Page 2 of 2
Re: Non root user using telnet refused
Posted: 2019/04/26 04:51:38
by rezashamdani
is it possible that on centos7 a non root user cannot using the port 25 ?
i don't have the issue with centos6, the iptables setup already the same..
Re: Non root user using telnet refused
Posted: 2019/04/26 18:10:12
by aks
is it possible that on centos7 a non root user cannot using the port 25 ?
No, not at all. A non root user can connect to port 25.
$ telnet smtp.mail.yahoo.com 25
Trying 188.125.73.26...
Connected to smtp.mail.yahoo.com.
Escape character is '^]'.
220 smtp.mail.yahoo.com ESMTP ready
^]
telnet> cl
Connection closed.
Re: Non root user using telnet refused
Posted: 2019/04/29 02:29:41
by rezashamdani
can i just flush my iptables rules, and then try to connect again?
perhaps the rules was holding back the non root account.
Re: Non root user using telnet refused
Posted: 2019/04/29 11:44:45
by TrevorH
Did you check that company.mail.protection.outlook.com resolves to the ip address that you have listed in your iptables rules? When I check ours it resolves to at least 2 separate ip addresses so 50% of the time your rules would fail.
Re: Non root user using telnet refused
Posted: 2019/04/30 02:05:32
by rezashamdani
with or without the iptables, the root account can use the port 25 successfully, yet the non root account is failed stated that it was refused.
Re: Non root user using telnet refused
Posted: 2019/04/30 18:49:12
by aks
I'm beginning to suspect that you don't have "proper" CentOS installed.
So are you running cpanel or something like that (it has already been suggested, but you don't say either way)?
Assuming it is "real" CentOS, then you've done something, which is really bad. Traditionally only root can open the "privileged" port (TCP below 1024), as a listener. Anybody can connect to the "privileged" port.
Assuming it is "real" CentOS, what happens when (as the non root user) you do:
strace -f telnet <domain> 25
as in:
strace -f telnet smtp.mail.yahoo.com 25
?
Re: Non root user using telnet refused
Posted: 2019/05/01 02:21:13
by rezashamdani
here it is
Code: Select all
....
close(3) = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f787dac8000
write(1, "Trying XXX.XX.XXX.XX...\r\n", 25Trying XXX.XX.XXX.XX...
) = 25
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_IP, IP_TOS, [16], 4) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(25), sin_addr=inet_addr("XXX.XX.XXX.XX")}, 16) = -1 ECONNREFUSED (Connection refused)
write(2, "telnet: connect to address XXX.X"..., 61telnet: connect to address XXX.XX.XXX.XX: Connection refused
) = 61
close(3) = 0
write(1, "Trying XXX.XX.XXX.XY...\r\n", 25Trying XXX.XX.XXX.XY...
) = 25
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_IP, IP_TOS, [16], 4) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(25), sin_addr=inet_addr("XXX.XX.XXX.XY")}, 16) = -1 ECONNREFUSED (Connection refused)
write(2, "telnet: connect to address XXX.XX"..., 61telnet: connect to address XXX.XX.XXX.XY: Connection refused
) = 61
close(3) = 0
exit_group(1) = ?
+++ exited with 1 +++
Re: Non root user using telnet refused
Posted: 2019/05/01 19:16:11
by aks
So are you running cpanel or something like that?