500 PTS--Setting up a email server in Linux Red hat 9.0

Hello,

I have currently red hat 9.0 installed and Postfix running. I have made some madifications to the Main config file, but not sure if i edited correctly. I do have the ability to send out mail though.

I need some info on recieving mail now. I currently have POP installed and running. I am behind a firewall in a DMZ zone. I the firewall forwarding all requests on port 110 to the machine. I have purchased a static Ip adress for the cable company. For testing purposes, i just want to send an email to the email server and recieve it...Where do i begin.....?? What Process should i use??? to see it the POP is working/Postfix is working?? How would I check for errors on recieving??

Thanks in advance...
JohnysteaksAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnysteaksAuthor Commented:
The Thread isn't finished...I was hoping that someone who has configured this before would help.....

Not the say that you haven't...I just wanted an overview if not detailed example....
MarkLead Sales Engineer - Public SectorCommented:
http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Setup/Q_20749169.html

Try that one... It might not "finish" it off for you, but it should bring you pretty close. Tell me what's still unanswered, and I'll take care of it...
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

paullamhkgCommented:
Have a look here http://www.siliconvalleyccie.com/ for setting up a home networking, which have info abt the firewall setting, mail server and others service.

Hope this can help
mcmurrickCommented:
Sounds like you need to own a domain name and have it bound by DNS to your IP otherwise your mail will need to be sent to the IP address you have leased. such as webmaster@122.23.22.2 (whatever your server ip address is) if you have a registered domain name and it is bound to your IP address webmaster@yourdomain.com should work. However what was written in your post was not completly specific the steps you have taken already hope this helps
JohnysteaksAuthor Commented:
oK,
  I Will be alittle more specific. I have a Static Ip Adress. I have A domain Name. For Example's Sake, Let's use 62.1.1.2 for the IP and helpnetworks.org as the Domain.

I have My server in a DMZ zone Behind a Firewall that is forwarding Requests for My Web currently..

I have Update My networksolutions account to Use the DNS and the Nameserver(s) give to Me by my ISP.

Mail.helpnetworks.org is Being Resolved By my ISP and and Requests are being Forwarded to My Firewall which is Holding the IP, then Forwarding it to the IP adress adress in my DMZ zone


I currently can send Mail Outbound. Don't Have a Problem with that. I have SMTP Installed. Posfix Installed.

But Cannot send out Mail...

I need some detail instructions on what to Do to Setup this...I believe i need to setup a Pop3 or IMAP service to transport the mail to postfix..But i get lost here.....


I also have webadmin installed..Nice Program....

My Pro
MarkLead Sales Engineer - Public SectorCommented:
Please clarify - you say you can send outbound, then you say you can't.
JohnysteaksAuthor Commented:
I misposted..

I can send Outbound Mail But cannot recieve Mail.....

MarkLead Sales Engineer - Public SectorCommented:
Two more questions:

1) Can you post any log information from the server that shows errors or mail issues? /var/log/maillog is where everything would be going...

2) Did my other post that I listed above help you in any way?
JohnysteaksAuthor Commented:
Have you setup a Email server Before??

I am not trying to be rude, but i read alot of the info. I wanted an Overview on how i should be modeling the Recieving of the email...

I have webadmin installed...If that makes a difference...

I believe a need a courier(Imap?/Pop3?) to transport the email messages to Postfix, but wanted some detail on "Where do i go from here"...

Like a mentioned, i can send out no problem, just can't recieve email and wanted info before i begun....


MarkLead Sales Engineer - Public SectorCommented:
I am the e-mail and web hosting administrator for my company. I run Postfix mail servers exclusively, and we also offer a hosted SPAM scrubbing solution utilizing Postfix on Linux, w/ amavisd-new and SpamAssassin.

If you need to get this server working, I can help you do it. The reason I pointed you to my other question is because the other poster was looking to get his server set up to properly receive inbound mail. Look through that post and follow it. It will get you a lot closer to where you need to be than you are right now.
JohnysteaksAuthor Commented:
Nice,

Thanks for responding..I looked at the Info and seems straight forward, but i think some of the info i may be interpreting incorrectly.

I really am getting lost after compiling IMAP...

I am not sure on the MX record....Also--Can you give me an overview on how it should be configureD. Then, i can attempt to complete the bulleted list...The ask questions:
For Example:

Install/Validate IMAP
Edit Hosts Name to reflect XXX
Update MX Record
Issue Command XXX

And So On

Doesn't have to be that specific...Just an over view....I am a sysadm as well and want to understand/Not just skim.....From your expierance--your a Prime example...I very much appreciate your time....
JohnysteaksAuthor Commented:
Nice,

Thanks for responding..I looked at the Info and seems straight forward, but i think some of the info i may be interpreting incorrectly.

I really am getting lost after compiling IMAP...

I am not sure on the MX record....Also--Can you give me an overview on how it should be configureD. Then, i can attempt to complete the bulleted list...The ask questions:
For Example:

Install/Validate IMAP
Edit Hosts Name to reflect XXX
Update MX Record
Issue Command XXX

And So On

Doesn't have to be that specific...Just an over view....I am a sysadm as well and want to understand/Not just skim.....From your expierance--your a Prime example...I very much appreciate your time....
MarkLead Sales Engineer - Public SectorCommented:
While IMAP is a useful tool to use in conjunction with a remote e-mail client or a webmail component, it is absolutely not required to send/receive e-mail on the machine.

While I'm on the subject: there are a couple of ways that you can implement IMAP on RedHat - you can go with the RPM package that ships with the OS, or you can go to Courier. Which method you opt for is determined by your needs. The main advantage to Courier is the ability to support Maildir style mailboxes. If the amount of mail received on the system is expected to be reasonably "small" (less than a hundred messages or so kept for any length of time), you can stick with the IMAP that ships with RedHat. If you expect the incoming mail load to be much higher, consider changing to Courier. Tell me your thoughts here, and I can help you get this done...

As for incoming mail:

For your MX - go to the DNS server that is running your domain. Create an MX, give it a value of 10 (if you can set values), and point it to your hostname (machine.domain.org, or whatever). Then, make sure that machine is listed in DNS with an A record that is your static IP Address.

If the IP Address on the machine is not the public address you put in the MX record, but is a translated address that's behind a firewall, you will need to edit /etc/postfix/main.cf and put the public IP Address in the "proxy_interfaces = " parameter.

You should be able to use the notes in my other posts to set most of the other variables in the main.cf file.
JohnysteaksAuthor Commented:
I have the ISP resolving the Ip address to the FQDN(myDomain.org) and also any requests for Mail.Mydomain.org forwarded to My Ipadress...

I am not sure if i listed this above...Or it was clear enough..

I will compile and install Courier(Seems like the way to go)

Change the MX record....

What Port should My firewall be forwarding???

MarkLead Sales Engineer - Public SectorCommented:
Port 25, TCP
JohnysteaksAuthor Commented:
Ok,
Below is the Following items i have completed:

iPop3 Is on(Wasn't)
I added lines that were listed in the Main.cf file

POP

==================Main.cf======================== command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
program_directory = /usr/libexec/postfix
mail_owner = postfix
default_privs = nobody
myhostname = <computername.mydomain.org>
mydomain = <Mydomain.org>
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, $mydomain, $mydomain
default_transport = smtp
alias_maps = hash:/etc/postfix/virtual
alias_database = hash:/etc/postfix/aliases
newaliases_path = /usr/bin/newaliases.postfix
recipient_deliimiter = +
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail -Y -a "$DOMAIN"
header_checks = regexp:/etc/postfix/header_checks
mynetworks_style = host
mynetworks = 127.0.0.0/8
local_recipient_maps = $alias_maps unix:passwd.byname
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
maps_rbl_domains = relays.ordb.org
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_maps_rbl
smtpd_sender_restrictons = reject_unauth_pipelining, reject_non_fqdn_sender
smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access hash:/etc/postfix/whitelist,

reject_unauth_destination, reject_non_fqdn_recipient
disable_vrfy_command = yes
debug_peer_level = 2
delay_warning_time = 4
debugger_command =
       PATH=/usr/bin:/usr/X11R6/bin
       xxgdb $daemon_directory/$process_name $process_id & sleep 5


==================Main.cf========================
I can telnet to

SMTP(25), POp3(110)

I can access my mailbox using Kmail..
I can retrieve email and send email locally..Using Kmail...



I would like to use Pop3 with SSL on Port 995 instead of Pop3--for security..Mayby you can suggest something else....




I am getting these errors in the Log trying to access:

Recipient address rejected: Relay access denied; from=<myworkemailaddress> to=<myaccount@mydomain.org>

I am also getting this as well, but does not hinder my email retrieval;
postfix/smtpd[3488]: warning: restriction reject_maps_rbl is going away. Please use reject_rbl_client <domain> instead

I get this trying to access from a computer on my insternal subnet:

connect from unknown[192.168.2.11]

and yet another:
B1A1620E115: to=<mailtest@basilnetworks.org>, relay=local, delay=5, status=sent ("|/usr/bin/procmail -Y -a "$DOMAIN"")

Let me know what you think






MarkLead Sales Engineer - Public SectorCommented:
Ok. Good information. Tell me the following:

1) Have you tried sending an e-mail to an account on this machine from someplace like Hotmail, Yahoo, or AOL? What happens when you do? If the message fails, can you post any of the return info here for review?

2) If you are logged on to the box, can you send mail to other users on the box?

3) Are you agreeable to getting IMAP and POP working in "basic" mode before attempting to enable all of the encrypting pieces?
JohnysteaksAuthor Commented:
I can send out anywhere logged onto the Machine locally...I can recieve mail locally...

I tried to Retrieve it using Outlook express on my win2k system. I can connect and SMTP tests Out OK.

It states that i can connect to the POP server, but the server doesn't respond...

I can connect using the mail.<mydomain>.org for SMTP--

Havent Tried sending mail to other users on the box But if i can send mail out and recieve mail, i should be able to..

I can connect to POP 3 and smtp via telnet @the correcponding Ports..So i guess they are working....

My big problem is that i just cant retrieve email logged onto another machine by setting Up the POP3 and smtp settings on another machine....

Any of the errors listed above help--what do they mean-?-I can give you my email address if you want to start exchanging email...


 

JohnysteaksAuthor Commented:
Just want to clarify..

I can send email to user@mydomain.org from my work account me@mywork.com no problem. I can also reply to the email and send one from user@mydomain.com to anywhere i want(Never had a problem with it..

How does my Main.cf look--Not to sure on the mynetworks line...

MarkLead Sales Engineer - Public SectorCommented:
Ok. I think this is where we're at...

Let's cover a couple quick things first...

Don't sweat the error about the reject_maps_rbl thing. And, as much as it might be "quicker" to hash through some of this through e-mail, I want to keep the detail in this forum. "History" is a big part of why this site works. If we switch to e-mail, a lot gets lost, and others with similar problems don't get to see what you did to fix it.

The SMTP daemon appears to be listening properly for inbound mail and, from your description, it appears to be delivering to the appropriate users. Good.

The mailer appears to be functioning properly when delivering outbound mail. This means that it is able to understand the detsinations and connect correctly. Good.

There are two pieces left to either get working properly, or just get working. These are:

1) The ability to retrieve mail from a remote machine using POP3

2) The ability to use the mailer daemon to "relay" mail for a remote machine - this essentially means that you will use the daemon to send mail to another system.

The mynetworks parameter in the main.cf file is used to determine what machines (or networks) are allowed to use the mailer on this server as a relay. You don't want to be an open relay, so you want this to be as tight as possible. Your setting should be changed. To what? You'll need to determine the final answer, but here's the template:

mynetworks = 127.0.0.1/32, a.b.c.d/x

Using the layout above, add as many a.b.c.d/x entries as makes sense for your environment. Allow the machines that need to relay through the server, don't allow the ones that don't. If you have a whole network (192.168.5.0 / 255.255.255.0) that you need to allow, put it in (192.168.5.0/24). You'll need to know how to covert between subnet masks and prefix lengths...

Can you tell me what you're running for your POP daemon? If you look in /etc/xinetd.d, is there a ipop3 listed? If you look in that file, is it disabled, or no?

To fully test the POP daemon, telnet to the machine on port 110 and enter the following:

user <username>
pass <password>

Don't include the <>, and replace the user and password accordingly. Try running on the local machine first. Make sure that you can get a proper prompt that the mailbox is open after the two commands. Then, move to a remote machine. Tell me where it falls apart.
JohnysteaksAuthor Commented:
It's Ipop3

I can log in using telnet to 110 Locally.

The Using USER <user>
                PASS <User password> and that works



I don't believe it disabled as it does allow me to connect..

My internal network is 192.168.2.X. So entering the line below will allow all systems in my network to be allowed to recieve a relayed message from the mail server??
mynetworks = 127.0.0.1/32, 192.168.2.0 / 255.255.255.0







MarkLead Sales Engineer - Public SectorCommented:
Can you authenticate to the POP daemon from a remote machine?

For the mynetworks:

1) Make sure there is no space in the network declaration, and that you use prefix lengths instead of masks (should be 192.168.2.0/24).

2) mynetworks has nothing to do with receiving mail, only relaying (or sending) messages to other destinations (like @microsoft.com). Essentially, this parameter tells Postfix which machines to "trust" and accept outbound mail from for delivery. If you were to put 0.0.0.0/0 in this field, any machine in the world could "drop off messages" for delivery to anywhere else in the world. That would make you an open relay. That would be bad.
JohnysteaksAuthor Commented:
So Basically what you are telling, just to be clear, is that the Relay agent is Ip/Subment specific .  It uses that parameter to authenticate the validity of the retrieving subnet, to relay the mail off...

Then upon validating a trusting network, it validates the username/pass of the user, then forwards the email using relay agent of postfix..

My current network is only set to local host, 127.0.0.8, so that in fact is the probably reason why i can only retrieve mail from the local host...

As no other domain has been entered(validated) in the my network field, so there-in-fact is the reason the relay agent hasn't forwarded anything off...





MarkLead Sales Engineer - Public SectorCommented:
Let me try again to make this absolutely clear -

mynetworks has *absolutlely nothing* to do with *retrieval*. It has *ONLY* to do with sending.

When a remote machine connects to the SMTP daemon to send a message, and that message is not addressed to a recipient specifically on the Postfix server, it must be relayed. If the address of the the remote machine is in the mynetworks variable, the relay is permitted.

In no way, under no circumstances, does retrieval or user/password authentication come into play.

SMTP is for sending, and is tied to the mynetworks parameter. POP is for retrieval, and IS NOT associated with the mynetworks parameter.

Perform the POP commands I gave you above from a remote machine and see if you can log in or even connect.
JohnysteaksAuthor Commented:
I cannot connect to remote system via Port 110. Only On Local System
JohnysteaksAuthor Commented:
I didn't have telnet running as well--FYI
MarkLead Sales Engineer - Public SectorCommented:
Telnet is for connections on port 23, so that's ok.

When you installed the box, did you opt for firewall protection? On a console, type "service iptables stop" and then try connecting to port 110 from a remote machine again...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnysteaksAuthor Commented:
That Did It--Bingo---
Man-your good---


I knew it was something Minor....I do have one last question reguarding the Trusted domains Listed below...

http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Setup/Q_20805065.html


Here is my next post on securing it--If possible-Couuld you take a look at it so i can get consistent imput on developing it and your already steps ahead of other Admins(Both through EE and your work)

I tried to Relay an email from my work Domain, Me@myworkdomain.com and it listed relay access denied..Which, from your post, is because i have not yet identified it as a trusting domain.If my Outbound ip address is 172.18.2.112 from the firewall (Confirmed this with the Maillog as it states it), how should my mynetworks line look??
I now the first is Less secure as it open the whole subnet up...

127.0.0.1/8, 192.168.2.0 / 24,172.18.2.0/24

Or 127.0.0.1/8, 192.168.2.0 / 24,<Exact IP><---Need help with syntax


It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.