[afnog] Fetchmail/Exim Problem - saga continues!

Julius Kidubuka juki at one2net.co.ug
Fri May 20 15:52:28 EAT 2005 

> Sounds to me like you are still running a sendmail daemon.

I have disabled all the sendmail processes running on the box.

> Try 'telnet x.x.x.x 25' and show us what banner you receive.
>
> From here, it looks totally broken:
>
> $ telnet 62.73.190.76 25
> Trying 62.73.190.76...
> Connected to www.kulika.org.
> Escape character is '^]'.
> 572 Relay not authorized
> Connection closed by foreign host.

>From the very gateway box running the fetchmail script (plus exim-mysql,
courier-imap, mysql et al..), I got the following;

kulika# telnet 62.73.190.76 25
Trying 62.73.190.76...
Connected to www.kulika.org.
Escape character is '^]'.
220 mail21a.london21-verio.com SMTP RS ver 1.0.95vs
503 I'm gonna have to ask you to say HELO first
HELO
250 mail21a.london21-verio.com Hello www.kulika.org [62.73.190.76], I'm
listening
mail from: uganda at kulika.org
250 uganda at kulika.org... Sender ok
rcpt to: juki at one2net.co.ug
250 juki at one2net.co.ug... Recipient ok
data
354 enter mail, end with '.' on a line by itself
Subject: Test Message
Just testing, please do not respond.
.
250 2-0263222267 Message accepted for delivery
quit
Connection closed by foreign host.


> That's definitely not Exim.

I don't know whether the 'parent mailserver' (mailserver from which this
gateway is popping mail) is running exim too.

> The command 'sockstat -4l' will show you the name of the daemon which is
> listening on port 25, and its process ID.

kulika# sockstat -4l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
root     perl     24130    5 tcp4   127.0.0.1:783         *:*
root     perl     24129    5 tcp4   127.0.0.1:783         *:*
root     perl     24128    5 tcp4   127.0.0.1:783         *:*
root     perl     24127    5 tcp4   127.0.0.1:783         *:*
root     perl     24126    5 tcp4   127.0.0.1:783         *:*
root     perl     24122    5 tcp4   127.0.0.1:783         *:*
mysql    mysqld     252    5 tcp4   *:3306                *:*
mailnull exim-4.5   213    4 tcp4   *:25                  *:*
root     couriert   204    5 tcp4   *:110                 *:*
root     couriert   188    5 tcp4   *:143                 *:*
www      httpd      150   17 tcp4   *:443                 *:*
www      httpd      150   18 tcp4   *:80                  *:*


>From this, I see that it's only exim listening on port 25 and none other...

It's still intriguing though...

"Get rich or die trying!"

More information about the afnog mailing list