Debian Exim4 SMTP-AUTH stopped working

StackOverflow https://stackoverflow.com/questions/15720443

  •  30-03-2022
  •  | 
  •  

Question

I have a strange problem that recently popped on my Debian Squeeze server.

I've had Exim4 configured to use SMTP-AUTH with encryption setup and running on this box for a long time, but now it doesn't work.

At first I thought it was maybe my certificates expired, but that wasn't the case, they're good for several more years.

It appears that the server isn't listening on port 25 any longer.

If I try to telnet to port 25 it times out.

If I run netstat -tulpen on the server nothing is listening on port 25.

I'm using the splitconf for Exim4.

In conf.d/main I'm enabling MAIN_TLS_ENABLE=true

In conf.d/auth/30_exim4-config_examples I have the following

# Authenticate against local passwords using sasl2-bin
# Requires exim_uid to be a member of sasl group, see README.Debian.gz
plain_saslauthd_server:
   driver = plaintext
   public_name = PLAIN
   server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
   server_set_id = $auth2
   server_prompts = :
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
   .endif
#
 login_saslauthd_server:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   # don't send system passwords over unencrypted connections
   server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}}
   server_set_id = $auth1
   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
   .endif

On the server if I run this command: swaks -a -tls -q HELO -s localhost -au A_USER_NAME -ap '<>'

I get this ... === Trying localhost:25... * Error connecting 0.0.0.0 to localhost:25: * IO::Socket::INET: connect: Connection refused

Can someone point me to some more advanced debugging techniques?

Was it helpful?

Solution

OK. I figured it out.

Comcast blocks port 25. I don't know why this is coming up now, unless they've recently started blocking it.

I had to change a line in /etc/default/exim4

From this

SMTPLISTENEROPTIONS='-oX 25 -oP /var/run/exim4/exim.pid'

To this

SMTPLISTENEROPTIONS='-oX 465:25 -oP /var/run/exim4/exim.pid'

I also added this to /etc/exim4/conf.d/main/03_exim4-config_tlsoptions

tls_on_connect_ports=465

It's odd that this just popped up, unless a Debian package updated the /etc/default/exim4 file. It's confusing, but it's working. Hopefully this will be helpful to someone in the future.

Cheers.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top