ssmtp to see if I can get it to work with evolution.
Thanks for the suggestion!!!!
Greg
Gregory P. Ennis wrote:
On Mon, 2010-03-22 at 09:21 +1100, Jobst Schmalenbach wrote:
Install dovecot on the server. Use firewall rules to block out all networks for 993 BUT the network of your laptop (whatever ISP your on). Use thunderbird (or whatever) to read you email.
I do that with all our mobiles/laptops.
Jobst
Jobst,
I had been doing what you suggested above. This resulted in being able to read all e-mail, but I could not send any e-mail in that port 25 was being blocked by the hotel.
The other common option is to use port 465 for smtp over ssl - which should be something you can activate by uncommenting lines in your sendmail.mc and most clients handle. Or use an outside account like gmail or yahoo that does this. You still need to configure client authentication, and on your own server, relay only if authenticated.
On 03/21/2010 07:25 PM, Les Mikesell wrote:
Gregory P. Ennis wrote:
On Mon, 2010-03-22 at 09:21 +1100, Jobst Schmalenbach wrote:
Install dovecot on the server. Use firewall rules to block out all networks for 993 BUT the network of your laptop (whatever ISP your on). Use thunderbird (or whatever) to read you email.
I do that with all our mobiles/laptops.
Jobst
Jobst,
I had been doing what you suggested above. This resulted in being able to read all e-mail, but I could not send any e-mail in that port 25 was being blocked by the hotel.
The other common option is to use port 465 for smtp over ssl - which should be something you can activate by uncommenting lines in your sendmail.mc and most clients handle. Or use an outside account like gmail or yahoo that does this. You still need to configure client authentication, and on your own server, relay only if authenticated.
Sendmail can't initiate an outgoing port 465 connection on its own. The only way sendmail can use a secure outgoing connection is by starting out unencrypted and using STARTTLS to switch to secure mode. Port 465 doesn't work that way. I've been through that, consulted with the Gods, etc., and the only way to make outgoing port 465 from sendmail work is to route the connection via 'stunnel'. Yes, that can be done, but it's a bit of a PITA, and I'm glad I don't have to do it any more.
Port 587 + STARTTLS should be quite straightforward, though I've never had to play with the incoming side of that.
The other common option is to use port 465 for smtp over ssl - which should be something you can activate by uncommenting lines in your sendmail.mc and most clients handle. Or use an outside account like gmail or yahoo that does this.
Please do not promote port 465 when everything else other than Lookout or Lookout Express (RIP) can support 587 and STARTTLS
On Sun, 2010-03-21 at 15:55 -0500, Gregory P. Ennis wrote:
Dear List,
I recently spent some time out of the USA, and found myself in a hotel that blocked port 25 which prevented my laptop's ability to connect to my office mail server. I did a scan on the internet and made the observation that this was a common problem. I had port 22 available so I was able to get my office server set up to accept mail on 25 and 587 without difficulty. The command "telnet mail.server.com 587" to my office mail server connects without difficulty.
However, I have not been able to get sendmail on my laptop to connect to sendmail on my mail server at home using port 587.
I have added the following to sendmail.mc on my laptop without success :
define(`RELAY_MAILER_ARGS', `TCP $h 587') define(`ESMTP_MAILER_ARGS', `TCP $h 587')
I finally made it back home, but have decided to change my configuration to use 587 by default so that this problem will be avoided, but I have been unable to get my laptop to connect.
Anyone having ideas would be appreciated.
Greg Ennis
Everyone,
Thank you for your assistance; the best solution seemed to be the use of openvpn, or changing to thunderbird instead of evolution. I never found a method to make sendmail send mail out on 587.
However, I did find an easy solution for evolution to use smtp on port 587. I will record it here so that anyone looking for this in the future will have the right methodology.
All I had to do was to place the port number after the server name in the "Sending E-Mail" tab of the "Preference -> Mail Account module in the form of :
mail.domain.net:587
It was easy to set sendmail up to use port 587 with the entries :
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
Please note both entries are required for sendmail to use port 25 and port 587.
Thanks again for everyone's help!!!
Greg
On Sun, 2010-03-21 at 22:55 -0500, Gregory P. Ennis wrote:
However, I did find an easy solution for evolution to use smtp on port 587. I will record it here so that anyone looking for this in the future will have the right methodology.
All I had to do was to place the port number after the server name in the "Sending E-Mail" tab of the "Preference -> Mail Account module in the form of :
mail.domain.net:587
--- For the record here is what I use in Pine for my .pinerc file. Located in /home/user_name/.pinerc... smtp-server=smtp.gmail.com:587/tls/user=your_address@gmail.com
So how is there a problem with Pine?
I see you got Evolution figured out. I would rather have a plain old email client like pine or evolution instead of a VPN.
John
On 03/21/2010 10:55 PM, Gregory P. Ennis wrote:
On Sun, 2010-03-21 at 15:55 -0500, Gregory P. Ennis wrote:
Thank you for your assistance; the best solution seemed to be the use of openvpn, or changing to thunderbird instead of evolution. I never found a method to make sendmail send mail out on 587.
Should be a piece of cake. Here are the relevant lines from my sendmail.mc:
define(`RELAY_MAILER_ARGS',`TCP $h 587')dnl define(`ESMTP_MAILER_ARGS',`TCP $h 587')dnl define(`SMART_HOST', `smtp.comcast.net')dnl FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl
And in /etc/mail/auth/client-info:
AuthInfo:smtp.comcast.net "U:root" "I:my_user_name" "P:my_passwd"
And in /etc/mail/auth/Makefile:
client-info.db: client-info makemap hash $@ < $<
-
Christopher Chan -
Gregory P. Ennis -
Jobst Schmalenbach -
JohnS -
Kahlil Hodgson -
Les Mikesell -
Robert Nichols