Want to subscribe to topics you're interested in?
Become a Member

Sysadmin reading server local emails

Discussion in 'System Administration' started by ahmed, Oct 30, 2017.

  1. ahmed

    ahmed Member

    223
    17
    18
    Feb 21, 2017
    Ratings:
    +23
    Local Time:
    5:50 AM
    Hello

    I have made a simple method for creating emails, which is downloading the root email file and then importing it into apple email app to read it on my Mac

    However if I need to forward it to my email, I have to open the port for that?

    I get this error on one of the emails:

    Code:
    Diagnostic-Code: X-Postfix; delivery temporarily suspended: connect to
       alt2.gmail-smtp-in.l.google.com[2404:6800:4003:c01::1b]:25: Network is
       unreachable
    
    
    best
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,634
    6,862
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,308
    Local Time:
    1:50 PM
    Nginx 1.13.x
    MariaDB 5.5
    sounds like your server doesn't have properly working IPv6 networking ?

    what do you get for ipv6 ping of the google smtp server ?
    Code (Text):
    ping6 -c4 alt2.gmail-smtp-in.l.google.com
    

    i.e.
    Code (Text):
    ping6 -c4 alt2.gmail-smtp-in.l.google.com
    
    PING alt2.gmail-smtp-in.l.google.com(sb-in-x1b.1e100.net (2404:6800:4003:c01::1b)) 56 data bytes
    64 bytes from sb-in-x1b.1e100.net (2404:6800:4003:c01::1b): icmp_seq=1 ttl=37 time=296 ms
    64 bytes from sb-in-x1b.1e100.net (2404:6800:4003:c01::1b): icmp_seq=2 ttl=37 time=296 ms
    64 bytes from sb-in-x1b.1e100.net (2404:6800:4003:c01::1b): icmp_seq=3 ttl=37 time=296 ms
    64 bytes from sb-in-x1b.1e100.net (2404:6800:4003:c01::1b): icmp_seq=4 ttl=37 time=296 ms
    
    --- alt2.gmail-smtp-in.l.google.com ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 3004ms
    rtt min/avg/max/mdev = 296.773/296.882/296.933/0.390 ms
    

    and openssl smtp check
    Code (Text):
    echo | openssl s_client -connect alt2.gmail-smtp-in.l.google.com:25 -starttls smtp
    

    i.e.
    Code (Text):
    echo | openssl s_client -connect alt2.gmail-smtp-in.l.google.com:25 -starttls smtp   
    CONNECTED(00000003)
    depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
    verify return:1
    depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
    verify return:1
    depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = mx.google.com
    verify return:1
    ---
    Certificate chain
     0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mx.google.com
       i:/C=US/O=Google Inc/CN=Google Internet Authority G2
     1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
       i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
     2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
       i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    M....SNIPPED....IP
    -----END CERTIFICATE-----
    subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mx.google.com
    issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
    ---
    No client certificate CA names sent
    Peer signing digest: SHA256
    Server Temp Key: ECDH, P-256, 256 bits
    ---
    SSL handshake has read 4636 bytes and written 450 bytes
    ---
    New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
        Protocol  : TLSv1.2
        Cipher    : ECDHE-RSA-AES128-GCM-SHA256
        Session-ID: 4AED981F610B886C4425E0E8873DA2F732F390C2FAEA1F5D7BB1893043D5D865
        Session-ID-ctx: 
        Master-Key: C7513422F05A01847D2F2CC9FE94C81872078F376D2E5AB4EA1A65B3CBDF1F0AB6050D455BF663AD4608B947B17AACC3
        Key-Arg   : None
        Krb5 Principal: None
        PSK identity: None
        PSK identity hint: None
        TLS session ticket lifetime hint: 100799 (seconds)
        TLS session ticket:
        0000 - 00 fb 7d 91 28 bc 98 2f-a1 4e ae 3b 77 25 43 70   ..}.(../.N.;w%Cp
        0010 - 7c e5 70 b4 55 7d 91 ca-9e bd d7 be 54 6e 21 53   |.p.U}......Tn!S
        0020 - fb f2 e3 f4 18 19 24 e1-e0 71 dd f8 04 60 a4 50   ......$..q...`.P
        0030 - ad 67 1b 56 0b a1 39 07-1e 14 aa a5 fd 5c 4c 3f   .g.V..9......\L?
        0040 - 1f 32 87 12 f9 f2 69 4b-d3 6f f8 f7 7a af 88 3c   .2....iK.o..z..<
        0050 - 37 a6 a7 5d 2b c7 1e 51-9d b1 21 76 55 65 d0 53   7..]+..Q..!vUe.S
        0060 - 3b 20 39 4c 6d 5c 72 66-9b f1 d8 6f 95 b1 09 f1   ; 9Lm\rf...o....
        0070 - cb 75 93 12 1f eb 46 86-e9 dc 2c 96 d7 47 09 9b   .u....F...,..G..
        0080 - f6 96 bd 28 ac b8 93 e2-d4 04 e3 56 ec d6 60 68   ...(.......V..`h
        0090 - e6 f2 82 75 87 3d 48 c7-2e 60 9e d7 c9 45 50 8f   ...u.=H..`...EP.
        00a0 - 06 e1 31 99 a4 55 c7 c0-9a f2 a3 c5 a3 1e ff 38   ..1..U.........8
        00b0 - 0f c8 b4 76 66 de 0a f4-d3 47 4d ec ea 5b 89 cb   ...vf....GM..[..
        00c0 - b7 1f 4b 6f 51 e9 71 8b-c7 ba 5c 93 d6 0b bd bf   ..KoQ.q...\.....
        00d0 - b4 15 3e 99 f6                                    ..>..
    
        Start Time: 1509344950
        Timeout   : 300 (sec)
        Verify return code: 0 (ok)
    ---
    250 SMTPUTF8
    DONE
    
     
    Last edited: Oct 30, 2017
  3. eva2000

    eva2000 Administrator Staff Member

    30,634
    6,862
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,308
    Local Time:
    1:50 PM
    Nginx 1.13.x
    MariaDB 5.5
    • Informative Informative x 1
  4. ahmed

    ahmed Member

    223
    17
    18
    Feb 21, 2017
    Ratings:
    +23
    Local Time:
    5:50 AM
    thanks for help, actually google cloud allows IPV6 only in load balancer like environment, This message happened when the email tried to use the forwarding address, I think goolge is behind this (preventing SMTP or so) , I guess I need to opne port 25 udp only, correct?
     
  5. ahmed

    ahmed Member

    223
    17
    18
    Feb 21, 2017
    Ratings:
    +23
    Local Time:
    5:50 AM
  6. eva2000

    eva2000 Administrator Staff Member

    30,634
    6,862
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,308
    Local Time:
    1:50 PM
    Nginx 1.13.x
    MariaDB 5.5
    Centmin Mod installed CSF Firewall already opens port 25 but yes if you have a cloud based firewall in front, you will need to open it there too on Google Cloud

    see Centmin Mod LEMP stack CSF Firewall default port listing
     
  7. eva2000

    eva2000 Administrator Staff Member

    30,634
    6,862
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,308
    Local Time:
    1:50 PM
    Nginx 1.13.x
    MariaDB 5.5