Albus Posted December 10, 2004 Report Share Posted December 10, 2004 Here's the scenario. Fresh install of Mandrake 10.1. Installed the IMAP package and the pop3 service is set to run when xinetd runs. It also appears to listening (netstat says xinetd is listening on port 110 so maybe I"m wrong...). In any event, all attempts to connect , locally or externally, give a "Cannot login, connection terminated immediately" message. What's up? Got any hints? Need any more info from me before an answer can be given, just let me know. This is gong to be a business server, so I really need this working. Quote Link to comment Share on other sites More sharing options...
devries Posted December 10, 2004 Report Share Posted December 10, 2004 Firewall? Quote Link to comment Share on other sites More sharing options...
inflexion Posted December 10, 2004 Report Share Posted December 10, 2004 wrong password/user name?? Â my yahoo gave a message like that and i had bashed in my password wrong Quote Link to comment Share on other sites More sharing options...
AussieJohn Posted December 10, 2004 Report Share Posted December 10, 2004 I second devries suggestion. Now go to Security in MCC then into Firewall. And make sure there is a tick in at least FTP server and also POP and IMAP Server. Click on OK. In the NET Device part select eth0 from the drop down menu. (not ppp or ippp) then click OK. (If you are using the LAN setup)(If you are using dialup then you would select the appropriate ppp or whatever for that) Quote Link to comment Share on other sites More sharing options...
Gowator Posted December 10, 2004 Report Share Posted December 10, 2004 I second devries suggestion. Now go to Security in MCC then into Firewall. And make sure there is a tick in at least FTP server and also POP and IMAP Server. Click on OK. In the NET Device part select eth0 from the drop down menu. (not ppp or ippp) then click OK. (If you are using the LAN setup)(If you are using dialup then you would select the appropriate ppp or whatever for that) <{POST_SNAPBACK}> Does anyone know what happened to the security in 10.1. ? Â I know MDK are going for a aim of lvl 5 security but its completely thrown me. It seems some of the security features can'tr be turned on/off using conventional tools and start in the on position? Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 (edited) Router is doing the firewalling. locally it's wide open. It connects fine using 127.0.0.1 loopback as the host, but not the local ip (192.168.1.2), my public static ip (routed to 192.168.1.2) or the domain name. All other services work fine (DNS, Apache, Postfix). Username and password were verified and are correct. Â BTW...thanks for the replies. I read each of them. Currently my box is not running shorewall as the router is handling port forwarding. All ports not explicitly forwarded are in stealth mode. I do have the proper ports forwarded in addition to the correct TCP/UDP settings. Something else is going on... Edited December 11, 2004 by Albus Quote Link to comment Share on other sites More sharing options...
linux_learner Posted December 11, 2004 Report Share Posted December 11, 2004 might wanna check your gateway. Â http://www.google.com/search?hl=en&client=...ke+10.1&spell=1 Â http://www.google.com/search?q=pop3+Cannot...n-US%3Aofficial Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 Hm, I read a few entries in the searches you provided and I am not sure that's the problem either for two reasons. Â 1) I do not run a gateway as it were. The router itself is the gateway. It performs all NAT and port forwarding/blocking. Terefore all such services on the machine itself are either not installed or deactivated, such as squid. Â 2) The same scenario works when running a debian stable (woody) installation. Â Could there be another service that might interfere with it's ability to authenticate client? Perhaps a missing library? This is really messing with my head. Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 Just tried from the windows machine using 192.168.1.2 and got this. Â The connection to the server has failed. Account: '192.168.1.2', Server: '192.168.1.2', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: 10060, Error Number: 0x800CCC0E Â Now it's marked to run when xinetd starts, which starts at boot (duh, right :)). So what should I look at now? Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 GETTING THERE! On a whim I set my overall security level from "Higher" to "High". Although this level isn't recommended for servers it does now allow pop3 through. What I don't know is why. If somebody can tell me what changes when you switch from "Higher" to "High", I might be able to use the "Higher" setting and manually change the one item I need to use pop. Quote Link to comment Share on other sites More sharing options...
linux_learner Posted December 11, 2004 Report Share Posted December 11, 2004 ok. set your system to "normal". heres why. it will allow things to work for you from the start. you can then manually tweak your security settings. see my security overview in the faq section in the board. Â when i said gateway, i want refering to hardware. every internet connection has a default gateway. i was suggesting you check that. Â keep at it. keep asking questions. Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 Thanks. This board is kinda big though. Can you link me to that FAQ? Quote Link to comment Share on other sites More sharing options...
linux_learner Posted December 11, 2004 Report Share Posted December 11, 2004 sure. :D http://mandrakeusers.org/index.php?showtopic=13265 Â you'll have greater control, and understand alot more if you do it this way. enjoy :D Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 Thanks. I'll look it over right now. Quote Link to comment Share on other sites More sharing options...
Albus Posted December 11, 2004 Author Report Share Posted December 11, 2004 Alright. let me ask this. While I understand the basic principles described I still don't understand the mechanism. If I knew exactly what changed about the system when choosing one security setting over another, I could adjust things myself. I can setup a debian server in about 30 minutes and have it flawlessly, except that it doesn't support my hardware for use with x, which is why I want to run Mandrake. I have a feeling the secret lies within the use of iptables. When I install debian I seelct 'no' to certain options, like setting up init.d scripts and the like. Am I close? I really don't understand iptable. I'm tempted to run this wide open like the debian server because my router has firewall capabilities and I only need ports 25,53,80, and 110 routed to the box. All else is in stealth mode. Do I really need any firewalling or iptabling on a two machine lan? Note: one machine is windows and neither box needs talk to each other directly so nfs and all that has been stripped. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.