Tuesday, July 16, 2013

MAIL EXPN VRFY ETRN



sendmail ERROR "did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA"


We had to investigate problems relaying mail from a certain IP. Looking through the MTA logs, we see:



Jul 16 15:40:29 gate sendmail[30309]: r6GCcjKJ030309: spamfilter2.starnet.md [178.168.2.134] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 15:57:11 gate sendmail[30913]: r6GCtSW0030913: spamfilter2.starnet.md [178.168.2.134] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:17:12 gate sendmail[31567]: r6GDFTme031567: spamfilter2.starnet.md [178.168.2.134] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:18:16 gate sendmail[31617]: r6GDGVie031617: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:22:57 gate sendmail[31786]: r6GDLEbe031786: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 16:50:59 gate sendmail[32740]: r6GDnIa1032740: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Jul 16 17:22:54 gate sendmail[1672] : r6GEL9oM001672: smtpclu-6.eunet.rs [194.247.192.231] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA


On the other side , the error eMaiL was : 


Reporting-MTA: dns; spamfilter.starnet.md
Arrival-Date: Tue,  9 Jul 2013 22:03:38 +0300 (EEST)

Final-Recipient: rfc822; dircom@mydomain.com
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Spam-&-Virus-Firewall; connect to
    [27.10.97.70]: read timeout



A Cisco PIX between the host and our mail relay is performing SMTP inspection ("SMTP Fixup"). 



The sending MTA apparently does not know how to handle a "500 5.5.1" response from our MTA, and keeps the connection open for one hour (default Timeout.command in sendmail). After one hour, our MTA closes the connection.



As a workaround, enable ESMTP inspection, or disable SMTP inspection. ESMTP inspection allows commands described in RFC 2821. Note that ESMTP inspection and SMTP inspection are mutually exclusive.


http://brandonhutchinson.com/wiki/SMTP_Fixup_problems
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a008064730a.shtml



http://frustratedtech.com/post/41281442135/sendmail-dropping-connections-from-monitoring-servers
http://www.sendmail.com/sm/open_source/docs/configuration_readme/



 Sendmail Dropping Connections From Monitoring Servers?

I’ve been seeing this frequently.  We currently use IPMonitor at work.  I hate it.  But, it is what it is, gotta use what is provided.  So, this monitoring system uses snmp to check all services and then it also tries to connect to smtp.  However, one server is setup to require pop3 login before smtp access can be acquired.  This was giving plenty of false positives for the monitoring system since we were seeing this message a lot.
# tail -f /var/log/maillog
Jan 23 04:02:02 LUX5 sendmail[8278]: r0N922sj008278: [123.456.789.10] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
To fix this I needed to add the monitoring server to the access file for sendmail to accept the connection.
# nano /etc/mail/access
# Check the /usr/share/doc/sendmail/README.cf file for a description
# of the format of this file. (search for access_db in that file)
# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
# package.
#
# by default we allow relaying from localhost...
connect:localhost.localdomain           RELAY
connect:localhost                       RELAY
connect:127.0.0.1                       RELAY
######ADD YOUR IP BELOW#########
connect:123.456.789.10                  OK
Then just rebuild the database and restart sendmail. You will see see the error message, but at least you will no longer get the false positives.
# makemap hash /etc/mail/access < /etc/mail/access
# service sendmail restart

Monday, July 15, 2013

Switch Your Coding Life: Android - Check the database on DDMS

Switch Your Coding Life: Android - Check the database on DDMSAndroid utilizes the SQlite database by default. However, for security reasons, the sqlite3 is not installed on many Android devices (At least on Android 2.3.3). To work with it, one could root the phone and install sqlite3 by hand. The another way to do it is working with the emulator.

Because the emulator is a completely open device, there is not restriction to access to the database or to the shared preferences. Once the emulator has been started, the DDMS of eclipse could be used to extract the database and check its structure and the contents.

To make the thing even easier, there is a plugin for the eclipse which allow the coders to access the data inside of DDMS




How to browse an Android SQLite Database from Eclipse Kepler

http://pantestmb.blogspot.ro/2012/04/sqlite-plugin-for-eclipse.html




Tuesday, July 2, 2013

AVD hardware settings - keyboard


   After updating Eclipse ( Help Menu -> Check for Updates ) ,
running and debugging my application in the Android Virtual Device (AVD) was a nightmare :
   I couldn't use the computer keyboard anymore to enter data in my Android app;
( AVD's keyboard wasn't QWERTY ) ; Entering one digit number took 4 or 5 mouse-clicks :-(

No QUERTY AVD :



http://developer.android.com/tools/devices/managing-avds.html

After adding hardware keyboard support , problem solved :
Hardware property = "Keyboard Support"
Value = "yes"



Hardware options

If you are creating a new AVD, you can specify the following hardware options for the AVD to emulate:
CharacteristicDescriptionProperty
Device ram sizeThe amount of physical RAM on the device, in megabytes. Default value is "96".hw.ramSize
Touch-screen supportWhether there is a touch screen or not on the device. Default value is "yes".hw.touchScreen
Trackball supportWhether there is a trackball on the device. Default value is "yes".hw.trackBall
Keyboard supportWhether the device has a QWERTY keyboard. Default value is "yes".hw.keyboard
DPad supportWhether the device has DPad keys. Default value is "yes".hw.dPad
GSM modem supportWhether there is a GSM modem in the device. Default value is "yes".hw.gsmModem
Camera supportWhether the device has a camera. Default value is "no".hw.camera
Maximum horizontal camera pixelsDefault value is "640".hw.camera.maxHorizontalPixels
Maximum vertical camera pixelsDefault value is "480".hw.camera.maxVerticalPixels
GPS supportWhether there is a GPS in the device. Default value is "yes".hw.gps
Battery supportWhether the device can run on a battery. Default value is "yes".hw.battery
AccelerometerWhether there is an accelerometer in the device. Default value is "yes".hw.accelerometer
Audio recording supportWhether the device can record audio. Default value is "yes".hw.audioInput
Audio playback supportWhether the device can play audio. Default value is "yes".hw.audioOutput
SD Card supportWhether the device supports insertion/removal of virtual SD Cards. Default value is "yes".hw.sdCard
Cache partition supportWhether we use a /cache partition on the device. Default value is "yes".disk.cachePartition
Cache partition sizeDefault value is "66MB".disk.cachePartition.size
Abstracted LCD densitySets the generalized density characteristic used by the AVD's screen. Default value is "160".