I have installed a WordPress website on my Google Cloud Compute Engine, but I am not able to send mail. So after searching the internet discovered Sendmail.
Installed and configured the latest version by:
$ sudo apt-get update
$ sudo apt-get install sendmail
Ran the sendemail config, answered "yes" to everything:
$ sudo sendmailconfig
Edited the 127.0.0.1 localhost instance-1 line (instance-1 is my Google cloud instance):
$ sudo vim /etc/hosts # changed
Restart Apache:
sudo service apache2 restart
When I run the command below in my terminal, nothing happens, and I am not be able to run commands anymore. So it looks like the process is not ending.
$ sendmail example#email.com
The output of $ date | sendmail -v example#email.com returns:
example#email.com... Connecting to [127.0.0.1] via relay...
220 instance-1.c.myproject.internal ESMTP Sendmail 8.14.4/8.14.4/Debian-8; Wed, 24 Aug 2016 09:42:18 GMT; (No UCE/UBE) logging access from: localhost(OK)-localhost [127.0.0.1]
>>> EHLO instance-1.c.myproject.internal
250-instance-1.c.myproject.internal Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<info#instance-1.c.myproject.internal> SIZE=29
250 2.1.0 <info#instance-1.c.myproject.internal>... Sender ok
>>> RCPT To:<example#email.com>
>>> DATA
250 2.1.5 <example#email.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
My log file /var/log/mail.log show al lot of these kind of lines:
Aug 25 07:56:02 instance-1 sm-mta[19958]: u7OCN1Wu013988: to=<example#email.com>, delay=19:33:01, xdelay=00:10:36, mailer=esmtp, pri=5340422, relay=alt4.gmail-smtp-in.l.google.com. [173.194.72.27], dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.
Aug 25 07:56:02 instance-1 sm-mta[19958]: u7OC9iDu013870: to=<example#email.com>, delay=19:46:18, xdelay=00:00:00, mailer=esmtp, pri=10560423, relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.
Aug 25 07:56:02 instance-1 sm-mta[19958]: u7OBliSC013710: to=<example#email.com>, delay=20:08:18, xdelay=00:00:00, mailer=esmtp, pri=10740386, relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.
Aug 25 07:56:02 instance-1 sm-mta[19958]: u7O94ubM013110: to=<example#email.com>, delay=22:51:06, xdelay=00:00:00, mailer=esmtp, pri=11460376, relay=alt4.gmail-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.
You cannot send mail from Google Compute Engine, Google blocks all outgoing traffic on 25.
You will have to use a third party like Sendgrid to send mail.
Yes, it could be possible to send email from the instance, everything is explained in this tutorial.
By default, Compute Engine allows outbound connections on all ports except port 25, which is blocked because of the risk of abuse. All other ports are open, including ports 587, and 465.
It's not possible to send email directly from your GCE VM.
Please have a look at the documentation Always blocked traffic:
Egress traffic to TCP destination port 25 (SMTP)
also at the Using standard email ports:
Due to the risk of abuse, connections to destination TCP Port 25 are always blocked when the destination is external to your VPC network. This includes using SMTP relay with Google Workspace.
Accordingly to the Wikipedia article Simple Mail Transfer Protocol:
Since SMTP's introduction in 1981, it was updated, modified and
extended multiple times. The protocol version in common use today has
extensible structure with various extensions for authentication,
encryption, binary data transfer, internationalized email addresses.
SMTP servers commonly use the Transmission Control Protocol on port
number 25.
This was first decided back in 1982 with RFC 821, Appendix A and has been this way ever since. At the RFC5321 you can see:
4.5.4.2. Receiving Strategy
The SMTP server SHOULD attempt to keep a pending listen on the SMTP
port (specified by IANA as port 25) at all times.
What does that mean? You cannot simply change the port, because there is no mechanism for other SMTP servers to know you are using a non-standard port, and you cannot either send to other servers using any other port.
Is there a way to send emails from the GCE VM?
Yes, let's get back to the documentation Using standard email ports:
Google Cloud does not place any restrictions on traffic sent to external destination IP addresses using destination TCP ports 587 or 465.
The ports 587 and 465 are available for SMTP Message Submission (RFC6409). This means you can use an external mail relay (your own or 3rd party) for authenticated SMTP, and this server handles delivery to other mail systems on port 25. For example, you can use these 3rd party services: SendGrid, Mailgun, or Mailjet. Also, you can relay your mails via Google Workspace or just use Google Workspace.
I built a server, with TCP socket. I have a client using telnet connected to the server. Once the connection is active, the server will send data to the client.
The problem is that the client will send some commands to the server randomly and automatically, such as:
IAC WONT 64 --- FF FC 40
IAC DONT 64 --- FF FE 40
IAC DO 00 --- FF FD 00
Telnet Command list
My questions:
1. Why will the telnet client send out message to server by itself?
2. What is the meaning of those commands, I cannot find the meaning of 0x40 and 0x00?
00 is "binary transmission" meaning that it's an 8-bit connection. 40 is not something that is standardized but whatever it is, the client doesn't want to do it.
Either side of a "telnet" connection can send configuration negotiation options upon establishing the connection (or, though rarely, any time during the session) though typically the client defaults to a "raw socket" until it starts receiving codes from the server so that the program can be used to connect to other, non-telnet ports as well.
You didn't specify what OS you're using but there may be options to telnet that prevent initial option negotiation.
I'd like to figure out the value of 'keepalive_requests' for a given 'Nginx' or 'Apache' server from the client side. The default for 'Nginx' is 100 (http://nginx.org/en/docs/http/ngx_http_core_module.html) but I'd like to analyse this for www.example.com where I don't have access to the config.
Obviously I could start a Wireshark and do it manually. I was hoping on some sort of easy shell (e.g. 'wget' like) command.
From client side, I use ab test, wireshark, and an editor like notepad++ to count number of http requests in a socket.
First I use apache ab test to send request, something as bellow:
ab -n 100 -c 100 http://www.example.com/index.php
Before execution, start my wireshark, and set the display filter:
ip.dst == && tcp.port == 80 && !http && tcp.flags.fin==1
After the ab test finished, the result list of wireshark shows the total sockets used during the requests. Right click one packet, and click follow TCP stream, the opened windows shows all the message send and receive in this socket.
If the last FIN direction was sent by remote nginx server, which was influenced by the value of keepalive_requests. We can copy the all requests in this TCP connection into the notepad++, search for the key word and then count the requests in this socket. the number presents the value of keepalive_requests setting in the remote nginx server.
BTW, I wish a better solution, my solution is not so good.
I have installed
CollabNet Subversion Edge 2.2.0 (for Windows 64 bit) on Computer A(192.168.1.aaa) on LAN.
and try to access on Computer B(192.168.1.bbb) on same LAN by the url : http://192.168.1.aaa/svn/ giving me the timed-out problem.
But on Computer A I can access the the urls : http://192.168.1.aaa/svn/ and localhost/svn correctly.
Could somebody please help in configuring the server settings for remote clients.?
Are you able to checkout a working copy on Computer "A" using http://192.168.1.aaa/svn? If that's the case, you know that Subversion is up and running, and Apache is up and running.
This looks like a network issue. Try pinging Computer "A" from Computer "B":
C:> ping 192.168.1.aaa
PING 192.169.1.aaa (192.169.1.aaa): 56 data bytes
64 bytes from 192.168.1.aaa: icmp_seq=0 ttl=52 time=19.476 ms
64 bytes from 192.168.1.aaa: icmp_seq=0 ttl=52 time=19.476 ms
64 bytes from 192.168.1.aaa: icmp_seq=0 ttl=52 time=19.476 ms
64 bytes from 192.168.1.aaa: icmp_seq=0 ttl=52 time=19.476 ms
This will let you know if your network is making Computer "A" visible from Computer "B". If you're getting this:
C:> ping 192.168.1.aaa
PING 192.169.1.aaa (192.169.1.aaa): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
You know that the network between Computer "A" and Computer "B" is being blocked.
If you can ping Computer "A" from Computer "B", see if you can connect from Computer "B" to Computer "B" on Port 80. This is the standard HTTP port. Some companies block it for a variety of reasons. You can try this command:
C:> $ telnet 192.168.1.aaa 80
Trying 192.168.1.aaa...
Connected to 192.168.1.aaa.
Escape character is '^]'.
If you don't get the Connected to 192.168.1.aaa response, you know that port 80 is being blocked. In this case, you'll need to talk to your IT department about reconfiguring your network in order not to block Port 80. on machine 192.168.1.aaa.
I want to setup a reverse udp tunnel, because I need to connect to my openvpn server from remote and the openvpn server is behind a NAT. For this I use socat and ssh. The tcp tunnel command:
socat exec:"ssh removeserver \"socat tcp-listen:10000,fork -\"" tcp-connect:localhost:22
does work correctly and I'm then able to buildup a ssh connection to remoteserver:10000.
But when I want to do the same with udp:
socat exec:"ssh removeserver \"socat udp-listen:10000,fork -\"" udp-connect:localhost:1194
and then try to buildup the openvpn connection, I get the following error:
2011/12/23 13:27:43 socat[28241] E read(3, 0x80c3b08, 8192): Connection refused
The tunnel at first seems to work, becaues both logfiles (server and client) have entries for the connection attempt. But the connection can't be established.
I have just tried this and I believe the reason it fails is because the ssh part of the tunnel doesn't preserve the UDP datagram sizes. Ie. a 14 byte datagram and a 22 byte datagram get combined on the other end into a 26 byte datagram. Openvpn doesn't work in this scenario.
I have had proof-of-concept success with a similar construct as this, but where there is a program which reads the UDP datagrams and turns them into tcp stream with 16-bit length prefixes (i.e. a stream of length,bytes,length,bytes etc) and obviously does the reverse as well.
With this I was able to tunnel openvpn .