King0770-Notes-Check-Submission-Port-587: Difference between revisions

No edit summary
No edit summary
Line 52: Line 52:


[[Category:Community Sandbox]]
[[Category:Community Sandbox]]
[[Category:MTA]
[[Category:Command Line Interface]]
[[Category:MTA]]

Revision as of 22:54, 7 October 2011

If you are interested or need to check if the MTA submission is listing, or working, here are some general guidelines.

Check to see if the port is listening:

# lsof -i :587

You should see output similar to:

COMMAND   PID USER   FD   TYPE  DEVICE SIZE NODE NAME
master  22773 root   19u  IPv4 8282200       TCP *:submission (LISTEN)

From an external machine, you can test using the cli.

openssl s_client -connect mail.domain.com:587 -starttls smtp

You should be able to test this with openssl, and confirm that AUTH is only offered under starttls:

220 mail.domain.com ESMTP Postfix
helo localhost
250 mail.domain.com
auth login                           <<=== START THE AUTH SESSION
334 VXNlcm5hbWU6
dGVzdEBvcHRpbWFtaWEuY29t             <<=== Use conversion tool to convert username to base64
334 UGFzc3dvcmQ6
dGVzdDEyMw==                         <<=== Use conversion tool to convert password to base64
235 2.7.0 Authentication successful
mail from:test@domain.com
250 2.1.0 Ok
rcpt to:user007@exampledomain.com
250 2.1.5 Ok

Couple of sites you can use to convert your address and password to base64:
http://www.webpan.com/Customers/Email/base64_conversion.htm

http://ostermiller.org/calc/encode.html

By default the submission port should be enabled. The /opt/zimbra/postfix/conf/master.cf.in should contain the following (by default):

submission inet n      -       n       -       -       smtpd
        -o smtpd_etrn_restrictions=reject
        -o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
        -o smtpd_client_restrictions=permit_sasl_authenticated,reject
        -o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%
Jump to: navigation, search