Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon5.gif   ELOG and Gmail?, posted by Christopher Lee on Wed Apr 11 17:43:13 2012 
    icon2.gif   Re: ELOG and Gmail?, posted by Stefan Ritt on Thu Apr 12 08:57:51 2012 
       icon2.gif   Re: ELOG and Gmail?, posted by Christopher Lee on Thu Apr 12 14:38:09 2012 
          icon2.gif   Re: ELOG and Gmail?, posted by Christopher Lee on Sat Apr 14 11:10:14 2012 
             icon14.gif   Re: ELOG and Gmail?, posted by Erkcan Ozcan on Fri Jul 3 21:26:32 2015 
Message ID: 67247     Entry time: Thu Apr 12 14:38:09 2012     In reply to: 67246     Reply to this: 67248
Icon: Reply  Author: Christopher Lee  Author Email: chris@chrisandclaire.org 
Category: Question  OS: Linux  ELOG Version: 2435 
Subject: Re: ELOG and Gmail? 

Stefan Ritt wrote:

Christopher Lee wrote:

Firstly, as with some of the others recently, I am a complete newb when it comes to linux, Though I refuse to let that stop me and really want to get this working.

Pretty much I have a situation where I have been asked to install ELOG, though I am unable to use port 25 at all and also need to use GMAIL for the SMTP server?
It is also my undertanding from the documentation that ELOG only sends mail via port 25

So, I have setup iptables to forward everything from port 25 and a GMAIL IP address used in ELOG's global config for the SMTP, to a stunnel that redirects everything to GMAIL on port 465.
While getting that right took me almost two days, and that was with tons of help and more than half of it being spoon fed to me (though I have learnt SO SO MUCH from just that).
I am still unable to get ELOG to send emails, even if does now seem to connect

Below is a copy of the log from last night (I have spent most of the day trying to sort it out further, but I get the same error)

So I guess my question is, Is it possible to use GMAIL, with ELOG, based on my current conditions, and does anyone have any idea what I can do to go on from here, as I doubt I am the first one to head down this road?
 

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

10-Apr-2012 21:45:19 [Chris@1.2.3.4] {logbookA} Email from <chris@server.com> to chris@server.com, SMTP host 173.194.67.108:
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 220 mx.google.com ESMTP XXXXXXXX.XX^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA}
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} EHLO SERVER.COM^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-mx.google.com at your service, [152.106.18.2]^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-SIZE 35882577^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-8BITMIME^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-AUTH LOGIN PLAIN XOAUTH^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250 ENHANCEDSTATUSCODES^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} AUTH LOGIN^M
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Username:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} username@gmail.com
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Password:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} MYXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} 501 5.5.2 Cannot Decode response fl2sm792152wib.2

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Right now I am pretty stuck, and any advice would be greatly appreciated on how to move forward.

Thanks in Advance
 

As far as I know GMAIL requires SSL for its SMTP connection, which ELOG does not (yet) support. But you can set up your own SMTP server easily. Should be easier than your iptables work.  

 

It does require SSL, though thats where stunnel came in.(Thanks to Sergio for all the help and getting me that far, as well as with all the iptable help :D) .

I was however finally able to get it working just a few minutes ago using GMAIL as the SMTP.

I was able to telnet into smtp.gmail.com over the stunnel, and when I repeated the process that elog goes through from information that I grabbed with TCPdump, everthing would work, until it got to the password that ELOG sends and that was created using : /usr/local/sbin/elogd -t password -c /usr/local/elog/elogd.cfg. When I tried to decode the password, it also gave me errors.

I encoded the password myself, and when I changed the one in [global] to match the one I created instead, ELOG was able to connect and send mail (What I still dont understand is that when I encode my own username to use on telnet, it fails, but the one I got from the tcpdump from elog works.. so its a mixture of the ELOG encoded username, and my own encoded password).

I dont know if it would help if I type up the rest of what we did to get it working here for anyone else for future reference. It does require iptables and stunnel to be installed. Though its a single entry into iptables, and small addition to stunnel.conf once they are running.

ELOG V3.1.5-fe60aaf