This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that I can read mail while away from home. I have set up the account in kmail, and I know that that part is correct, as it worked on my old, less-secured, imap server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
Thanks
Anne
----- "Anne Wilson" cannewilson@googlemail.com wrote:
This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that I can read mail while away from home. I have set up the account in kmail, and I know that that part is correct, as it worked on my old, less-secured, imap server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
Thanks
Anne _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Hi Anne,
is your firewall set up ? port forwarding/NAT and how about your DNS, does that all point to the right place ?
----- "Anne Wilson" cannewilson@googlemail.com wrote:
This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that I can read mail while away from home. I have set up the account in kmail, and I know that that part is correct, as it worked on my old, less-secured, imap server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
Thanks
Anne _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Hi Anne,
is your firewall setup with the appropriate NAT/port forwarding and how about DNS ?
Cheers,
Brian.
----- "Brian McKerr" mailing@mckerrs.net wrote:
----- "Anne Wilson" cannewilson@googlemail.com wrote:
This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that
I
can read mail while away from home. I have set up the account in kmail, and
I
know that that part is correct, as it worked on my old, less-secured,
imap
server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
Thanks
Anne _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Hi Anne,
is your firewall setup with the appropriate NAT/port forwarding and how about DNS ?
Cheers,
Brian.
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
sorry about the double post. And there may another few to come. I've made some email changes and they don't work like I intended.
On Tuesday 05 February 2008 10:02:42 Brian McKerr wrote:
----- "Anne Wilson" cannewilson@googlemail.com wrote:
This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that I can read mail while away from home. I have set up the account in kmail, and I know that that part is correct, as it worked on my old, less-secured, imap server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
Hi Anne,
is your firewall setup with the appropriate NAT/port forwarding and how about DNS ?
The firewall in the router is correctly set up. I'm not so sure about the software firewall. I'm tempted to turn it off completely until I'm sure everything works correctly, then try to bring it back in. At least that way I'd be sure I was tackling one problem at a time.
DNS - local dns is by means of /etc/hosts. The same setup worked perfectly, without any additional configuration, on the old server which had no software firewall, depending entirely on the router firewall.
Anne
On Tue, Feb 05, 2008, Anne Wilson wrote:
This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that I can read mail while away from home. I have set up the account in kmail, and I know that that part is correct, as it worked on my old, less-secured, imap server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
You should have port 993 open which provides security via SSL. One can use TLS to initiate connections via port 143, but this may result in unencrypted logins which result in your username and password being sent in clear text across the Internet.
You will also have to make provisions to allow mail relaying from the roaming IP for the duration of the authenticated connection (assuming that your mail server is not an open relay which will get it black listed pretty quickly). There are various ways to handle this. We have used WHOSON for years which doesn't require any action on the part of the IMAP client. One can also use SMTP AUTH, POP/IMAP before SMTP, or other methods.
It would probably be easier to set up OpenVPN so you can tunnel from the remote systems into your private network, then connect via the private IP address for IMAP and SMTP sending. Once one has generated the proper keys for the OpenVPN connections, it is easy to make the connections (and easy to revoke them as well). There are OpenVPN clients for the Microsoft virus, Windows, OS X, and every version of Unix I've used.
Bill -- INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
Democracy, n.: A government of the masses. Authority derived through mass meeting or any other form of direct expression. Results in mobocracy. Attitude toward property is communistic... negating property rights. Attitude toward law is that the will of the majority shall regulate, whether it is based upon deliberation or governed by passion, prejudice, and impulse, without restraint or regard to consequences. Result is demagogism, license, agitation, discontent, anarchy. -- U. S. Army Training Manual No. 2000-25 (1928-1932), since withdrawn.
On Tuesday 05 February 2008 17:20:18 Bill Campbell wrote:
On Tue, Feb 05, 2008, Anne Wilson wrote:
This (CentOS5.1) box is my new imap server. Using system-config-security-level I opened port 143 tcp, and mail is readable throughout the LAN. I want a Roaming account on my laptop so that I can read mail while away from home. I have set up the account in kmail, and I know that that part is correct, as it worked on my old, less-secured, imap server. However, I haven't been able so far to make a connection.
Do I need 143 udp open? What else must I do to allow me to connect over WAN?
You should have port 993 open which provides security via SSL. One can use TLS to initiate connections via port 143, but this may result in unencrypted logins which result in your username and password being sent in clear text across the Internet.
You will also have to make provisions to allow mail relaying from the roaming IP for the duration of the authenticated connection (assuming that your mail server is not an open relay which will get it black listed pretty quickly). There are various ways to handle this. We have used WHOSON for years which doesn't require any action on the part of the IMAP client. One can also use SMTP AUTH, POP/IMAP before SMTP, or other methods.
It would probably be easier to set up OpenVPN so you can tunnel from the remote systems into your private network, then connect via the private IP address for IMAP and SMTP sending. Once one has generated the proper keys for the OpenVPN connections, it is easy to make the connections (and easy to revoke them as well). There are OpenVPN clients for the Microsoft virus, Windows, OS X, and every version of Unix I've used.
It sounds very complex. I did try, a little while back, to set up OpenVPN, but couldn't understand the settings that I was asked to give. I read three or four how-tos, without feeling any wiser. I got as far as generating the keys, but the instructions seemed to stop there. Then I bought a book - only to find that it was out of date, and nothing was the same as it said :-( The software was two or three version later and quite different. If you know a good how-to for someone with no previous knowledge I'd be glad to hear of it.
Anne
-
Anne Wilson -
Bill Campbell -
Brian McKerr -
Brian McKerr