Nothing is logged about the refused connection in maillog.txt (I checked) 
because the port is not in use. I'm doing watch -n 1 netstat -tulpn | grep 
225 to monitor for that port and the output remains empty. Searching for 
port 125 nicely shows the Postfix process though.

Yes, the user must be allowed to use the lower ports. So I tried with port 
2250, which should work for any user. Unfortunately this produced the same 
results. Running the script as root, same thing.

I'm out of ideas. It's no great problem because port 25 works just fine, 
it's just that I'd like to understand the fault in my reasoning.

Of the five steps I described earlier, would you please point out to me 
which one is erroneous? I hope I'm not taking too much of your time but if 
I am perhaps someone else on this mailing list would like to share their 
thoughts.

Thanks!

Martin



From:   Thomas Eckardt <thomas.ecka...@thockar.com>
To:     For Users of ASSP <assp-user@lists.sourceforge.net>
Date:   22-09-2016 13:06
Subject:        Re: [Assp-user] Function of relayPort



>If my logic is flawed the question is: what am I doing wrong?

The maillog.txt at startup will show the reason.

- the user must be allowed to use lower ports
- the IP:port must be unused - if only the port is defined, the port must 
be unused at all IP's

Thomas



Von:    m.huij...@evergreen-shipping.nl
An:     For Users of ASSP <assp-user@lists.sourceforge.net>
Datum:  22.09.2016 12:35
Betreff:        Re: [Assp-user] Function of relayPort



I understand. That's why I use Postfix as a mailserver on my ASSP box. 
Postfix does SMTP on port 125, which is also the value of smtpDestination. 


So: if relayPort has a value that means relayHost must also have a value, 
and if it hasn't it will use smtpDestination. Which should use Postfix 
local relative to ASSP.

So in the logical sense this means:

[ physical server 1: Domino mail server ] --> [ physical server 2: ASSP 
(port 225) --> Postfix ] --> internet

As I understand it, ASSP's logic goes like this:
1. Mail is sent from the mail server (in this test setup a Postfix server, 


but in my production setup a bunch of Domino servers) to the ASSP machine 
on port 225.
2. ASSP receives the mail, does whitelist additions if so instructed, and 
passes it on to Postfix on to relayHost.
3. relayHost is blank so it looks to smtpDestination for further 
instructions.
4. smtpDestination is set to value 125, which means "use the address on 
which the connection was received with port 125". This is Postfix on that 
same machine.
5. Postfix sends out the mail to the internet, what with it being a mail 
server and all.

At step #2 this process ends. ASSP does not receive the mail and the 
sending mail server logs this message: connect to [192.168.1.2]:225: 
Connection refused.

If the above logic (the five steps) is correct then the question is: why 
is ASSP not listening on port 225 as instructed?
If my logic is flawed the question is: what am I doing wrong?

Thank you for your time!

Martin




From:   Thomas Eckardt <thomas.ecka...@thockar.com>
To:     For Users of ASSP <assp-user@lists.sourceforge.net>
Date:   22-09-2016 12:03
Subject:        Re: [Assp-user] Function of relayPort



ASSP is a PROXY not a mail server. It requires SMTP mail servers at both 
communication (in and out) ends.

Thomas





Von:    m.huij...@evergreen-shipping.nl
An:     For Users of ASSP <assp-user@lists.sourceforge.net>
Datum:  22.09.2016 11:48
Betreff:        Re: [Assp-user] Function of relayPort



Hi Thomas,

Thanks for your response.  We send out mail directly to the internet, not 
through a relay server at out ISP's.

In our case: Domino mail server -> ASSP (relayPort 225) -> internet

I would like to be able to use relayPort without setting up relaying to an 




upstream server. Is that possible with the current version of ASSP?

Martin



From:   Thomas Eckardt <thomas.ecka...@thockar.com>
To:     For Users of ASSP <assp-user@lists.sourceforge.net>
Date:   22-09-2016 10:50
Subject:        Re: [Assp-user] Function of relayPort



>"Normally", a server on the lan that needs to be able to relay mail to 
the 
>internet would be placed in acceptAllMail.

No, the usage of the relayPort and relayHost is recommended.

incoming:

internet -> ASSP(25) -> domain based mail router (may be not required) -> 
domino

outgoing:

domino -> domain based mail router (may be not required) -> ASSP(225 - 
relayPort) -> ISP or your own mail relay (relayHost) -> internet

Thomas



Von:    m.huij...@evergreen-shipping.nl
An:     assp-user@lists.sourceforge.net
Datum:  22.09.2016 09:53
Betreff:        [Assp-user] Function of relayPort



Hi,

I have a question about the function of the relayPort variable. I 
apologize for the long text ;)

I'm running a test setup using two servers, both running Debian 8.6 and 
Postfix. One is the 'end user' mail server (192.168.1.3), the other 
Postfix + ASSP (192.168.1.2).

"Normally", a server on the lan that needs to be able to relay mail to the 






internet would be placed in acceptAllMail. By default ASSP listens on port 






25 for mail from the lan to the internet (Postfix runs on port 125 on the 
ASSP machine). So in my end user mail server I have "relayhost = 
192.168.1.2" and that works fine: if I send out a mail I see it passing 
through ASSP (not running as a daemon but showing everything in the 
console). So far so good.

On my production server however I have relayPort set to 225 and my IBM 
Domino mailservers use *that* port to relay outgoing mail through ASSP. 
The production ASSP server also runs Postfix on port 225.

Now as I understood it, relayPort is meant to be an extra port, sort of 
like security through obscurity, that allows you to relay outgoing mail on 






a non-standard port. The fact that this is working in my production 
environment corroberates that.

Now, if I set relayPort to 225 in my test setup and put 192.168.1.3 (the 
'end user' mail server) in allowRelayCon (it is also still in 
acceptAllMail) and on my mail server change relayhost to 192.168.1.2:225 
(and reload or even restart Postfix) then mail is not relayed by ASSP. It 
leaves the mail server but it doesn't get picked up by ASSP. Restarting 
ASSP or rebooting the ASSP server does not change this. If I do netstat 
-tulpn | grep 225 on the server I can see that port 225 is not open. 
(Interestingly it also seems not to be open on my production ASSP machine 
while I'm pretty sure that *does* work.) If I change things back the mail 
gets delivered.

Here comes the part where it gets confusing: when changing the relayPort 
value, a green line underneath the value box is shown reading: "relayHost 
() and relayPort (225) must be defined to enable relaying". Aha. 
relayHost, if I am not mistaken, has to do with mailservers upstream from 
ASSP: your isp's relay server. Suddenly we go from relaying mail 
internally to relaying mail to an outside server. We go from within the 
lan to outside.

My question here is: why do I need to set up relaying to a server at my 
isp's (which they haven't) when I all I want to do is set up relaying from 






my 'end user' mail server to my ASSP box? Those have got nothing to do 
with each other.

Thank you in advance for any enlightenment you can bring me on this 
subject!

Have a great day :)

Martin
------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user




DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally 
privileged and protected in law and are intended solely for the use of the 






individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no 
known virus in this email!
*******************************************************

------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user




DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally 
privileged and protected in law and are intended solely for the use of the 




individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no 
known virus in this email!
*******************************************************

------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user




DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally 
privileged and protected in law and are intended solely for the use of the 


individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no 
known virus in this email!
*******************************************************

------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

------------------------------------------------------------------------------
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user

Reply via email to