# Telnet failing with postfix, following gentoo mail guide

## gazj

I have moved my server from slackware to gentoo.  I am having problems setting up my MTA.  I am following this guide http://www.gentoo.org/doc/en/virt-mail-howto.xml

However when I get to the telnet test step

Code listing 6.2: Verify sasl and tls support

```
# telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

220 mail.domain.com ESMTP Postfix

EHLO domain.com

250-mail.domain.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-STARTTLS

250-AUTH LOGIN PLAIN

250-AUTH=LOGIN PLAIN

250-XVERP

250 8BITMIME

^]

telnet> quit
```

This is not working, I only get as far as

```
Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

220 mail.foxjames.co.uk ESMTP Postfix

421 4.4.2 mail.foxjames.co.uk Error: timeout exceeded

Connection closed by foreign host.

```

Here is the tail of /var/log/messages

```
Oct 22 10:30:01 reddwarf cron[16012]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )

Oct 22 10:30:01 reddwarf cron[16018]: (root) CMD (/usr/local/bin/mirror-swj >> /var/log/mirror-swj)

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: > localhost[127.0.0.1]: 421 4.4.2 mail.foxjames.co.uk Error: timeout exceeded

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostname: localhost ~? 192.168.1.0/24

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostaddr: 127.0.0.1 ~? 192.168.1.0/24

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostname: localhost ~? 127.0.0.0/8

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: timeout after CONNECT from localhost[127.0.0.1]

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: disconnect from localhost[127.0.0.1]

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: master_notify: status 1

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: connection closed

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: proxymap stream disconnect

Oct 22 10:32:06 reddwarf postfix/smtpd[16006]: auto_clnt_close: disconnect private/tlsmgr stream

Oct 22 10:33:46 reddwarf postfix/smtpd[16006]: idle timeout -- exiting

Oct 22 10:34:00 reddwarf postfix/qmgr[15363]: 2C33E46D64: from=<root@mail.foxjames.co.uk>, size=1790, nrcpt=1 (queue active)

Oct 22 10:34:00 reddwarf postfix/qmgr[15363]: A689D46D31: from=<root@mail.foxjames.co.uk>, size=1790, nrcpt=1 (queue active)

Oct 22 10:34:00 reddwarf postfix/qmgr[15363]: B28C346D4B: from=<root@mail.foxjames.co.uk>, size=1790, nrcpt=1 (queue active)

Oct 22 10:34:00 reddwarf postfix/smtp[16034]: connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused

Oct 22 10:34:00 reddwarf postfix/smtp[16035]: connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused

Oct 22 10:34:00 reddwarf postfix/smtp[16036]: connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused

Oct 22 10:34:00 reddwarf postfix/smtp[16034]: 2C33E46D64: to=<gary@foxjames.co.uk>, orig_to=<root>, relay=none, delay=12825, delays=12825/0.04/0.19/0, dsn=4.4.1, status=deferred (connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused)

Oct 22 10:34:00 reddwarf postfix/smtp[16035]: A689D46D31: to=<gary@foxjames.co.uk>, orig_to=<root>, relay=none, delay=38028, delays=38027/0.03/0.19/0, dsn=4.4.1, status=deferred (connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused)

Oct 22 10:34:00 reddwarf postfix/smtp[16036]: B28C346D4B: to=<gary@foxjames.co.uk>, orig_to=<root>, relay=none, delay=2027, delays=2026/0.05/0.18/0, dsn=4.4.1, status=deferred (connect to www.foxjames.co.uk[86.160.133.6]:25: Connection refused)

```

Please help guys, I',m starting to lose the will to live on this one

----------

## ziggysquatch

Does it give the timeout right away?  If not, you have to send it the EHLO command in order for it to respond back with it's list of capabilities.

Once connected, type:

```
EHLO domain.com 
```

Then it should spew out the list of capabilities that you see in the guide.

----------

## gazj

I cannot type amything it does not even connect unfortunately

----------

## ziggysquatch

can you post your /etc/postfix/main.cf?

----------

## gazj

/etc/postfix/main.cf

```
reddwarf ~ # cat /etc/postfix/main.cf | grep -v "#"

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

data_directory = /var/lib/postfix

mail_owner = postfix

myhostname = mail.foxjames.co.uk

mydomain = foxjames.co.uk

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain, localhost

unknown_local_recipient_reject_code = 550

mynetworks = 192.168.1.0/24, 127.0.0.0/8

home_mailbox = Mailbox/

local_destination_concurrency_limit = 2

default_destination_concurrency_limit = 10

debug_peer_level = 2

debugger_command =

    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

    ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

html_directory = /usr/share/doc/postfix-2.5.7/html

manpage_directory = /usr/share/man

sample_directory = /etc/postfix

readme_directory = /usr/share/doc/postfix-2.5.7/readme

home_mailbox = .maildir/

smtpd_sasl_auth_enable = yes

smtpd_sasl2_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_local_domain =

smtpd_recipient_restrictions =

  permit_sasl_authenticated,

  permit_mynetworks,

  reject_unauth_destination

smtp_use_tls = yes

smtp_tls_note_starttls_offer = yes

smtpd_use_tls = yes

smtpd_tls_key_file = /etc/postfix/newkey.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

```

Hope this gives you some leads  :Smile: 

----------

## elgato319

Does it work if you disable tls?

```
#smtp_use_tls = yes

#smtpd_use_tls = yes 
```

is your key/cert file correct?

----------

## gazj

Sorry will get wound to trying this tonight, work has been hectic, Thanks

----------

## gazj

Ok, it seems my ssl signing is not working for me

```
reddwarf misc # ./CA.pl -sign

Using configuration from /etc/ssl/openssl.cnf

Enter pass phrase for ./demoCA/private/cakey.pem:

unable to load certificate

29343:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:650:Expecting: TRUSTED CERTIFICATE

Signed certificate is in newcert.pem
```

this is from step 5.1 of the documentation, the file newcert.pem never gets created.

----------

