I'm trying to set up dovecot on a fresh installation of Fedora 16. This is an obvious problem:
$ telnet rail 143 Trying 10.0.0.21... telnet: connect to address 10.0.0.21: Connection refused
localhost works:
$ telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
After first trying to permit traffic on port 143 in the firewall configuration, I've now disabled it altogether:
$ systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/lib/systemd/system/iptables.service; disabled) Active: inactive (dead) start condition failed at Sat, 27 Mar 1999 03:25:13 -0500; 13 years and 0 months ago CGroup: name=systemd:/system/iptables.service $ systemctl status ip6tables.service ip6tables.service - IPv6 firewall with ip6tables Loaded: loaded (/lib/systemd/system/ip6tables.service; disabled) Active: inactive (dead) start condition failed at Sat, 27 Mar 1999 03:25:13 -0500; 13 years and 0 months ago CGroup: name=systemd:/system/ip6tables.service
? yet I still get "connection refused" as above.
If not the firewall, what's the culprit here?
On 03/27/2012 04:52 PM, Braden McDaniel wrote:
I'm trying to set up dovecot on a fresh installation of Fedora 16. This is an obvious problem:
$ telnet rail 143 Trying 10.0.0.21... telnet: connect to address 10.0.0.21: Connection refused
localhost works:
$ telnet localhost 143 Trying ::1... Connected to localhost. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
After first trying to permit traffic on port 143 in the firewall configuration, I've now disabled it altogether:
$ systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/lib/systemd/system/iptables.service; disabled) Active: inactive (dead) start condition failed at Sat, 27 Mar 1999 03:25:13 -0500; 13 years and 0 months ago CGroup: name=systemd:/system/iptables.service $ systemctl status ip6tables.service ip6tables.service - IPv6 firewall with ip6tables Loaded: loaded (/lib/systemd/system/ip6tables.service; disabled) Active: inactive (dead) start condition failed at Sat, 27 Mar 1999 03:25:13 -0500; 13 years and 0 months ago CGroup: name=systemd:/system/ip6tables.service
? yet I still get "connection refused" as above.
If not the firewall, what's the culprit here?
I've not set up dovecot.... But, at times default configuration for some services bind only to the localhost. The default configuration for sendmail is an example....
What do you get when from "netstat -nap | grep 143"?
Quoting Ed Greshko Ed.Greshko@greshko.com:
What do you get when from "netstat -nap | grep 143"?
# netstat -nap | grep 143 tcp 0 0 127.0.0.1:143 0.0.0.0:* LISTEN 1055/dovecot tcp 0 0 ::1:143 :::* LISTEN 1055/dovecot
[and some irrelevant stuff that happened to have "143" in it]
Assuming this confirms your suspicion, what do I need to do to fix it?
On 03/27/2012 05:12 PM, Braden McDaniel wrote:
Quoting Ed Greshko Ed.Greshko@greshko.com:
What do you get when from "netstat -nap | grep 143"?
# netstat -nap | grep 143 tcp 0 0 127.0.0.1:143 0.0.0.0:* LISTEN 1055/dovecot tcp 0 0 ::1:143 :::* LISTEN 1055/dovecot
[and some irrelevant stuff that happened to have "143" in it]
Assuming this confirms your suspicion, what do I need to do to fix it?
Yes, that confirms my suspicion.....
Took me a bit, had to research....
Edit /etc/dovecot/conf.d/10-master.conf and comment the lines like so....
#address = localhost # allow plain imap only on localhost
Do that for all the protocols you want to enable on an external interface...
On Tuesday 27 March 2012 02:42 PM, Braden McDaniel wrote:
Quoting Ed Greshko Ed.Greshko@greshko.com:
What do you get when from "netstat -nap | grep 143"?
# netstat -nap | grep 143 tcp 0 0 127.0.0.1:143 0.0.0.0:* LISTEN 1055/dovecot tcp 0 0 ::1:143 :::* LISTEN 1055/dovecot
[and some irrelevant stuff that happened to have "143" in it]
Assuming this confirms your suspicion, what do I need to do to fix it?
dovecot is only listening on 127.0.0.1 ,
check the config file
Quoting Ed Greshko Ed.Greshko@greshko.com:
On 03/27/2012 05:12 PM, Braden McDaniel wrote:
Quoting Ed Greshko Ed.Greshko@greshko.com:
What do you get when from "netstat -nap | grep 143"?
# netstat -nap | grep 143 tcp 0 0 127.0.0.1:143 0.0.0.0:* LISTEN 1055/dovecot tcp 0 0 ::1:143 :::* LISTEN 1055/dovecot
[and some irrelevant stuff that happened to have "143" in it]
Assuming this confirms your suspicion, what do I need to do to fix it?
Yes, that confirms my suspicion.....
Took me a bit, had to research....
Edit /etc/dovecot/conf.d/10-master.conf and comment the lines like so....
#address = localhost # allow plain imap only on localhost
Do that for all the protocols you want to enable on an external interface...
That's it alright. Thank you!
Ed Greshko wrote:
Edit /etc/dovecot/conf.d/10-master.conf and comment the lines like so....
#address = localhost # allow plain imap only on localhost
Do that for all the protocols you want to enable on an external interface...
A better idea would be to put that line into a /etc/dovecot/conf.d/local.conf file and leave 10-master.conf alone. The local.conf file, since it sorts after 10-master, will over-ride the settings in 10-master.conf.
This will leave the RPM-packaged 10-master.conf file alone, so you can upgrade Dovecot without having to merge your modifications into the .rpmnew file.
Hope this helps,
James.
On 03/28/2012 04:13 AM, James Wilkinson wrote:
Ed Greshko wrote:
Edit /etc/dovecot/conf.d/10-master.conf and comment the lines like so....
#address = localhost # allow plain imap only on localhost
Do that for all the protocols you want to enable on an external interface...
A better idea would be to put that line into a /etc/dovecot/conf.d/local.conf file and leave 10-master.conf alone. The local.conf file, since it sorts after 10-master, will over-ride the settings in 10-master.conf.
This will leave the RPM-packaged 10-master.conf file alone, so you can upgrade Dovecot without having to merge your modifications into the .rpmnew file.
Hope this helps,
Very good point....
As I mentioned, I've never set up dovecot.
On 03/28/2012 04:13 AM, James Wilkinson wrote:
A better idea would be to put that line into a /etc/dovecot/conf.d/local.conf file and leave 10-master.conf alone. The local.conf file, since it sorts after 10-master, will over-ride the settings in 10-master.conf.
This will leave the RPM-packaged 10-master.conf file alone, so you can upgrade Dovecot without having to merge your modifications into the .rpmnew file.
Hope this helps,
Well, FWIW, I could not get your suggestion to work. Have you done this? Do you have a local.conf that works for you?
Thanks.....
Ed Greshko wrote:
On 03/27/2012 05:12 PM, Braden McDaniel wrote:
Quoting Ed GreshkoEd.Greshko@greshko.com:
What do you get when from "netstat -nap | grep 143"?
# netstat -nap | grep 143 tcp 0 0 127.0.0.1:143 0.0.0.0:* LISTEN 1055/dovecot tcp 0 0 ::1:143 :::* LISTEN 1055/dovecot
[and some irrelevant stuff that happened to have "143" in it]
Assuming this confirms your suspicion, what do I need to do to fix it?
Yes, that confirms my suspicion.....
Took me a bit, had to research....
Edit /etc/dovecot/conf.d/10-master.conf and comment the lines like so....
#address = localhost # allow plain imap only on localhostDo that for all the protocols you want to enable on an external interface...
I think I remember opening the firewall as well, I needed to allow nfs and I'm pretty sure I recall allowing pop3s and imap from external.
If you are running sendmail you will have to tell it to accept from external as well. The file is in /etc/mail, edit sendmail.cf to remove the loopback only assignment, then make the new config and restart sendmail.
I suggested:
A better idea would be to put that line into a /etc/dovecot/conf.d/local.conf file and leave 10-master.conf alone. The local.conf file, since it sorts after 10-master, will over-ride the settings in 10-master.conf.
This will leave the RPM-packaged 10-master.conf file alone, so you can upgrade Dovecot without having to merge your modifications into the .rpmnew file.
Ed Greshko wrote:
Well, FWIW, I could not get your suggestion to work. Have you done this? Do you have a local.conf that works for you?
OK: it might take a bit more context than that (sorry).
Try service imap-login { inet_listener imap { address = } }
Hope this helps,
James.
James Wilkinson wrote:
Ed Greshko wrote:
Edit /etc/dovecot/conf.d/10-master.conf and comment the lines like so....
#address = localhost # allow plain imap only on localhostDo that for all the protocols you want to enable on an external interface...
A better idea would be to put that line into a /etc/dovecot/conf.d/local.conf file and leave 10-master.conf alone. The local.conf file, since it sorts after 10-master, will over-ride the settings in 10-master.conf.
This will leave the RPM-packaged 10-master.conf file alone, so you can upgrade Dovecot without having to merge your modifications into the .rpmnew file.
Hope this helps,
It's definitely the better way to go from a maintenance standpoint, thank you. (yes, I hacked the master, too).
-
Bill Davidsen -
Braden McDaniel -
Ed Greshko -
James Wilkinson -
Jatin K