Postfix and PTR record issues
by arnaud gaboury
I am setting up a mail server with Postfix and bump my head about an
issue since a few days.
Issue:
Testing with Telnet:
------------------------------------
% telnet mail.thetradinghall.com 587
Trying MyPublicIp...
Connected to mail.thetradinghall.com.
Escape character is '^]'.
220 poppy.thetradinghall.com ESMTP Postfix (3.0.3)
mail from:arnaud.gaboury@thetradinghall.com
503 5.5.1 Error: send HELO/EHLO first
HELO thetradinghall.com
250 poppy.thetradinghall.com
mail from:arnaud.gaboury@thetradinghall.com
250 2.1.0 Ok
rcpt to:arnaud.gaboury@thetradinghall.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
.
250 2.0.0 Ok: queued as 17E4224F2B
quit
221 2.0.0 Bye
Connection closed by foreign host.
----------------------------
This is a virtual user, he is recognized. fine. I can see the emails
in the virtual mailbox.
$ journactl --unit postfix -r
--------------------------------------------
Feb 09 12:00:19 poppy postfix/smtpd[347]: disconnect from unknown
[MyPublicIp] helo=1 mail=1
Feb 09 12:00:16 poppy postfix/qmgr[204]: 17E4224F2B:
MyPublicIpfrom=<arnaud.gaboury(a)thetradinghall.com>,
Feb 09 12:00:16 poppy postfix/cleanup[363]: 17E4224F2B: message-id=<>
Feb 09 12:00:09 poppy postfix/smtpd[347]: 17E4224F2B: client=unknown[MyPublicIp]
Feb 09 11:59:19 poppy postfix/smtpd[347]: connect from unknown[MyPublicIp]
Feb 09 11:59:19 poppy postfix/smtpd[347]: warning: hostname
dsldevice.lan does not resolve to a
Feb 09 11:57:36 poppy systemd[1]: Started Postfix Mail Transport Agent.
---------------------------------------------
***************
Now trying to an external user:
% telnet mail.thetradinghall.com 587
----------------------------------------
..............
email from:arnaud.gaboury@thetradinghall.com
502 5.5.2 Error: command not recognized
mail from:arnaud.gaboury@thetradinghall.com
250 2.1.0 Ok
rcpt to:arnaud.gaboury@gmail.com
454 4.7.1 <arnaud.gaboury(a)gmail.com>: Relay access denied
---------------------------------------------------------------------------
$ journactl --unit postfix -r
----------------------------------------
Feb 09 13:47:05 poppy postfix/smtpd[1518]: NOQUEUE: reject: RCPT from
unknown[MyPublicIp]: 454 4.7.1 <arnaud.gaboury(a)gmail.com>: Relay
access denied; from=<arnaud.gaboury(a)thetradinghall.com
Feb 09 13:46:02 poppy postfix/smtpd[1518]: connect from unknown[MyPublicIp]
Feb 09 13:46:02 poppy postfix/smtpd[1518]: warning: hostname
dsldevice.lan does not resolve to address MyPublicIp
***********************
After some reading, I came to the conclusion I did not setup any PTR
record. hostname dsldevice.lan is in fact my gateway (168.192.1.254).
Some debugging commands:
-----------------------------------
% host MyPublicIp
MyPublicIp.in-addr.arpa domain name pointer dsldevice.lan. <<<< here I
should see thetradinghall.com ??
% host thetradinghall.com
thetradinghall.com has address MyPublicIp
% dig thetradinghall.com
............................
;; ANSWER SECTION:
mail.thetradinghall.com. 6632 IN A MyPublicIp
;; AUTHORITY SECTION:
thetradinghall.com. 85556 IN NS ns4.he.net.
thetradinghall.com. 85556 IN NS ns3.he.net.
thetradinghall.com. 85556 IN NS ns5.he.net.
% dig -x thetradinghall.com
.....................
;; AUTHORITY SECTION:
in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa.
nstld.iana.org. 2015072880 1800 900 604800 3600
% dig -x MyPublicIp
;; Warning: Message parser reports malformed message packet. <<<<
Problem here ?
--------------------------------------
***********************
About the setup: a router, one Linux distro as host (no server at all,
inet 192.168.1.87/24 brd 192.168.1.255 scope global br0) with a
virtual bridge to a container, another linux distro with all internet
services (http, ftp, mail etc) as 192.168.1.94/24
some netwrok parameters:
----------------------------------------------
gateway 192.168.1.254
$ ip a
-----------------
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
.................................
2: host0@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default qlen 1000
link/ether 0e:7f:c3:fb:25:b1 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.1.94/24 brd 192.168.1.255 scope global host0
***********************************************
When looking at my DNS provider (Hurricane Electric), I effectively
have no PTR record. I must set one but honestly, I am far from
understanding everything about PTR.
Thank you for help and hints.
--
google.com/+arnaudgabourygabx
8 years, 1 month
Dlink DWA192 Kernel Support Issue
by Stephen Morris
Hi,
I have just upgraded my usb wireless adapter from a Dlink DWA182
which was not supported by the kernel, which I'm told never will be
supported by the kernel, to a Dlink DWA192 which appears to be natively
supported by the kernel. The issue I have is that the network interface
only sees the 2.4GHz ssid it doesn't see the 5GHz ssid, is this intended
functionality, inadvertent or is support for the 5GHz band not
implemented yet? I'm currently using the 4.3.4-300 kernel.
regards,
Steve
8 years, 1 month
Latest claws mail moves to message above deleted message instead of below
by stan
I sort messages in claws by date descending. So the newest messages
are at the top. When I read, I start at the top, and process messages
as I move down. Claws used to move to the message below the current
message on delete, now it moves to the message above. So if I delete a
message it now moves to a message that I have already seen instead of
the message below the deleted message.
It seems that this 'feature' was added in 3.13.1.
* A hidden pref has been added, 'next_on_delete'. This controls the
message selection when a message is deleted. A setting of '0'
which cause the previous, older message to be selected, a setting
of '1' will cause the next, newer message to be selected.
I looked in ~/.claws-mail/clawsrc and I see the setting called
next_on_delete. It was set to 0, so I set it to 1. It didn't make any
difference. I tried 2 and -1 with no effect. Does anyone know what to
do to get the previous behavior?
I don't see a bugzilla for this, and a search at claws-mail.org doesn't
turn up anything.
Thanks,
Stan
8 years, 1 month
nvidia-304xx broken with new kernel
by David A. De Graaf
The latest two kernels and the nvidia-304xx module are incompatible.
That is, the nvidia.ko module built by akmod-nvidia-304xx won't load.
That means that my three machines with older nvidia video cards (one
built into the mobo) are stuck running the old
> kernel-4.2.8-300.fc23.x86_64
kernel-4.3.3-300.fc23.x86_64
kernel-4.3.3-301.fc23.x86_64
In the past, incompatibilities were resolved in about a week.
This time, it's nearly a month. No new package of akmod-nvidia-304xx
or kmod-nvidia-304xx has shown up at the
rpmfusion-nonfree-updates[-testing] repo.
The akmod-nvidia-340xx module on another machine that needs it runs fine.
Does anyone have a clue when this older version of the nvidia module
might be fixed?
Here are the error messages with the newer kernel:
Console error message when trying to run 'startxfce':
(==) Using system config directory "/usr/share/X11/xorg.conf.d"
modprobe: ERROR: could not insert 'nvidia': Unknown symbol in module,
or unknown parameter (see dmesg)
>From dmesg:
...
[ 12.563315] nvidia: module license 'NVIDIA' taints kernel.
[ 12.563325] Disabling lock debugging due to kernel taint
[ 12.573867] nvidia: Unknown symbol mtrr_del (err 0)
[ 12.573977] nvidia: Unknown symbol mtrr_add (err 0)
...
[ 31.162308] nvidia: Unknown symbol mtrr_del (err 0)
[ 31.162397] nvidia: Unknown symbol mtrr_add (err 0)
...
[ 81.656643] nvidia: Unknown symbol mtrr_del (err 0)
[ 81.656736] nvidia: Unknown symbol mtrr_add (err 0)
--
David A. De Graaf DATIX, Inc. Hendersonville, NC
dad(a)datix.us www.datix.us
It has been said that politics is the second oldest profession.
I have learned that it bears a striking resemblance to the first.
- Ronald Reagan
8 years, 1 month
RE: iptables -
by J.Witvliet@mindef.nl
Hi Bob,
As many said before, due to the lack of info, will result in only partly helpful replies.....
1) Decent firewall's have all policies firmly to "DROP" (instead of the default "ACCEPT")
2) Assuming eth0 is your lan-device, (connected to 192.168.1.255/24)
3) Assuming eth1 is connected to your internet modem
4) before (!) allowing other traffic outside insert
iptables -t filter -A FORWARD -i eth0 -o eth1 --source 192.168.1.17 -j DROP
iptables -t filter -A FORWARD -I eth1 -o eth1 --destination 192.168.1.17 -j DROP
5) next allow other traffic to go outside
Input- and output-chains are only for traffic originating from the box, or having the final destination on the box.
Traffic passing through is handled by the FORWARD-rule.
As I indicated in my top-line, this is very crude, iptables allows making self-defined sub-chains, and many other nice tricks, like timebased rules and so on....
-----Original Message-----
From: users-bounces(a)lists.fedoraproject.org [mailto:users-bounces@lists.fedoraproject.org] On Behalf Of Mike Wright
Sent: maandag 8 februari 2016 23:25
To: Community support for Fedora users
Subject: Re: iptables -
On 02/08/2016 02:10 PM, Bob Goodwin wrote:
>
> Can someone give me an example [for my router] of the iptables code
> needed to prevent 192.168.1.17 from connecting to the internet while
> keeping normal LAN access?
Hi Bob,
Decided lack of info to go on but this will accomplish that.
If you just want the internet to be "non-existent" WRT 192.168.1.17 the easiest way is to DROP all traffic between them.
Let eth0 be the internet connected network card.
iptables -t filter -A INPUT -i eth0 -d 192.168.1.17 -j DROP
iptables -t filter -A OUTPUT -o eth0 -s 192.168.1.17 -j DROP
--
users mailing list
users(a)lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
______________________________________________________________________
Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het electronisch verzenden van berichten.
This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
8 years, 1 month
Sharing files between host and guest under KVM
by Patrick O'Callaghan
I've been using VirtualBox for several years with generally good
results, but decided to try KVM as an alternative. I've converted a
Windows VM from VBox to KVM format and it works well enough for my
needs (it may even be faster), except that I can't see how to share
files between the VM and my Fedora host.
Clearly this could be done using Samba or NFS. Is there an easier way?
In VBox it's all point-and-click so some guidance would be appreciated.
poc
8 years, 1 month
iptables -
by Bob Goodwin
Can someone give me an example [for my
router] of the iptables code needed to
prevent 192.168.1.17 from connecting to
the internet while keeping normal LAN
access?
Bob
--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10 FEDORA-23/64bit LINUX XFCE POP3
8 years, 1 month
Unable to report this bug
by JD
Extracted from dmesg:
[17387.252024] i915 crct10dif_pclmul crc32_pclmul crc32c_intel
sdhci_pci e1000e sdhci firewire_ohci serio_raw mmc_core firewire_core
ata_generic pata_acpi i2c_algo_bit drm_kms_helper yenta_socket crc_itu_t
drm ptp pps_core wmi fjes video uas usb_storage sunrpc ecryptfs
encrypted_keys trusted tpm
[17387.263388] CPU: 1 PID: 18651 Comm: systemd Not tainted
4.3.4-200.fc22.x86_64 #1
[17387.267261] Hardware name: Dell Inc. Latitude E6510/XXXXXX, BIOS A06
11/20/2010
[17387.271159] task: ffff8800d317b980 ti: ffff88020e72c000 task.ti:
ffff88020e72c000
[17387.275059] RIP: 0010:[<ffffffff813c3299>] [<ffffffff813c3299>]
__list_del_entry+0x29/0xc0
[17387.278964] RSP: 0018:ffff88020e72fdd8 EFLAGS: 00010207
[17387.282836] RAX: ffff8800d6aa5078 RBX: ffff8800d6aa5078 RCX:
dead000000000200
[17387.286713] RDX: 0000000000000000 RSI: ffffffff81c6ba30 RDI:
ffff8800d6aa5078
[17387.290612] RBP: ffff88020e72fdd8 R08: 0000000000000000 R09:
0000000056b8e53b
[17387.294507] R10: 0000000005e5d045 R11: 0000000000000202 R12:
ffffffff81c6ba30
[17387.298411] R13: ffffffff81c6ba48 R14: 0000000000000000 R15:
0000000000000000
[17387.302283] FS: 00007fa9229ac8c0(0000) GS:ffff88021fc40000(0000)
knlGS:0000000000000000
[17387.306160] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[17387.310032] CR2: 0000000000000000 CR3: 000000020eab3000 CR4:
00000000000006e0
[17387.313952] Stack:
[17387.317790] ffff88020e72fe00 ffffffff8124c42a 0000000000000000
ffffffff81c6ba30
[17387.321754] ffff8800d6aa4f88 ffff88020e72fe38 ffffffff81250a7f
ffff8800d6aa4f88
[17387.325719] 0000000000000000 ffff8800d6aa4f88 ffff88020c1dce10
ffff8800d6aa5030
[17387.329654] Call Trace:
[17387.333536] [<ffffffff8124c42a>] inode_io_list_move_locked+0x2a/0x70
[17387.337464] [<ffffffff81250a7f>] __mark_inode_dirty+0x26f/0x2f0
[17387.341365] [<ffffffff8123deb7>] generic_update_time+0x77/0xc0
[17387.345239] [<ffffffff8123f718>] touch_atime+0xa8/0xd0
[17387.349112] [<ffffffff81236f1b>] iterate_dir+0xdb/0x120
[17387.352940] [<ffffffff81237376>] SyS_getdents+0x96/0x110
[17387.356781] [<ffffffff81237030>] ? fillonedir+0xd0/0xd0
[17387.360561] [<ffffffff8178182e>] entry_SYSCALL_64_fastpath+0x12/0x71
[17387.364332] Code: 66 90 55 48 8b 07 48 b9 00 01 00 00 00 00 ad de 48
8b 57 08 48 89 e5 48 39 c8 74 29 48 b9 00 02 00 00 00 00 ad de 48 39 ca
74 3a <4c> 8b 02 4c 39 c7 75 52 4c 8b 40 08 4c 39 c7 75 66 48 89 50 08
[17387.372750] RIP [<ffffffff813c3299>] __list_del_entry+0x29/0xc0
[17387.376884] RSP <ffff88020e72fdd8>
[17387.380946] CR2: 0000000000000000
[17387.400886] ---[ end trace b3d70deef64d55d9 ]---
8 years, 1 month
Video Capture software
by Max Pyziur
Greetings,
I saw these video capture devices advertised for converting old VHS tapes;
one end plugs into a vcr; the other into the computer via USB.
A long time ago, xawtv was one of the software packages to use. Is this
still the case, or has something else come along?
Thank you.
Max Pyziur
pyz(a)brama.com
8 years, 1 month