ELOG and Gmail?, posted by Christopher Lee on Wed Apr 11 17:43:13 2012
|
Firstly, as with some of the others recently, I am a complete newb when it comes to linux, Though I refuse to let that stop me and really want to get this working.
Pretty much I have a situation where I have been asked to install ELOG, though I am unable to use port 25 at all and also need to use GMAIL for the SMTP server?
It is also my undertanding from the documentation that ELOG only sends mail via port 25
So, I have setup iptables to forward everything from port 25 and a GMAIL IP address used in ELOG's global config for the SMTP, to a stunnel that redirects everything to GMAIL on port 465.
While getting that right took me almost two days, and that was with tons of help and more than half of it being spoon fed to me (though I have learnt SO SO MUCH from just that).
I am still unable to get ELOG to send emails, even if does now seem to connect
Below is a copy of the log from last night (I have spent most of the day trying to sort it out further, but I get the same error)
So I guess my question is, Is it possible to use GMAIL, with ELOG, based on my current conditions, and does anyone have any idea what I can do to go on from here, as I doubt I am the first one to head down this road?
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
10-Apr-2012 21:45:19 [Chris@1.2.3.4] {logbookA} Email from <chris@server.com> to chris@server.com, SMTP host 173.194.67.108:
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 220 mx.google.com ESMTP XXXXXXXX.XX^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA}
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} EHLO SERVER.COM^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-mx.google.com at your service, [152.106.18.2]^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-SIZE 35882577^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-8BITMIME^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-AUTH LOGIN PLAIN XOAUTH^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250 ENHANCEDSTATUSCODES^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} AUTH LOGIN^M
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Username:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} username@gmail.com
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Password:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} MYXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} 501 5.5.2 Cannot Decode response fl2sm792152wib.2
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Right now I am pretty stuck, and any advice would be greatly appreciated on how to move forward.
Thanks in Advance
|
Re: ELOG and Gmail?, posted by Christopher Lee on Thu Apr 12 14:38:09 2012
|
| Stefan Ritt wrote: |
|
| Christopher Lee wrote: |
|
Firstly, as with some of the others recently, I am a complete newb when it comes to linux, Though I refuse to let that stop me and really want to get this working.
Pretty much I have a situation where I have been asked to install ELOG, though I am unable to use port 25 at all and also need to use GMAIL for the SMTP server?
It is also my undertanding from the documentation that ELOG only sends mail via port 25
So, I have setup iptables to forward everything from port 25 and a GMAIL IP address used in ELOG's global config for the SMTP, to a stunnel that redirects everything to GMAIL on port 465.
While getting that right took me almost two days, and that was with tons of help and more than half of it being spoon fed to me (though I have learnt SO SO MUCH from just that).
I am still unable to get ELOG to send emails, even if does now seem to connect
Below is a copy of the log from last night (I have spent most of the day trying to sort it out further, but I get the same error)
So I guess my question is, Is it possible to use GMAIL, with ELOG, based on my current conditions, and does anyone have any idea what I can do to go on from here, as I doubt I am the first one to head down this road?
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
10-Apr-2012 21:45:19 [Chris@1.2.3.4] {logbookA} Email from <chris@server.com> to chris@server.com, SMTP host 173.194.67.108:
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 220 mx.google.com ESMTP XXXXXXXX.XX^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA}
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} EHLO SERVER.COM^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-mx.google.com at your service, [152.106.18.2]^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-SIZE 35882577^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-8BITMIME^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250-AUTH LOGIN PLAIN XOAUTH^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} 250 ENHANCEDSTATUSCODES^M
10-Apr-2012 21:45:20 [Chris@1.2.3.4] {logbookA} AUTH LOGIN^M
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Username:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} username@gmail.com
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} Password:
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} MYXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
10-Apr-2012 21:45:21 [Chris@1.2.3.4] {logbookA} 501 5.5.2 Cannot Decode response fl2sm792152wib.2
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Right now I am pretty stuck, and any advice would be greatly appreciated on how to move forward.
Thanks in Advance
|
As far as I know GMAIL requires SSL for its SMTP connection, which ELOG does not (yet) support. But you can set up your own SMTP server easily. Should be easier than your iptables work.
|
It does require SSL, though thats where stunnel came in.(Thanks to Sergio for all the help and getting me that far, as well as with all the iptable help :D) .
I was however finally able to get it working just a few minutes ago using GMAIL as the SMTP.
I was able to telnet into smtp.gmail.com over the stunnel, and when I repeated the process that elog goes through from information that I grabbed with TCPdump, everthing would work, until it got to the password that ELOG sends and that was created using : /usr/local/sbin/elogd -t password -c /usr/local/elog/elogd.cfg. When I tried to decode the password, it also gave me errors.
I encoded the password myself, and when I changed the one in [global] to match the one I created instead, ELOG was able to connect and send mail (What I still dont understand is that when I encode my own username to use on telnet, it fails, but the one I got from the tcpdump from elog works.. so its a mixture of the ELOG encoded username, and my own encoded password).
I dont know if it would help if I type up the rest of what we did to get it working here for anyone else for future reference. It does require iptables and stunnel to be installed. Though its a single entry into iptables, and small addition to stunnel.conf once they are running. |
|
Re: ELOG and Gmail?, posted by Christopher Lee on Sat Apr 14 11:10:14 2012
|
To get it to work required a working installation of IPTABLES and STUNNEL
First is to add the following details into elogd.cfg
| /usr/local/elog/elogd.cfg wrote: | SMTP username = username@gmail.com
SMTP host = 173.194.67.108
SMTP Password = |
This SMTP IP address is a virtual host from Googles SMTP, Any IP Address could technically be used.
Next is to redirect all traffic to port 25 and the above IP address, to STUNNEL.
| Quote: | | sudo iptables -t nat -A OUTPUT -p tcp -d 173.194.67.16 -dport 25 -j DNAT --to 127.0.0.1:10555 |
You can select any port other than 10555 if required. Next you need to modify the STUNNEL config file and add the following.
| /etc/stunnel/stunnel.conf wrote: | [elogssl]
client = yes
accept = 10555
connect = smtp.gmail.com:465 |
Last was the password. For some reason sudo /usr/local/sbin/elogd -t <password> -c /usr/local/elog/elogd.cfg created a password that was unreadable by google.
To recreate your own run the following command:
| Quote: | | perl -MMIME::Base64 -e 'print encode_base64("\000not.my.re\@l.password")' |
Replace "\000not.my.re\@l.password" with the GMAIL password, remember to escape with a \ any @ signs you might have.
Copy the output and add that into the elogd.cfg file in the SMTP Password syntax.
kill the STUNNEL PID if it is running and restart it to to load the new details, also remember to save your IPTABLES for next reboot
And that should be it, so now ELOG uses a port other than 25, and also redirects via SSL to a SMTP like GMAIL. |
Forgot Password, posted by Christopher Lee on Mon Apr 16 11:10:07 2012 
|
We seem to have a problem with retrieving user passwords using the forgot password system
This only happens when trying to use the password recovery from the first screen that forces people to log in with the following syntax:
Protect selection page = 1
Password file = XXXXX
On the first page of our elog which can be found at
http://physics.uj.ac.za/elog/
Now currently there is one page that is viewable by guests, so going to this direct link, bypasses the login at the main page
If you try login from this page, and then use the forgot password link, the email that gets sent through will then work.
The first email that gets sent through using the main login page has the following link:
https://physics.uj.ac.za/elog/?redir=%3Fcmd%3DChange+password%26oldpwd%3DYJAATGHSIRRSBLLP&uname=Tester&upassword=YJAATGHSIRRSBLLP
When clicking on the above link normally, it takes you to a NULL user
The email link that gets sent from the guest page, that works, looks like this:
https://physics.uj.ac.za/elog/General/?redir=%3Fcmd%3DChange+password%26oldpwd%3DSACWEHJWWHKEXLMO&uname=Tester&upassword=SACWEHJWWHKEXLMO
Attached is a copy of the cfg file. The last few logbooks are all actually just copies of TEMPLATE A, so I have removed all their details to make the file easier to read for now
|
Re: Forgot Password, posted by Christopher Lee on Tue May 1 09:20:00 2012
|
| Stefan Ritt wrote: |
|
| Christopher Lee wrote: |
|
We seem to have a problem with retrieving user passwords using the forgot password system
|
Thanks for reporting that bug. With the help of your config file I finally could reproduce and fix it. The fix is contained in SVN revision 2462.
|
Thanks mate.. Glad to know it wasn't just me going insane? I'll keep an eye out for the new file |
SSL, posted by Chris Smyth on Thu Aug 4 14:28:18 2016
|
How do I enable SSL with port 443 in version ELOG V2.7.8-2294 and rename from localhost?
Server is running Windows 2008
We got http://servername:8080 to work and on the network just fine..
but everytime we try to change the port to 443 in global we cant get anything with https:// working
port = 443
ssl = 1
url = https://servername
how do you customize the elog.exe or elogd for windows enviorment to listen on port 443 with specific hostname. please give an example.
Thanks...
|
|
Re: Sample of actual elog Config with URL in SSL, posted by Chris Smyth on Thu Aug 4 16:40:14 2016
|
how do I compile elogd with USE_SSL=1?
| Andreas Luedeke wrote: |
|
You normally don't need to specify "URL = xxx" at all. It is only needed if you work with a Proxy that changes the normal ELOG URL. And yes, you'll need "Port = 433" and "SSL =1".
And elogd must be compiled with USE_SSL=1, maybe that's your problem?
In addition you should buy a valid SSL certificate. Otherwise every user needs to acknowledge an exception for your invalid SSL certificate.
Cheers, Andreas
| Dawang wrote: |
|
HI Guys,
Can you please give me an idea how will I write in the config. I want my elog will be accessed via internet. Though there's a tutorial / guideline, I need an actual config file for me to easily grasp how the URL = xxx should be write. Do my port should be Port = 433 and SSL=1?
Thanks,
Raymund
|
|
|
|
Re: Sample of actual elog Config with URL in SSL, posted by Chris Smyth on Tue Aug 9 04:23:07 2016
|
By the Makefile i belive you are refering to the elogd.cfg? if not what file do I have use?
I have added
port = 443
ssl = 1
Without sucess.
I then tried
port = 443
use_ssl = 1
still no sucess.
I cant find any file that has "#USE_SSL =1" that I can uncomment. I am using an older version of ELOG (ELOG278-2) reading all the documentation I cant seem to figure it out.
I also configured elogd to listen on port 443
Opened a CMD window and entered >elogd -p 443
Says listening on port 443 but still not working.
On the most curent version of ELOG 3.1.0 I just modify the elogd.cfg added ssl = 1 and change the port to 443 and everthing works as advertised. I do the same on this version and I cant get it working. I could really use some help. Thanks for the fast response.
| Andreas Luedeke wrote: |
|
Very easy: uncomment the line USE_SSL=1 in the Makefile and then compile.
You'll need of course a gcc compiler on your Windows system, a makefile environment, SSL libraries, etc.. If you don't have that: ask you local administrator.
Cheers, Andreas
| |
|
how do I compile elogd with USE_SSL=1?
| Andreas Luedeke wrote: |
|
You normally don't need to specify "URL = xxx" at all. It is only needed if you work with a Proxy that changes the normal ELOG URL. And yes, you'll need "Port = 433" and "SSL =1".
And elogd must be compiled with USE_SSL=1, maybe that's your problem?
In addition you should buy a valid SSL certificate. Otherwise every user needs to acknowledge an exception for your invalid SSL certificate.
Cheers, Andreas
| Dawang wrote: |
|
HI Guys,
Can you please give me an idea how will I write in the config. I want my elog will be accessed via internet. Though there's a tutorial / guideline, I need an actual config file for me to easily grasp how the URL = xxx should be write. Do my port should be Port = 433 and SSL=1?
Thanks,
Raymund
|
|
|
|
|
|