CentOS 5 :: Disable SSLv2 In Postfix?

Sep 1, 2011

I would like to disable SSLv2 in Postfix but unfortunately Google has failed to produce a suitable answer. There are numerous posts on blogs and forums and such that do not appear to actually work. For example, one such post (which has been copied about quite a bit) says to use the following main.cf directives:

smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium, high

But if I run:

$ openssl s_client -connect xxxx.xxxxxxx.xxx:25 -starttls smtp -ssl2

the command is successful and SSLv2 is still negotiated.

The Postfix documentation does not provide an example of this particular case but I don't think it would matter much if it did since I somewhat doubt that anyone other than the developers themselves fully understand how these directives actually work.

How do I disable SSLv2 in Postfix and more generally disable ciphers that are considered to be weak?

View 1 Replies


ADVERTISEMENT

Red Hat / Fedora :: Postfix, Disabling SSLv2: Not Trivial?

Aug 12, 2010

although I've been a lurker for a long time and hope the wealth of experience on LinuxForums can help me solve an issue I've been pulling my hair out for the last week.I am undergoing PCI compliancy scans and have been able to solve all the issues indicated with the exception of one: SSL Server Supports Weak Encryption Vulnerabilityport over port 25. Now before I go over the list of solutions I've tried let me post my Postfix main.cf and master.cf:

Code: main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin

[code]....

View 4 Replies View Related

Software :: Postfix, Disabling SSLv2: Not Trivial?

Aug 12, 2010

although I've been a lurker for a long time and hope the wealth of experience on LinuxQuestions can help me solve an issue I've been pulling my hair out for the last week.I am undergoing PCI compliancy scans and have been able to solve all the issues indicated with the exception of one: SSL Server Supports Weak Encryption Vulnerabilityport over port 25. Now before I go over the list of solutions I've tried let me post my Postfix main.cf and master.cf:

Code:
main.cf
queue_directory = /var/spool/postfix

[code]....

View 1 Replies View Related

CentOS 5 :: Postfix Mail Server Will Not Start Tried To Change Postfix Smtp Port?

Oct 4, 2010

so i set out to change the default smtp port the server uses because my ISP blocks port 25 and i need the email to work in outlook. this morning i could receive email, but not send it. so i did some research and thought that i needed to edit the master.cf file in /etc/postfix/ by commenting out this line: smtp inet n - n - - smtpd -oand replace it with587 inet n - n - - smtpd (587 being the port i want to use)somewhere along the lines postfix server stopped running and now i cannot get it to start.if i try using SSH it crashes immediately and if i restart it in simple control panel nothing happens

View 7 Replies View Related

CentOS 5 :: Switch From The Default Sendmail To Postfix Doing A Yum Install Postfix On 5.2

Dec 12, 2008

I have isntalled a server with Centos 5.2 OS, now I would like to switch from the default sendmail to postfix doing a yum install postfix I've noticed there is already available an rpm version for the OS but I would like to compile my own 2.5 version, I've noticed compiling from source does not allow me to use the mail switcher to tell to the system I'm gonna use Postfix instead of Sendmail as the default MTA while this is possible when I use the "official" rpm version of the package. Now my question is this, would this be a problem? There is some specific procedure/best practice I should follow? Or once compiled and configured Postfix I can safely disable/uninstall sendmail?

View 6 Replies View Related

Server :: How To Disable Postfix Logging

Jul 16, 2010

how to disable postfix logging? I can obviously set a macro to purget the logs but I am trying to reduce the IO of the logging altogether.

how to disable it?

View 1 Replies View Related

Ubuntu Servers :: Postfix Make Install - Error - Postfix: Fatal: Chdir(/usr/libexec/postfix): No Such File Or Directory

Mar 11, 2010

Here is what i do: make clean make makefiles CCARGS='-DEF_CONFIG_DIR="/opt/product/postfix-2.6.5/etc"

-DEF_COMMAND_DIR="/opt/product/postfix-2.6.5"
-DEF_DAEMON_DIR="/opt/product/postfix-2.6.5/libexec"
-DEF_MAILQ_PATH="/opt/product/postfix-2.6.5/bin/mailq"
-DEF_DATA_DIR="/opt/product/postfix-2.6.5/lib"
-DEF_NEWALIAS_DIR="/opt/product/postfix-2.6.5/bin/newaliases"
[Code]...

make install then i got this error: postfix: fatal: chdir(/usr/libexec/postfix): No such file or directory make: *** [install] Error 1 I don't understand why it's checking the usr/libexec folder for the daemons although I've set the folder to /opt/product/postfix-2.6.5/libexec in the makefile. Here is also the cat of my makedefs.out:

[Code]....

View 1 Replies View Related

CentOS 5 :: Postfix Keeps Shutting Down?

Jul 13, 2010

I installed postfix and configured it but for some reason it keeps shutting down right after startup. Here is what happens,

[root@server /]# /etc/init.d/postfix restart
Shutting down postfix: [FAILED]
Starting postfix: [ OK ]

[code]....

View 8 Replies View Related

CentOS 5 Server :: Add Disclaimer To Postfix?

Dec 22, 2009

I have a webserver that I run myself utilizing CentOS 5.3. I added a postfix server just to send outgoing mail to people who are part of my webpage. I do not do any email exchange so I can actually receive email on the server, only send (if someone can help me out with that I'm willing to listen).Basically I want to add a disclaimer to the bottom of every email that gets sent out, no matter who sends the email, stating the the email is sent from an unmonitored email account so don't reply to the email. I followed the steps listed here [URL].. even though it was for Fedora 8 it seemed to do what I needed it to do. For some reason no matter who I send email with the disclaimer does not show up. I am doing masquerading so when the email gets send it shows it comes from my domain, not localhost.localdomain because most webservers block it assuming it is spam mail.

View 2 Replies View Related

CentOS 5 :: Can't Install Postfix Or Qmail?

Dec 27, 2009

What is wrong with my yum :(Sendmail refuses to start ( doesnt give an error ) just doesnt start.Anyway, so i want to use postfix or qmail, but yum doesnt have them in.?

Any ideas how i can get postfix installed? Im getting soo tired of yum not actually having anything useful in it. [root@status1 ~]# cat /etc/redhat-release CentOS release 5.4 (Final)

View 1 Replies View Related

CentOS 5 :: Postfix With Purchased SSL Certificate

Aug 2, 2010

I bought an SSL certificate that I am using for my whole website and would like to use that for postfix as well. I created my own as a test and it worked fine, but I want to use the one I bought because that is trusted, more secure, and the user doesn't get an untrusted popup every time they check their mail through outlook.

The problem is that I don't have a defined "key". I have two files, they are two certificate files. One is the website certificate and the other is a bundle certificate. I tried setting bundle as the key and the actual website cert as the certificate but that did not work. Can I do this? Is their a different type of cert I need to buy for this? What do I need to make "smtpd_tls_key_file" and "smtpd_tls_cert_file"?

My two files are, "sf_bundle.crt", and "website.com.crt".

View 6 Replies View Related

CentOS 5 :: Getting Response From Port 25, Postfix?

Sep 13, 2010

I am new to Linux, moreso to CentOS, but I can definitely follow walk-throughs and tutorials easily enough.
I am installing a webserver for our small business and decided to go the postfix/dovecot route.

I installed everything based on the walkthrough on linuxmailcom and eve put squirrelmail on top, so users can access via webmail. I am able to send mail just fine, users/folders are setup and working as they should for sending, but I am unable to receive any mail. MX records have been updated to direct mail @mydomain to this mailserver machine. The problem I am having is with port 25... If I do 'telnet x.x.x.x 25' I get no response, just a timeout then back to command prompt. My other ports are fine, and I get the banner for each 110, 143, etc... all ports but 25 work internally and externally, forwarded.

I tried turning off firewall rules, and still, nothing from port 25. Should I try to have postfix listen on another port by editing its' master.cf, or is this is problem with my centOS/Linux instead. I didn't know where to go with this, so I thought the best place to start was here.

View 2 Replies View Related

Server :: How To Back Up RedHat4 Postfix To Centos 5.4

Feb 25, 2010

I was having before Redhat mail server which using postfix mail there is some problem of this mail server i need to format and to set up again new mail server in Centos 5.4.how to back up postfix mail server and to restore into Centos 5.4?[/B]

View 1 Replies View Related

Software :: CentOS Postfix Emails As Root Only

Feb 25, 2010

I have a CentOS 5.3 system running a recently installed Postfix (I removed sendmail so I positively know it's running Postfix).

I am able to send out email as user root, but when I change to another user on the same server, the mail delivery fails.

Here's what's captured in the /var/log/maillog:

Here's my main.cf

No changes to other Postfix files since install, so they are the default files.

View 1 Replies View Related

CentOS 5 Server :: Getting SASL+Postfix To Authenticate?

Feb 19, 2009

I'm trying to expand my Courier+MySQL+Postfix+PostfixAdmin server to use SASL logins on Postfix so I can relay on my server. After following several guides I still can't get it to work: Postfix logs show the user transcript and end with "Authentication failure" but it does not tell me what told it that the login failed. The messages log show this:

Feb 19 22:48:55 sportlaan-server saslauthd[7254]: do_auth : auth failure: [user=berend] [service=smtp] [realm=mydomain.com] [mech=pam] [reason=PAM auth error] Which I don't get because I don't think it should be using PAM... I think...

The setup is similar to this one: http://www.howtoforge.org/virtual_users_postfix_courier_mailscanner_clamav_centos_p6
My SASL config has this in it:
/usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
log_level: 3
authdaemond_path: /var/spool/authdaemon/socket
mech_list: plain login

View 2 Replies View Related

CentOS 5 Server :: Postfix With Mail Store On NFS?

Jul 15, 2009

I tried to setup a Postfix system as VM Guest, in a single file image. So I want to store the mails on another hosts throught NFS mount. I got various errors when Postfix try to write to the NFS share. Anyone knows what's the correct setup for this? like file permission on the NFS?

View 1 Replies View Related

CentOS 5 :: Postfix Not Sending Email To Right Server?

Jul 23, 2009

I have postfix sort of working correctly. postfix can send email to the internet but it doesn't want to send email to my local exchange server. What I need is for postfix to send emails directed to @xyz.com to my exchange server instead of itself.

My setup
mail.xyz.com - exchange 2003 server
www.xyz.com - centos 5.3 server with postfix

www.xyz.com can send emails to my hotmail.com account so that part works correctly. www.xyz.com can't send email to username@xyz.com. postfix seems to be delivering the email to itself and not the exchange server.

How can I tell postfix to send the @xyz.com emails to my exchange server?

Here is a sample of my /var/log/maillog
Jul 22 15:43:43 list postfix/smtpd[9802]: D63168604A3: client=localhost.localdomain[127.0.0.1]
Jul 22 15:43:53 list postfix/cleanup[9805]: D63168604A3: message-id=<20090722204343.D63168604A3@www.xyz.com>

[Code].....

View 3 Replies View Related

CentOS 5 :: Postfix - SELinux Is Preventing Postdrop

Feb 3, 2010

I am running Postfix on my CentOS (latest) powered box with SELinux at Enforcing mode.

This is what I get each time Postfix tries to send e-mail:

Quote:SELinux is preventing postdrop (postfix_postdrop_t) "write" to pipe (initrc_t).

View 4 Replies View Related

CentOS 5 Server :: Postfix Routing To The WinWebMail?

Jun 7, 2010

Our company is an education training and there are 2 mail servers by used.One is postfix in CentOS,other is WinWebMail in windows2003.

Postfix server has 1 public IP and 1 private IP(192.168.1.224),but WinWebMail only has 1 private IP(192.168.1.253).Bcuz we'll broadcost news of training to students and ourselves,but postfix is cannot do that automaticlly,I guess that that is 2 server are the same domain name in DNS server[URL].The question is Postfix can send all mail but [URL].now I wanna try to used postfix have a routing to WinWebMail server,I mean I add a countant in WinWebMail server,if we wanna send some news to everyone in [URL].The postfix will be tranfor to WinWebMail server,and the WinWebMail broadcost to all of [URL] but now other domain name. how to do that in Postfix server?

View 1 Replies View Related

CentOS 5 :: Setup Spamassassin With Postfix And Procmail?

Nov 17, 2010

I have Centos 5.5 and using Postfix, procmail and Dovecot for sending and receiving emails. I have spamassassin installed too but not configured. I am getting lots of spams. I googled a lot to find if there is any configuration but I couldn't find.how to setup spamassassin to filter emails for spams.

View 1 Replies View Related

CentOS 5 Server :: Dovecot Postfix POP Not Responding?

Jan 2, 2011

I am running CentOS 5.2 on a server here in my home. It runs Dovecot and Postfix and also serves as a website host for a small website of mine. Everything works fine. POP, SMTP, Webmail, WWW, all works great and has for ages.Here's the issue. I recently reinstalled a clean copy of Windows 7 on a workstation in my home onto a new harddrive(I still have the old drive int he machine so I can boot to it as well). I setup the Windows Live Mail client to send/receive mail with my mail/web server. However, it won't connect to the POP server on my server machine.Here's the kicker. If I boot to the old harddrive that is running Windows 7, it connects fine to my mailserver and can send/receive just fine. I've checked, rechecked and rechecked and all mail settings on the mail clients on both drives are identical.

Note: The installations of Windows 7 on both drives is identical. Same computer name/ same credentials, same IP, etc. However, as I stated, I can send/receive email with my server if I boot to my old drive, but if I boot to my new drive, I cannot send/receive.

View 2 Replies View Related

CentOS 5 Server :: Postfix Random Delivery ?

Apr 13, 2011

I configured a Postfix Server to relay the messages to an Exchange Server. To keep it simple I configured all my users locally and I setup local .forward files in their home folders, specifying their local Exchange address.

Everything seemed to work fine (for years now), until I upgraded postfix in October, 23rd 2010.

Alas, lately I noticed that, since then, even if I just realized it now, sometimes the server seems not to use the .forward file and tries to use the local delivery using cyrus, which does not find a local mail folder (obviously, since I never created them as I didn�t want to) and replies to the sender with a "550-Mailbox unknown" error. Today I enabled the "-v" mode for "local" in master.cf the debugging the problem a bit better, to see what's the problem.

If I was sure about the problem being the postfix version (2.3.3, which is way too old now!), I'd give it a try and substitute it with the latest 2.8.2 (even if the server is a production server and is almost untouchable).

Following the error and my main.cf and master.cf setup files:

View 10 Replies View Related

CentOS 5 Server :: How To Send Email Outside LAN Using Postfix

Jun 2, 2011

How can I send email outside my LAN using postfix? Actually, I can received email from outside like yahoo. hotmail etc.. But when I am trying to send outside in my mail server here is the error I got..

Jun 2 21:19:51 microtontech postfix/smtp[4434]: connect to k.mx.mail.yahoo.com[98.139.54.60]: Connection timed out (port 25)
Jun 2 21:20:10 microtontech postfix/smtp[4435]: connect to

[code]....

I try to telnet yahoo.com and smtp.pldtdsl.net 25 here are the result, but when I try to telnet smtp.pldtdsl.net its showing trying only.. I checked if my ISP is blocking port 25 isn't. (I forgot what is the website I used to check if my ISP port 25 is block) I try already to used in my relayhost the [URL] but the email I sent still bouncing..But I remember last time when I was installed Hmailserver in my Win2K3 machine I sent email outside but I cannot received..

[code]....

View 3 Replies View Related

CentOS 5 Server :: Migration Sendmail To Postfix?

Sep 22, 2011

todo: I have now running sendmail with milters and auth, dovecot as lda configured with virtual domains / Local User, srs. on centos 5.x

I want to migrate to Postfix with:
at first step the same Local User now with Mbox and there Mails
same milter with macros for auth....
dovecot as lda

[Code]...

View 1 Replies View Related

Server :: Setup Reverse Dns Check In Postfix ( CENTOS 5 )?

Nov 4, 2009

How can I setup "reverse dns check" option in Postfix ?

View 1 Replies View Related

Software :: Setup Postfix As Null Client (CentOS)?

Apr 12, 2010

I setup postfix as a null client on my VPS to send only automated, outbound emails. I also have Google App mail for the domain (for sending receiving personalized emails), however, I receive the following in Gmail for emails sent by from Postfix. The destination email address are correct (tried a few of my personal email addresses). I once got Postfix to work, but no longer the case.

host ASPMX.L.GOOGLE.com[209.85.223.16] said:
550-5.1.1 The email account that you tried to reach does not exist. Please
try 550-5.1.1 double-checking the recipient's email address for typos or

[code]....

View 3 Replies View Related

CentOS 5 Server :: Error In Installation Of Postfix In Centos5.2?

Mar 13, 2009

I am facing problem in postfix. I am using centos5.2.My postfix was running well but some strange problem it failed today.after that I wanted to restart postfix service , it does not restrat. But the postfix process is found in the process list( take memory and cpu ). Then i want to reinstall the postfix.The progress bar show it completed but not showing the completed message. I wait long time for the completion message but not display it and not return to command promt.When I cancel the command( ctrl+c) then the following error message is displayed:error: %post(postfix-2.3.3-2.1.el5_2.x86_64) scriptlet failed, signal 2For your information this is the process of installation:

yum install postfix
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile

[code]....

View 1 Replies View Related

CentOS 5 Server :: Postfix No Longer Sending Mail?

Jan 7, 2010

One of my mailservers running postfix has suddenly stopped sending mail and has been generating the following errors:

Jan 7 12:03:08 postfix/sendmail[3560]: warning: premature end-of-input on /usr/sbin/postdrop -r while reading input attribute name
Jan 7 12:03:08 postfix/sendmail[3560]: fatal: root(0): unable to execute /usr/sbin/postdrop -r: Success

[Code].....

Things I have tried to fix this problem, but didn't work.

1) Stopped postfix, uninstalled and reinstalled.

2) Did a complete filesystem relabel with a touch /.autorelabel and reboot.

3) Did a restorecon -F -R on /etc/postfix, /var/spool/postfix and /usr/sbin/post*

Nothing above has worked and have no idea why with selinux disabled postfix works and with it on it fails.

View 6 Replies View Related

CentOS 5 Server :: Postfix Not Loading Config From Main.cf?

Feb 16, 2010

I'm trying to change some configurations but when I change it from the default options in main.cf, it doesn't actually update the running configuration. I've even restarted the server all together but it still doesn't update it.In main.cf, here is the configuration I've added:

bounce_template_file = /etc/postfix/bounce.cf
bounce_queue_lifetime = 4h
maximal_queue_lifetime = 4h
delay_warning_time = 1h

View 1 Replies View Related

CentOS 5 Server :: Postfix Multiple Domains One User?

Jun 2, 2010

I am currently running a apache/postfix email service on my server. I am using aliases for two addresses for example:

trscookie@serverone.com
trscookie@secondserver.com

so the emails no matter which domain receives the email trscookie always will receive the email.

However I am unable to work out how to 'reverse' this process, for example.

If i was to go to secondserver.com/webmail I would like the emails to get sent from trscookie@secondserver.com however they are currently all coming from serverone.com. Is it possible to configure this so that it is sent from the correct domain?

Here is my main.cf:

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix

[Code].....

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved