[SOLVED] Telnet Issue
[SOLVED] Telnet Issue
Hi I am in the process of setting up a mail server I have setup DNS and postfix I am trying to test the secure components using telnet I have installed and enabled the telnet server however when I run the following I get
[root@svr ~]# telnet mail.paddyscomputerservices.co.nz 25
Trying 192.168.1.20...
telnet: connect to address 192.168.1.20: Connection refused
I have the inet_interfaces = all command enabled and
mynetworks = 192.168.1.20/24, 127.0.0.0/8
I have run:
nmap localhost
Starting Nmap 5.51 ( http://nmap.org ) at 2012-08-27 21:32 NZST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000060s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
53/tcp open domain
10000/tcp open snet-sensor-mgmt
nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
as you can see all ports are open
[root@svr ~]# telnet mail.paddyscomputerservices.co.nz 25
Trying 192.168.1.20...
telnet: connect to address 192.168.1.20: Connection refused
I have the inet_interfaces = all command enabled and
mynetworks = 192.168.1.20/24, 127.0.0.0/8
I have run:
nmap localhost
Starting Nmap 5.51 ( http://nmap.org ) at 2012-08-27 21:32 NZST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000060s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
53/tcp open domain
10000/tcp open snet-sensor-mgmt
nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
as you can see all ports are open
[SOLVED] Telnet Issue
The telnet command you issue is connecting to the IP address (192.168.1.20) of your host, while the nmap command uses localhost (127.0.0.1).
Some more information is needed.
The output of the following commands come to mind:
iptables-save
netstat -nlp
and maybe the relevant parts ofthe postfix configuration (those not starting with #)
Some more information is needed.
The output of the following commands come to mind:
iptables-save
netstat -nlp
and maybe the relevant parts ofthe postfix configuration (those not starting with #)
Re: Telnet Issue
Below is the output of netstat -nlp
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LIST EN 1590/perl
tcp 0 0 127.0.0.1:53 0.0.0.0:* LIST EN 1243/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LIST EN 1430/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LIST EN 1527/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LIST EN 1243/named
tcp 0 0 ::1:53 :::* LIST EN 1243/named
tcp 0 0 :::22 :::* LIST EN 1430/sshd
tcp 0 0 :::23 :::* LIST EN 1438/xinetd
tcp 0 0 ::1:25 :::* LIST EN 1527/master
tcp 0 0 ::1:953 :::* LIST EN 1243/named
udp 0 0 0.0.0.0:10000 0.0.0.0:* 1590/perl
udp 0 0 127.0.0.1:53 0.0.0.0:* 1243/named
udp 0 0 ::1:53 :::* 1243/named
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Pat h
unix 2 [ ACC ] STREAM LISTENING 12324 1369/hald @/v ar/run/hald/dbus-v1FsZZCqdJ
unix 2 [ ACC ] STREAM LISTENING 8895 1/init @/c om/ubuntu/upstart
unix 2 [ ACC ] STREAM LISTENING 12202 1335/dbus-daemon /va r/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12959 1527/master pub lic/cleanup
unix 2 [ ACC ] STREAM LISTENING 12966 1527/master pri vate/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 12970 1527/master pri vate/rewrite
unix 2 [ ACC ] STREAM LISTENING 12974 1527/master pri vate/bounce
unix 2 [ ACC ] STREAM LISTENING 12978 1527/master pri vate/defer
unix 2 [ ACC ] STREAM LISTENING 13118 1551/abrtd /va r/run/abrt/abrt.socket
unix 2 [ ACC ] STREAM LISTENING 12982 1527/master pri vate/trace
unix 2 [ ACC ] STREAM LISTENING 12986 1527/master pri vate/verify
unix 2 [ ACC ] STREAM LISTENING 12991 1527/master pub lic/flush
unix 2 [ ACC ] STREAM LISTENING 12995 1527/master pri vate/proxymap
unix 2 [ ACC ] STREAM LISTENING 12999 1527/master pri vate/proxywrite
unix 2 [ ACC ] STREAM LISTENING 13003 1527/master pri vate/smtp
unix 2 [ ACC ] STREAM LISTENING 13007 1527/master pri vate/relay
unix 2 [ ACC ] STREAM LISTENING 13011 1527/master pub lic/showq
unix 2 [ ACC ] STREAM LISTENING 13015 1527/master pri vate/error
unix 2 [ ACC ] STREAM LISTENING 13019 1527/master pri vate/retry
unix 2 [ ACC ] STREAM LISTENING 13023 1527/master pri vate/discard
unix 2 [ ACC ] STREAM LISTENING 13027 1527/master pri vate/local
unix 2 [ ACC ] STREAM LISTENING 13031 1527/master pri vate/virtual
unix 2 [ ACC ] STREAM LISTENING 13035 1527/master pri vate/lmtp
unix 2 [ ACC ] STREAM LISTENING 13039 1527/master pri vate/anvil
unix 2 [ ACC ] STREAM LISTENING 13043 1527/master pri vate/scache
unix 2 [ ACC ] STREAM LISTENING 12281 1360/acpid /va r/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 12742 1446/saslauthd /va r/run/saslauthd/mux
unix 2 [ ACC ] STREAM LISTENING 12317 1369/hald @/v ar/run/hald/dbus-Kb0d90E0Yy
[root@svr ~]#
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LIST EN 1590/perl
tcp 0 0 127.0.0.1:53 0.0.0.0:* LIST EN 1243/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LIST EN 1430/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LIST EN 1527/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LIST EN 1243/named
tcp 0 0 ::1:53 :::* LIST EN 1243/named
tcp 0 0 :::22 :::* LIST EN 1430/sshd
tcp 0 0 :::23 :::* LIST EN 1438/xinetd
tcp 0 0 ::1:25 :::* LIST EN 1527/master
tcp 0 0 ::1:953 :::* LIST EN 1243/named
udp 0 0 0.0.0.0:10000 0.0.0.0:* 1590/perl
udp 0 0 127.0.0.1:53 0.0.0.0:* 1243/named
udp 0 0 ::1:53 :::* 1243/named
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Pat h
unix 2 [ ACC ] STREAM LISTENING 12324 1369/hald @/v ar/run/hald/dbus-v1FsZZCqdJ
unix 2 [ ACC ] STREAM LISTENING 8895 1/init @/c om/ubuntu/upstart
unix 2 [ ACC ] STREAM LISTENING 12202 1335/dbus-daemon /va r/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 12959 1527/master pub lic/cleanup
unix 2 [ ACC ] STREAM LISTENING 12966 1527/master pri vate/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 12970 1527/master pri vate/rewrite
unix 2 [ ACC ] STREAM LISTENING 12974 1527/master pri vate/bounce
unix 2 [ ACC ] STREAM LISTENING 12978 1527/master pri vate/defer
unix 2 [ ACC ] STREAM LISTENING 13118 1551/abrtd /va r/run/abrt/abrt.socket
unix 2 [ ACC ] STREAM LISTENING 12982 1527/master pri vate/trace
unix 2 [ ACC ] STREAM LISTENING 12986 1527/master pri vate/verify
unix 2 [ ACC ] STREAM LISTENING 12991 1527/master pub lic/flush
unix 2 [ ACC ] STREAM LISTENING 12995 1527/master pri vate/proxymap
unix 2 [ ACC ] STREAM LISTENING 12999 1527/master pri vate/proxywrite
unix 2 [ ACC ] STREAM LISTENING 13003 1527/master pri vate/smtp
unix 2 [ ACC ] STREAM LISTENING 13007 1527/master pri vate/relay
unix 2 [ ACC ] STREAM LISTENING 13011 1527/master pub lic/showq
unix 2 [ ACC ] STREAM LISTENING 13015 1527/master pri vate/error
unix 2 [ ACC ] STREAM LISTENING 13019 1527/master pri vate/retry
unix 2 [ ACC ] STREAM LISTENING 13023 1527/master pri vate/discard
unix 2 [ ACC ] STREAM LISTENING 13027 1527/master pri vate/local
unix 2 [ ACC ] STREAM LISTENING 13031 1527/master pri vate/virtual
unix 2 [ ACC ] STREAM LISTENING 13035 1527/master pri vate/lmtp
unix 2 [ ACC ] STREAM LISTENING 13039 1527/master pri vate/anvil
unix 2 [ ACC ] STREAM LISTENING 13043 1527/master pri vate/scache
unix 2 [ ACC ] STREAM LISTENING 12281 1360/acpid /va r/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 12742 1446/saslauthd /va r/run/saslauthd/mux
unix 2 [ ACC ] STREAM LISTENING 12317 1369/hald @/v ar/run/hald/dbus-Kb0d90E0Yy
[root@svr ~]#
Re: Telnet Issue
Output of iptables-save
# Generated by iptables-save v1.4.7 on Tue Aug 28 19:19:00 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [29:6996]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Aug 28 19:19:00 2012
# Generated by iptables-save v1.4.7 on Tue Aug 28 19:19:00 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [29:6996]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Aug 28 19:19:00 2012
Re: Telnet Issue
Postfix config file
data_directory = /var/lib/postfix
myhostname = mail.paddyscomputerservices.co.nz
inet_interfaces = all
inet_interfaces = localhost
inet_protocols = all
ydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 192.168.1.20/24,127.0.0.0/8
home_mailbox = Maildir/
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
mailq_path = /usr/bin/mailq.postfix
sendmail_path = /usr/sbin/sendmail.postfix
debug_peer_level = 2
mailq_path = /usr/bin/mailq.postfix
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination_
smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/pki/tls/private/mail.paddyscomputerservices.co.nz.key
smtpd_tls_cert_file = /etc/pki/tls/certs/paddyscomputerservices.co.nz.cert
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
tls_random_source = dev:/dev/urandom
data_directory = /var/lib/postfix
myhostname = mail.paddyscomputerservices.co.nz
inet_interfaces = all
inet_interfaces = localhost
inet_protocols = all
ydestination = $myhostname, localhost.$mydomain, localhost
mynetworks = 192.168.1.20/24,127.0.0.0/8
home_mailbox = Maildir/
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
mailq_path = /usr/bin/mailq.postfix
sendmail_path = /usr/sbin/sendmail.postfix
debug_peer_level = 2
mailq_path = /usr/bin/mailq.postfix
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination_
smtpd_tls_security_level = may
smtpd_tls_key_file = /etc/pki/tls/private/mail.paddyscomputerservices.co.nz.key
smtpd_tls_cert_file = /etc/pki/tls/certs/paddyscomputerservices.co.nz.cert
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
tls_random_source = dev:/dev/urandom
Re: Telnet Issue
Have been able to connect to telnet however i now get
Trying 192.168.1.20...
Connected to mail.paddyscomputerservices.co.nz.
Escape character is '^]'.
I can't type any commands
Trying 192.168.1.20...
Connected to mail.paddyscomputerservices.co.nz.
Escape character is '^]'.
I can't type any commands
Re: Telnet Issue
Hi,
I could be mistaking but these two lines:
>>
tcp 0 0 127.0.0.1:25 0.0.0.0:* LIST EN 1527/master
tcp 0 0 ::1:25 :::* LIST EN 1527/master
>>
indicate postfix is only listening on loopback.
I would write the mynetworks statement like this:
>>
mynetworks = 192.168.1.0/24,127.0.0.0/8
>>
and not like
>>
mynetworks = 192.168.1.20/24,127.0.0.0/8
>>
I could be mistaking but these two lines:
>>
tcp 0 0 127.0.0.1:25 0.0.0.0:* LIST EN 1527/master
tcp 0 0 ::1:25 :::* LIST EN 1527/master
>>
indicate postfix is only listening on loopback.
I would write the mynetworks statement like this:
>>
mynetworks = 192.168.1.0/24,127.0.0.0/8
>>
and not like
>>
mynetworks = 192.168.1.20/24,127.0.0.0/8
>>
Re: [SOLVED] Telnet Issue
In https://www.centos.org/modules/newbb/viewtopic.php?topic_id=39016&forum=58 the creator of this topic mentions he solved this specific issue.
I think the post can be marked as SOLVED.
Thanks
I think the post can be marked as SOLVED.
Thanks
Re: [SOLVED] Telnet Issue
If you don't mind sharing... how did you solve this issue?paddy28 wrote:Hi I am in the process of setting up a mail server I have setup DNS and postfix I am trying to test the secure components using telnet I have installed and enabled the telnet server however when I run the following I get ....