Skip to Content.
Sympa Menu

cacert-de - Re: SMTP on

Subject: Deutschsprachige CAcert Support Liste

List archive

Re: SMTP on

Chronological Thread 
  • From: Bernhard Fröhlich <bernhard AT>
  • To: cacert-de AT, Wytze van der Raay <wytze AT>, dirk astrath <dastrath AT>
  • Cc: dirk astrath <dirk AT>, "critical-admin AT" <critical-admin AT>
  • Subject: Re: SMTP on
  • Date: Thu, 24 Jan 2019 20:11:42 +0100

Hi Wytze,

it looks like we are both somewhat wrong...

I made a test and noticed that on the command "netcat 25" returns "220 ESMTP Postfix (Debian/GNU)", which is a bit strange, because I'd expect "220 ESMTP". At least that's what I get when I try it at home...

So you are right that the firewall does not block SMTP, but it seems do redirect the connection to the local mailserver. Alas I'm right that this poses a problem when testing the bugfix. :-)

For the secure ports (587 and 465) the connection times out, so I guess that they indeed are blocked.

Or do I overlook something else?

Kind regards

P.S.: I already found out the really clever setup of postfix, but I did not know that it was Mario's doing...

Am 24.01.2019 um 12:05 schrieb Wytze van der Raay:

Hi Ted,

On 1/24/19 10:17 AM, Bernhard Fröhlich wrote:
The second problem is that it looks like is not allowed to
open SMTP connections into the internet by the firewall. While I consider this
very sensible under normal circumstances, it obviously prevents testing of
this bugfix.

Jan, I guess you could change the firewall. Is there an option to temporarily
allow SMTP connections? Something like a web interface where you can allow the
"pass" rule for 4 hours or so?
Or am I wrong, and is this not a firewall problem at all?
You are wrong indeed. The firewall does allow outgoing SMTP connections
from, so the email address verification procedure in the
CAcert application is fully testable with this server. You are probably
misled by the fact that the test server is configured to not actually send
out e-mail into the live internet, but instead collects all such e-mail
in a local mailnbox /var/mail/cacertmail, which can be inspected via the
test manager. This is a clever design (thanks to Mario Lipinski I think)
that gives us the best of two worlds.

-- wytze

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Archive powered by MHonArc 2.6.18.

Top of Page