telnet on local LAN question
fedora-list at cosiso.nl
Fri Aug 19 05:33:10 UTC 2011
> Part of trying to get mail / mailx running on my Linux boxes to send
> mail to pnewell at cs.cmu.edu involved using telnet as a test. They wanted
> me to use port 587 per their online docs. To get mail to work, I had to
> edit sendmail.mc to understand port 587.
I understand, and using the telnet client is indeed an easy and good
way to check if there is at least connectivity.
What they did not explain was what it actually does. I'll try to explain brief.
IP-connections are all unique. I won't go into every protocol and too
much detail, but just focus on TCP (the protocol your mailserver, and
telnet server and ssh server and many more use).
They are defined by four things.
1. Sender IP-address,
2. Sender port,
3. Receiver IP address,
4. Receiver port.
The sender port will be picked by the sending machine when it starts
building the connection, nothing for us to think about out. The
receiver port, is the one we pick. As you know by now, that is the
number you give on the telnet line. The default port for the telnet
client is 23. Which conveniently is the port a telnet server would be
To get replies, the receiver needs something there to listen and
respond. Many known servers are agreed to be listening on specific
ports. Luckily for us, so we can say: hey, telnet to port 25 to see if
your mail server responds. Or telnet to port 53 to see if your DNS
server actually is there. The ports they are on can be found in the
file /etc/services if you're curious.
As Craig had pointed out, your problem is indeed that the mail server
is only listening on 127.0.0.1. This is only a local interface. You
will find it on every machine (not just Linux, also Windows). It is an
IP that allows the machine to talk to itself and can not be reached by
any other machine. (For some more fun: everything in 127.x.y.z is the
local machine, even if an ifconfig won't list them.)
So, does as Craig suggested, to get the mail server to listen on other
IP's as well. Then verify that with the netstat command again. Once
that is done, you can from the remote do the telnet <server> 25 again
and see if you get the 220 response. After that activate your
firewall, with the line about port 25 in it.
Good luck and I have the feeling you're getting close to having this solved.
More information about the users