| Lee H. Marzke on 18 Feb 2018 05:00:06 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] VOIP texting - was Help with Postfix SASL auth to smarthost on RedHat distro |
Thanks for reminding me to close down those gmail security exceptions, as I'm running my voicemail messages through my main SMTP server now, over TLS/SASL. I have a question. What do people use these days for texting ? SMS was popular on mobile phones, but doesn't have support by most VOIP carriers. Many VOIP carriers have inbound SMS, but the clients are often XMPP , not the native SMS client. Even FreePBX 14 now has an embedded XMPP server, but that's not useful unless you have a whole company on your PBX. Pidgin on Linux talked to FreePBX XMPP easily. Or maybe people register with a whole bunch of XMPP services ? I would like to not publish my cell number since I route my incoming VOIP trunks to it, so the cell's SMS capability doesn't hide the cell number for me. I've also notices that WhatsApp is popular, and I have an unexpected number of business and family with accounts. That service can be used on the phone with any inbound number that receives texts so that may work for me. What are people using these days for texting? So many choices. Lee ----- Original Message ----- > From: "Keith C. Perry" <kperry@daotechnologies.com> > To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org> > Sent: Saturday, February 17, 2018 9:05:06 PM > Subject: Re: [PLUG] Help with Postfix SASL auth to smarthost on RedHat distro > I know this is a bit dated but I wanted to +1 this because after realizing many > ISPs blocks port 25 for residential customers I ended up created an account on > my mail server so that my clients that work out of their homes could relay > their voicemail messages. As stated Gmail, is going to be a pita to use so it > makes life easier just to run this traffic through my own server. > > ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ > Keith C. Perry, MS E.E. > Managing Member, DAO Technologies LLC > (O) +1.215.525.4165 x2033 > (M) +1.215.432.5167 > www.daotechnologies.com > > ----- Original Message ----- > From: "Lee H. Marzke" <lee@marzke.net> > To: "Philadelphia Linux User's Group Discussion List" > <plug@lists.phillylinux.org> > Sent: Monday, February 12, 2018 8:00:00 AM > Subject: Re: [PLUG] Help with Postfix SASL auth to smarthost on RedHat distro > > FYI, > > OK SMTP auth over tls is working now. > > Turns out gmail relay still fails, and it forces you to allow "less secure apps" > in your account settings before this works. > So I've switched to my other smarthost and that is working as well. > > This is an example of why software code reviews can be so helpful, when you > carefully explain or walk through the > code with others, the error that you couldn't see before just jump out. > > > > Lee > > > > ----- Original Message ----- >> From: "Lee H. Marzke" <lee@marzke.net> >> To: "Philadelphia Linux User's Group Discussion List" >> <plug@lists.phillylinux.org> >> Sent: Sunday, February 11, 2018 10:45:22 PM >> Subject: Re: [PLUG] Help with Postfix SASL auth to smarthost on RedHat distro > >> Wow, just typing this message out helped me find the likely error already. >> >>> -rw------- 1 root root 111 Feb 11 18:37 sasl_paswd >>> -rw------- 1 root root 12288 Feb 11 19:42 sasl_paswd.db >> >> Looks like passwd is missing an 's' both places. How did I miss that. >> >> I'll let everyone know if that fixes it. >> >> Lee >> >> ----- Original Message ----- >>> From: "Lee H. Marzke" <lee@marzke.net> >>> To: "Philadelphia Linux User's Group Discussion List" >>> <plug@lists.phillylinux.org> >>> Sent: Sunday, February 11, 2018 10:36:36 PM >>> Subject: [PLUG] Help with Postfix SASL auth to smarthost on RedHat distro >> >>> I'm having trouble with Postfix SMTP authentication to a smarthost on a new >>> install of RH 7.3 >>> >>> This is actually the latest FreePBX SNG7 OS based on RH 7.3 but shouldn't >>> matter. >>> https://en.wikipedia.org/wiki/FreePBX_Distro >>> >>> I have Postfix SMTP auth over TLS working on an old Ubuntu release, but for >>> some reason the Red Hat distro is giving me permission issues >>> with nearly the same setup. Any clues where I should look next ? >>> >>> Basically SASL authentication strings are in the file /etc/postfix/sasl_passwd >>> containing two smart hosts: >>> >>> [smtp.gmail.com]:587 username:password >>> [smtp.smarthost2.net]:587 username:password >>> >>> and has permissions: >>> >>> -rw------- 1 root root 111 Feb 11 18:37 sasl_paswd >>> -rw------- 1 root root 12288 Feb 11 19:42 sasl_paswd.db >>> >>> the hash is updated/created with: >>> sudo postmap hash:/etc/postfix/sasl_passwd >>> >>> Notes with CentOS claim that postfix reads the .db map file as root, then drops >>> permissions on startup. >>> >>> However, when I send email, I keep getting errors where postfix can't read the >>> sasl_passwd.db file. >>> >>> Feb 11 22:12:42 freepbx postfix/smtp[11208]: Trusted TLS connection established >>> to smtp.gmail.com[209.85.232.108]:587: TLSv1.2 with cipher >>> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) >>> Feb 11 22:12:42 freepbx postfix/smtp[11208]: warning: >>> hash:/etc/postfix/sasl_passwd is unavailable. open database >>> /etc/postfix/sasl_passwd.db: No such file or directory >>> Feb 11 22:12:42 freepbx postfix/smtp[11208]: warning: >>> hash:/etc/postfix/sasl_passwd lookup error for "smtp.gmail.com" >>> Feb 11 22:12:42 freepbx postfix/smtp[11208]: warning: 89DF211780BB: >>> smtp_sasl_passwd lookup error >>> Feb 11 22:12:42 freepbx postfix/smtp[11208]: 89DF211780BB: local data error >>> while talking to smtp.gmail.com[209.85.232.108] >>> >>> Now I know the file is there. And I've tried changing permissions to allow >>> postfix group read, and other combination >>> but they always fail the same way. >>> >>> >>> The relevant sections of main.cf are: >>> >>> #Setup TLS, using default self-signed certs >>> >>> smtp_tls_security_level = may >>> smtp_tls_loglevel = 1 >>> smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.trust.crt >>> smtp_tls_cert_file = /etc/pki/tls/certs/localhost.crt >>> smtp_tls_key_file = /etc/pki/tls/private/localhost.key >>> >>> # Use smarthost >>> #relayhost = [smtp.protectedservice.net]:587 >>> relayhost = [smtp.gmail.com]:587 >>> >>> # Setup SASL over TLS for smart host ( Gmail require TLS, others may not ) >>> >>> smtp_use_tls = yes >>> smtp_sasl_auth_enable = yes >>> broken_sasl_auth_clients = yes >>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd >>> smtp_sasl_security_options = noanonymous >>> smtp_sasl_tls_security_options = noanonymous >>> smtp_sasl_type = cyrus >>> smtp_tls_security_level = encrypt >>> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy >>> >>> ###DEBUG >>> #debug_peer_list=smtp.gmail.com >>> #debug_peer_level=3 >>> >>> >>> The policy map tls_policy contains: (but this isn't causing issues so >>> far) >>> >>> [smtp.gmail.com]:587 encrypt >>> [smtp.othersmarhost.net]:587 encrypt >>> >>> >>> Regards, >>> >>> >>> Lee >>> >>> -- >>> "Between subtle shading and the absence of light lies the nuance of iqlusion..." >>> - Kryptos >>> >>> Lee Marzke, lee@marzke.net http://marzke.net/lee/ >>> IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM >>> >>> ___________________________________________________________________________ >>> Philadelphia Linux Users Group -- http://www.phillylinux.org >>> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce >>> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug >> >> -- >> "Between subtle shading and the absence of light lies the nuance of iqlusion..." >> - Kryptos >> >> Lee Marzke, lee@marzke.net http://marzke.net/lee/ >> IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM >> +1 800-393-5217 office >> +1 484-348-2230 fax >> ___________________________________________________________________________ >> Philadelphia Linux Users Group -- http://www.phillylinux.org >> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce >> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > -- > "Between subtle shading and the absence of light lies the nuance of iqlusion..." > - Kryptos > > Lee Marzke, lee@marzke.net http://marzke.net/lee/ > IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM > +1 800-393-5217 office > +1 484-348-2230 fax > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug -- "Between subtle shading and the absence of light lies the nuance of iqlusion..." - Kryptos Lee Marzke, lee@marzke.net http://marzke.net/lee/ IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM +1 800-393-5217 office +1 484-348-2230 fax ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug