Telnet port 25/110

mistofdeath69 · January 29, 2023, 9:04pm

Hello
I can successfully connect via Telnet on port 25 and get a message stating the mail is queue.

Yet it never ever shows up. Second problem Telnet port 110 I get the ready message and when I enter the user postmaster@cyber.com or username @ cyber.com I get a message stating 500 invalid command.

I have Axigen running on Virtual Box as a VMachine and also have Kali running in another VM. They can talk to each other and I can launch the admin page from the Kali VM or my windows workstation. When I look at the Queue or View Process absolutely nothing is there.
The network is private and I’m setting it up for my Ethical Hacking class but seems all of us are having various issues with getting Axigen to work.

Any tips or suggestions would be greatly appreciated if there is more info that you need please just let me know as I wasn’t able to find what I wanted using Google or the Axigen Community post.

Thank you

Michael

indreias · January 30, 2023, 11:01am

Hello Michael,

Please login into Axigen WebAdmin interface and set Log Level to Protocol Communication for both SMTP Incoming and POP3 services. Also please set same log level to Processing (under Queue).

Note: its a good idea to check the status of Axigen queue as well as most probably the messages are blocked into the queue for a specific reason (maybe some processing filters are configured but not started / unable to connect / etc).

After that please retest and in case there are still no hints on why the exercise is failing please share here the relevant logs (usually saved in /var/opt/axigen/log/ >> default.txt or everything.txt, depending on how your system was configured).

HTH,
Ioan

mistofdeath69 · January 31, 2023, 3:26am

Hi Ioan,

Thank you for the reply. I followed your instructions as outlined above. The problem continues but, I saw in the everything.txt that mail is being received and processed. If I’m reading it right.

I tried to pull the log from /var/opt//axigen/log but I’m denied to make any changes even when login as the admin user.

So, I’ve attached the everything.txt
everything (1).txt (89.0 KB)

I hope this helps and again a huge THANK YOU!!

Michael

indreias · January 31, 2023, 8:00am

Hello Michael,

Checking shared log we could see:

1/ Message was delivered - so no problems here
2023-01-31 02:49:42 +0000 08 axigen PROCESSING:00009CE2: Mail delivered to mailbox 'INBOX' of <manders@cyber.com> with id 3

Note: most probably you do not see it as it seems that the message (as you enter it from telnet) is not in the right format - my suggestion is that after data to enter:

Subject: test message<press-enter>
<press-enter>
some text here<press-enter>
.<press-enter>
<press-enter>

In such way you could have at least one header and some body content and hopefully you will see the message into WebMail.

Another possible explanation for not seeing the messages is that, by default, in WebMail client the messages are organized by conversations (newly introduced in X4). So, just to be sure your broken message is not affected by this way of displaying messages, please “untick” that option (WebMail > Settings > Interface > Appearance > Configure > Group emails by conversation).

2/ From below log lines we could see that the listener on port :110 was, most probably by mistake, added to SMTP Receving service instead of POP3 service.

2023-01-31 02:54:28 +0000 08 axigen SMTP-IN:00000010: [127.0.0.1:110] connection accepted from [127.0.0.1:55740]
2023-01-31 02:54:28 +0000 16 axigen SMTP-IN:00000010: >> 220 axigen Axigen ESMTP ready
2023-01-31 02:54:54 +0000 16 axigen SMTP-IN:00000010: << user manders@cyber.com
2023-01-31 02:54:54 +0000 16 axigen SMTP-IN:00000010: >> 500 Invalid command
2023-01-31 02:55:24 +0000 16 axigen SMTP-IN:00000010: << STAT
2023-01-31 02:55:24 +0000 16 axigen SMTP-IN:00000010: >> 500 Invalid command
2023-01-31 02:55:27 +0000 16 axigen SMTP-IN:00000010: << stat
2023-01-31 02:55:27 +0000 16 axigen SMTP-IN:00000010: >> 500 Invalid command
2023-01-31 02:56:01 +0000 16 axigen SMTP-IN:00000010: << retr
2023-01-31 02:56:01 +0000 16 axigen SMTP-IN:00000010: >> 500 Invalid command
2023-01-31 02:56:07 +0000 16 axigen SMTP-IN:00000010: << quit
2023-01-31 02:56:07 +0000 16 axigen SMTP-IN:00000010: >> 221-axigen Axigen ESMTP is closing connection
2023-01-31 02:56:07 +0000 16 axigen SMTP-IN:00000010: >> 221 Good bye
2023-01-31 02:56:07 +0000 08 axigen SMTP-IN:00000010: closing session from [127.0.0.1:55740]

Thus, please go in WebAdmin > Services > SMTP Receiving > Listeners and delete any listener on port 110.

Afterwards please go in WebAdmin > Services > POP3 > Listeners and add one listener for port 110 (like 0.0.0.0:110 OR 127.0.0.1:110, depending from where you like to make those POP3 telnet tests).

HTH,
Ioan

mistofdeath69 · January 31, 2023, 11:00pm

Hi Ioan,

I believe all the changes have been made as requested above. Still having an issue with Telnet IP 110 I do still see the message getting delivered to my inbox just don’t see it nor can I retrieve it.
everything (2).txt (257.7 KB)

Thank you

Michael

indreias · February 1, 2023, 6:23pm

Hello Michael,

From provided logs I could see that you have added 0.0.0.0:110 listener on WEBADMIN service which is not correct as it have to be added on POP3 service.

2023-01-31 20:44:22 +0000 08 axigen WEBADMIN:0000002C: Success: Listener-level Flow Control configuration updated for listener '0.0.0.0:110' of service 'WEBADMIN'
2023-01-31 20:44:22 +0000 08 axigen WEBADMIN:0000002C: Success: Listener-level allow rules Alow Control configuration updated for listener '0.0.0.0:110' of service 'WEBADMIN'
2023-01-31 20:44:22 +0000 08 axigen WEBADMIN:0000002C: Success: Listener-level deny rules Alow Control configuration updated for listener '0.0.0.0:110' of service 'WEBADMIN'
2023-01-31 20:44:22 +0000 08 axigen WEBADMIN:0000002C: Success: update WEBADMIN service configuration

Please correct and let us know if you still have problems.

HTH,
Ioan

mistofdeath69 · February 2, 2023, 3:02am

Hi Ioan,

So, about 315a Pacific this morning I realized that I had made that mistake and corrected that. Went back to the lab exercise and found that I now see the +OK when Telnet IP 110

The next issue was that I received an error message when entering the user postmaster@cyber.com

So, I went back to the POP3 and enabled the UnSecured connection allow authentication with and checked the boxes 1 at a time to I was successful and got +OK needs a password so I enter pass *********** and my password and get -ERR Protocol Violation.

everything (3).txt (221.7 KB)

So, didn’t expect that I was going to be getting this up close and personal with the product but learning and alot and have been able to help my classmates get to the same point.

Thank you for the help it is greatly appreciated.

Mike

indreias · February 3, 2023, 4:05pm

Hello Mike,

From what I see you get the Protocol violation because after the first error you did not start again the login procedure, like:

user bla-bla-bla<press-enter>
pass super-secret<press-enter>

but you are just repeating the last pass line.

2023-02-02 02:41:58 +0000 08 axigen POP3:00000034: [10.0.0.17:110] connection accepted from [10.0.0.17:52060]
2023-02-02 02:41:58 +0000 16 axigen POP3:00000034: >> +OK AXIGEN POP3 server on axigen ready <140121431438912.1074379431@axigen>
2023-02-02 02:42:09 +0000 16 axigen POP3:00000034: << user manders@cyber.com
2023-02-02 02:42:09 +0000 16 axigen POP3:00000034: >> +OK manders@cyber.com needs a password
2023-02-02 02:42:23 +0000 16 axigen POP3:00000034: << FxxxWord
2023-02-02 02:42:23 +0000 16 axigen POP3:00000034: >> -ERR Unknown command <FxxxWord>
...
2023-02-02 02:43:57 +0000 16 axigen POP3:00000034: << PASS ******
2023-02-02 02:43:57 +0000 16 axigen POP3:00000034: >> -ERR Protocol violation
...
2023-02-02 02:48:14 +0000 16 axigen POP3:00000034: << PASS ******
2023-02-02 02:48:14 +0000 16 axigen POP3:00000034: >> -ERR Protocol violation

I hope you already managed to find this unfortunate situation but just in case you are still stuck please retry again. Basically, if the authentication phase have an error you have to start from the beginning and not just sending the pass line.

HTH,
Ioan

mistofdeath69 · February 3, 2023, 5:05pm

Hi Ioan,

So, I started from scratch as it was getting a bit crazy.

I downloaded the software again and noticed that the new download was about 25MB larger than the previous download.

I was able to resolve the Protocal Error Violation but changing the logging setting to Protocol Communication.

I was at this point successful and could send/receive and read the email messages.

I was able to duplicate the results for the rest of my classmates by using the new VM.

Thank you again for the help and we can close the ticket.

Mike