Hi I have RHEL5 with ssmtp installed on it ssmtp-2.61-22.el5.i386.rpm
my /etc/ssmtp/ssmtp.conf updated as below :-
AuthUser=mymail#gmail.com
AuthPass=mypassword
FromLineOverride=YES
mailhub=smtp.gmail.com:587
UseSTARTTLS=YES
UseTLS=Yes
RewriteDomain=gmail.com
also revaliases updated as below :
root:mymail#gmail.com:smtp.gmail.com:587
i have shutdown sendmail service
when i try to send email with ssmtp i get below error
[root#ctmtest ssmtp]# echo "test" | ssmtp -vvv mymail#gmail.com
[<-] 220 smtp.gmail.com ESMTP v26sm42795996pfi.56 - gsmtp
[->] EHLO ctmtest
[<-] 250 SMTPUTF8
[->] STARTTLS
[<-] 220 2.0.0 Ready to start TLS
ssmtp: Cannot open smtp.gmail.com:587
i searched lots of tag with this error , but unable to fix this
my system is able to connect smtp.gmail.com on port 587
[root#ctmtest ssmtp]# telnet smtp.gmail.com 587
Trying 74.125.200.108...
Connected to smtp.gmail.com (74.125.200.108).
Escape character is '^]'.
220 smtp.gmail.com ESMTP o90sm11695907pfi.17 - gsmtp
is there anyone who have fixed this ? please suggest
I encountered the same problem. The following steps worked for me:
sudo vi /etc/ssmtp/ssmtp.conf
Add the following:
TLS_CA_FILE=/etc/pki/tls/certs/ca-bundle.crt
root=XXXX#gmail.com
mailhub=smtp.gmail.com:587
AuthUser=XXXX
AuthPass=XYXYX
UseSTARTTLS=Yes
UseTLS=Yes
hostname=AAAA
Replace:
XXXX- username(mail)
XYXYX- password(mail password)
AAAA- hostname(get by running $hostname)
sudo vi /etc/ssmtp/revaliases
Add the following:
root:XXXX#gmail.com:smtp.gmail.com:587
Replace :
XXXX - username(mail)
Try running the mail now:
$mail -s "adasdas" XXXX#gmail.com
CC:
XYZLoremIpsum
.
'ctrl+D'
It solved my problem.
Hopefully for a system(Office) you need to configure correct proxy settings otherwise you will get an error:
cannot send message: Process exited with a non-zero status
try changing this option
Allowing less secure apps to access your account
https://support.google.com/accounts/answer/6010255?hl=en
This is perhaps because you're not setting the hostname parameter of ssmtp.conf. It should be a resolvable, fully-qualified domain name; yours is defaulting to the machine name of ctmtest (as shown in the EHLO command that you quote above).
The issue that user963 mentions in their answer may also be in action here, but in that case you'll get a different error message, something like ssmtp: Authorization failed (534 5.7.14 ...).
This should be a comment on Haider Raza's answer, but I am short of 1 rep point to comment lol.
From https://superuser.com/questions/431539/special-characters-in-ssmtp-password
ssmtp has bugs parsing passwords containing '=', ':' or '#'. You can use the following workaround:
feed the password directly in the command line argument
ssmtp -ap "Hash#Password" ...
alternatively put the password in an environment variable.
ssmtp -ap $PASSWD ...
Hope it helped.
first to get your hostname type in terminal : hostname
copy it and past in hostname parameter in ssmtp.conf
On my Gentoo Linux system, the error ssmtp: Cannot open smtp.server.com:port was caused by an ownership/permissions issue: the file /etc/ssmtp/ssmtp.conf should belong to the group ssmtp, which it didn't (and any user allowed to access ssmtp should be a member of that group).
I ws looking for a solution for cacti smtp mail sender.
And found myself actually sending an email using the postfix service .
I also used localhost in the postfix config.
Thanks!
This is my config for outlook365.com that works on Centos 6.10 (Final) - replace all [square brackets] with your own settings:
/etc/ssmtp/ssmtp.conf
root=[admin_emailemail#domain.ext]
mailhub=smtp.office365.com:587
RewriteDomain=[domain.ext]
# to find out run hostname command in shell
Hostname=[hostname_or_domain]
AuthUser=[your_smtp_authentication_mailbox#domain.ext]
AuthPass=[your_password]
AuthMethod=LOGIN
FromLineOverride=YES
UseTLS=YES
UseSTARTTLS=YES
# Use SSL/TLS certificate to authenticate against smtp host.
# When enabled it was failing to send emails
#UseTLSCert=YES
TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt
/etc/ssmtp/revaliases
root:[your_sender_or_authentication_mailbox#domain.ext]:smtp.office365.com:587
Mail functions are all highly broken, so are the numerous tutorials on the internet.
This is pretty bad, for something that MUST be EASY for BEGINNERS.
A little panels of unclear errors you will face:
mailx: unrecognized option '-d'
💩
mailx: unrecognized option '-v'
💩
s-nail: Setting up PseudoRandomNumberGenerator: *SSL RAND_*
s-nail: New-style URL used without *v15-compat* being set
/home/you/dead.letter 3/106
s-nail: ... message not sent
💩
s-nail: Connecting to XX.XX.XX.XXX:465 ... connected.
s-nail: SMTP: Resource temporarily unavailable
💩
s-nail: Obsoletion warning: Use of old-style credentials, which will vanish in v15!
💩
s-nail: Obsoletion warning: please don't use *smtp*: assign a smtp:// URL to *mta*!
💩
s-nail: Unexpected EOF on SMTP connection
💩💩💩
No, there is no needs of any credentials to send a simple mail.
STEP 1: Install mail-utils
sudo apt install mailutils
STEP 2: Install mutt
sudo apt install mutt
STEP 3: Run the postfix setup
sudo dpkg-reconfigure postfix
Usage press TAB to select OK
Select "Internet site"
Enter your domain, or whatever
Leave all other settings as default. (Press RETURN till the end)
Mails will then be sent from this email: yourCurrentsession#whatever.com
STEP 4: Apply settings
service postfix reload
STEP 5: Send email
echo "Hello world" | mutt -s "Message sent at $(date)" recipient#gmail.com -y
STEP 6: Optional. Change sender email and name. Create a .muttrc file in the home folder.
echo -e "set from = \"aname#something.net\"\nset realname = \"Yay\"" > ~/.muttrc
Related
I created ftp server by pureftpd on linux sever:
sudo apt-get install pure-ftpd
sudo bash
echo "yes" > /etc/pure-ftpd/conf/Daemonize
echo "yes" > /etc/pure-ftpd/conf/NoAnonymous
echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone
echo "yes" > /etc/pure-ftpd/conf/IPV4Only
echo "no" > /etc/pure-ftpd/conf/ProhibitDotFilesWrite
but when I try to access to ftp from file explorer in Windows 10 by ftp://x.x.x.x with username and password I get this error:
an error occurred while opening that folder on the ftp server
I gave the all permission to root folder,
I add this line to configuration:
echo "10000 60000" > /etc/pure-ftpd/conf/PassivePortRange
sudo systemctl restart pure-ftpd
but still I get the same error. How can I solve this?
Use of other ftp servers have shown the same client-side result. To access certain directories on the server via ftp, there are often multiple requirements. After the client provides a user and password that are valid on the target host:
Various ftp servers often need additional configuration that allows access to specific directories. Sometimes there's a global setting that lists 1+ directories that applies to all client access, eg "/ftp". Another variety requires creating named ftp group(s), specifying 1+ directories accessible to that group, and adding users to 1 or more groups.
Although not always well documented, ftp servers tend to provide logging with any connection or session. Check on the ftp server host for more detailed error information in a place like /var/log/messages. Enabling session or error logging and the log-file location may be additional configuration settings. If there's nothing obvious, file locations can sometimes be discovered with a cmd-line similar to this:
strings /usr/etc/ftp-server | grep /
Also remember to restart your ftp server after config changes. Some network daemons are known to re-read config files after receiving a SIGHUP, eg:
pkill -1 server-name
I'm trying to get daemons to send email from a Debian 10 Server.
I'm using msmtp-mta with an OVH SMTP server. It's properly configured.
Everything works fine when sending email directly via the mail command, like so :
echo "test" | mail -s "test" email#domain.com
However, some daemons like smartd try to send email to root#localhost, but with a malformed recipient address root, which the OVH SMTP doesn't like at all :
send-mail: recipient address root not accepted by the server
send-mail: server message: 501 5.1.3 Invalid address
send-mail: could not send mail (account default from /etc/msmtprc)
Can't send mail: sendmail process failed with error code 65
and in the msmtp log :
Apr 25 00:39:49 host=ssl0.ovh.net tls=on auth=on user=***REDACTED*** from=***REDACTED*** recipients=root smtpstatus=501 smtpmsg='501 5.1.3 Invalid address' errormsg='recipient address root not accepted by the server' exitcode=EX_DATAERR
I tried adding root: email#domain.com to /etc/aliases adn relaoding with newaliases, and even put a .forward in root's homedir.
Has anyone experienced this before ? Shouldn't msmtp honor /etc/aliases and/or .forward and replace root's email address ?
Please check with msmtp -v if you have another alias that might override the one you're settings. You'll be able to check if it correctly register your aliases using that command.
You may also want to add aliases /etc/aliases to your /etc/msmtprc file.
You may also add a default alias in /etc/aliases if you would like all the mails to be send with a from corresponding: default: awesome.mail#example.tld
(related and perhaps more simple problem to solve: proxy authentication by MSCHAPv2)
Summary: I am using a Ubuntu 18, the proxy is working with web-browser but not with terminal applications (wget, curl or apt update). Any clues? Seems the problem is to interpretate a proxy's "PAC file"... Is it? How to translate to Linux's proxy variables? ... Or the problem is simple: my proxy-config (see step-by-step procedure below) was wrong?
Details:
By terminal env | grep -i proxy we obtain
https_proxy=http://user:pass#pac._ProxyDomain_/proxy.pac:8080
http_proxy=http://user:pass#pac._ProxyDomain_/proxy.pac:8080
no_proxy=localhost,127.0.0.0/8,::1
NO_PROXY=localhost,127.0.0.0/8,::1
ftp_proxy=http://user:pass#pac._ProxyDomain_/proxy.pac:8080
and browser (Firefox) is working fine for any URL, but:
wget http://google.com say Resolving pac._ProxyDomain_ (pac._ProxyDomain_)... etc.etc.0.26 connecting to pac._ProxyDomain_ (pac._ProxyDomain_)|etc.etc.0.26|:80... conected.
Proxy request has been sent, waiting for response ... 403 Forbidden
2019-07-25 12:52:19 ERROR 403: Forbidden.
curl http://google.com say "curl: (5) Could not resolve proxy: pac._ProxyDomain_/proxy.pac"
Notes
(recent news here: purge exported proxy changes something and not tested all again...)
The proxy configuration procedures that I used (there are some plug-and-play PAC file generator? I need a PAC file?)
Config procedures used
All machine was running, with a direct non-proxy internet connection... Them the machine goes to the LAN with the proxy.
Add lines of "export *_proxy" (http, https and ftp) in my ~/.profile. The URL definitions are in the form http_proxy="http://user:pwd#etc" (supposing that is correct, because testesd before with user:pwd#http://pac.domain/proxy.pac syntax and Firefox promped proxy-login)(if the current proxy-password is using # character, need to change?)
Add lines of "export *_proxy" in my ~root/.profile.(need it?)
(can reboot and test with echo $http_proxy)
visudo procedure described here
reboot and navigate by Firefox without need of login, direct (good is working!). Testing env | grep -i proxy, it shows all correct values as expected.
Testing wget and curl as the begin of this report, proxy bug.
Testing sudo apt update, bug.
... after it more one step, supponing that for apt not exist a file, created by sudo nano /etc/apt/apt.conf.d/80proxy and add 3 lines for Acquire::*::proxy "value"; with value http://user:pass#pac._ProxyDomain_/proxy.pac:8080. where pass is etc%23etc, url-encoded.
Summary of tests performed
CONTEXT-1.1
(this was a problem but now ignoring it to focus on more relevant one)
After (the proxied) cable connection and proxy configurations in the system. (see above section "Config procedures used"). Proxy-password with special character.
curl http://google.com say "curl: (5) Could not resolve proxy..."
When change all .profile from %23 to # the error on wget changes, but curl not. Wget changes to "Error parsing proxy URL http://user:pass#pac._ProxyDomain_/proxy.pac:8080: Bad port number"
PS: when used $ on password the system (something in the internal export http_proxy command or use of http_proxy confused it with a variable).
CONTEXT-1.2
Same as context-1.1 above, but password with no special character. Good and clean proxy-password.
curl http://google.com say "curl: (5) Could not resolve proxy..."
CONTEXT-2
After (the proxied) cable connection and no proxy configurations in the system (but confirmed that connection is working on browser after automatic popup form login).
curl -x 192.168.0.1:8080 http://google.com "curl: (7) Failed to connect..."
curl --verbose -x "http://user:pass#pac._proxyDomain_/proxy.pac" http://google.com say "curl: (5) Could not resolve proxy..."
Other configs in use
As #Roadowl suggested to check:
files ~/.netrc and ~root/.netrc not exists
file more /etc/wgetrc exists, but all commented, exept by passive_ftp = on
nrpe on azure server - nrpe-srvr, user nrpe, executing script /usr/local/naemon/libexec/check_curl_http.php I'll call it script
Desired output after ./script -U www.google.com:
Page OK: HTTP Status Code 200 - 11099 bytest in 0.** seconds | time=0.059 size=11099
I achieve the above output by running the script from root or nrpe
Running sudo -u nrpe ./script -U www.google.com returns:
Error in opening page! Err:Failed to connect to [ipv6 addr] Network is
unreachable
However running su - nrpe -c './script -U www.google.com' works with the desired result.
Naemon reports:
CHECK_NRPE: Socket timeout after 30 secs
Other NRPE checks to the same host are working, so I think it's something to do with user execution of this specific script. I did have a deny from SELinux, but adjusted the context. Removing the context and setting SELinux to permissive yielded the same error. Enabled NRPE Log files, with debugging, but other than Running command it doesn't really reveal much. There is a:
WARNING: my_system() seteuid(0): Operation not permitted
in the logs, but looking at the support documentation that is "Normal" behavior.
I'll post this just in case someone else has this issue, and I'll tag Azure / AWS.
Essentially, cloud providers (mostly) have an internal proxy that is stored in an environment variable http_proxy && https_proxy. NRPE by default doesn't use load environment variables. Now I don't know if there is an option for it (it's mentioned in the docs that there is a bug when using uid instead of username (was using username)) however it's simple enough to call proxy for checks like this.
I am trying to connect to a new user account I created via SSH with the command
useradd -s /bin/false -d /home/username james
I added/edited the password via SSH with the command
passwd james
When trying to connect to my server using this user and pass via FileZilla I get the following error messages.
Response: 331 User James OK. Password required
Command: PASS *****
Response: 530 Login authentication failed
Error: Critical error
Error: Could not connect to server
When I try to login with this user/pass through SFTP I get the following error messages
Status: Connected to domain.com
Error: Connection closed by server with exitcode 1
Error: Could not connect to server
Either way it seems it doesn't allow me to use this newuser anywhere.
My server details
Linux 2.6.18-308.11.1.el5 GNU/Linux
(Red Hat 4.1.2-52)
Centos
Regarding FTP, the FTP server commonly used on Linux systems requires users to have a shell that's listed in the file /etc/shells. For example, this online ftpd man page says that, among other things, "The user must have a standard shell returned by getusershell(3).". The page for getusershell() shows that it reads shells from /etc/shells.
You could probably make FTP work adding /bin/false to /etc/shells. Your Linux system might have a more suitable shell available, like /usr/sbin/nologin.
Regarding SFTP, the ssh server normally provides SFTP service by by invoking a program called sftp-server. If you examine the server's sshd_config file, you'll probably find a line like this:
Subsystem sftp /usr/lib/openssh/sftp-server
sshd runs the subsystem program as a shell command, using the user's shell. If you set the user's shell to /bin/false, then sshd ends up running the command:
/bin/false -c /usr/lib/openssh/sftp-server
/bin/false ignores its command-line arguments and exits with code 1, so the SFTP client's session drops immediately after it starts.
sshd has an internal SFTP server component that can be used instead of the external program. The usual way of limiting SSH access to SFTP for some users is to set up a Match group within sshd_config, forcing the internal-sftp command for certain classes of users. Here are a couple examples of that:
http://en.wikibooks.org/wiki/OpenSSH/Cookbook/SFTP#SFTP-only_Accounts
https://serverfault.com/questions/354615/allow-sftp-but-disallow-ssh
Dont use "-s /bin/false". Use "-s /sbin/nologin" instead and it should be fine.
Make sure your account password hasn't expired. Mine did, and Filezilla exited with error code 1.
After logging onto the server and updating the account password (prompted immediately after connecting), I am now able to connect with SFTP & Filezilla.
Probably is a password related issue, check account
chage -l <user>
account must not be expired.
FTP doesn't allow /usr/sbin/nologin user
Response: 220 Welcome to the Scent Library's File Service.
Command: USER ftpuser
Response: 331 Please specify the password.
Command: PASS ******
Response: 530 Login incorrect.
filezilla 530 error - but password is correct
vsftpd: 530 Login incorrect
530 Login or password incorrect!
How can I connect via FTP using FileZilla? I get a 530 error.
Response: 220 Welcome to Test FTP service.
Command: USER ftpuser
Response: 331 Please specify the password.
Command: PASS ******
Response: 530 Login incorrect.
Error: Critical error
Error: Could not connect to server
Change user's shell
usermod -s /usr/sbin/nologin username
Then edit "/etc/shells" file and add this line
/usr/sbin/nologin
In order to connect to the server using ftp, you also need to run a ftp server / service or daemon.
An example of such ftp server is "vsftpd"
After installing it, you will also need to configure it and allow anonymous ftp access or ftp access to existing users
You will find the configuration file in the path "/etc/vsftpd/vsftpd.conf"
The below link might be useful for you --
https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-on-centos-6--2