Category Archives: Howto Tutorials (EN)

Knowledge Network for Tutorials, Howto’s, Workaround, DevOps Code for Professionals.

Install and get e-mail with fetchmail daemon

16. 10. 2017 Don Matteo Leave a comment

fetchmail daemon pick up e-mails and forward to local mailbox

fetchmail is a daemon for retrieving and forwarding e-mail; the Unix pioneer retrieves e-mail from remote mail servers and forwards them to the delivery system. The mail can then be retrieved using normal e-mail user agents such as mutt, elm, or mail.

What is fetchmail ?

The fetchmail e-mail program can run in daemon mode to repeatedly queries one or more systems at a given interval, it collects e-mails from servers that support all common e-mail retrieval services, such as POP3 and IMAP, also support the ESMTP-ETRN extension and the ODMR protocols.

This article describes how to use fetchmail on a CentOS smart host with Postfix. The e-mail from external mail service providers is retrieved and the recipient is redirected to the mailbox server that receives e-mail from the smart host. Mail accounts do not require forwarding, and the smart host also scans the e-mail for viruses and SPAM before they are delivered to the user’s mailbox.

Install fetchmail e-mail daemon

To install fetchmail e-mail daemon on CentOS 7, the extras repository is required, if not already available.

$ wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ sudo rpm -Uvh epel-release-latest-7*.rpm

The fetchmail daemon can be installed from the CentOS Extras repository.

$ yum -y install fetchmail

We create the fetchmail configuration file for the daemon under /etc/sysconfig.

# This file will be used to declare some vars for fetchmail
#
# Uncomment the following if you dont want localized log messages
# export LC_ALL=C

# Declare here if we want to start fetchmail. 'yes' or 'no'
START_DAEMON=yes

Copy Paste /etc/sysconfig/fetchmail

The fetchmail e-mail daemon Init script is created, here for a CentOS host on this the Postfix MTA is already running. As root with vi /etc/rc.d/init.d/fetchmaild

#!/bin/sh
# chkconfig: 35 99 00
# description: Start and stop fetchmail

. /etc/init.d/functions

start() {
  echo "Starting fetchmaild..."
  su fetchmail -s /bin/sh -c "fetchmail -vv -d 900 -a -f /etc/fetchmailrc -L /var/log/fetchmail"
  }

stop() {
  echo "Shutting down fetchmaild..."
  su fetchmail -s /bin/sh -c "fetchmail --quit"
  }

case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  restart)
    stop
    start
    ;;
  *)
    echo "Usage: $0 {start|stop|restart}"
    ;;
esac

exit 0

Copy Paste /etc/rc.d/init.d/fetchmail
Make the init script executable.

$ chmod 0755 /etc/rc.d/init.d/fetchmaild

Create the global fetchmailrc Recource configuration for operation as a daemon.

set daemon 900
set no syslog
set logfile /var/log/fetchmail
set postmaster "postmaster"
set no bouncemail
set no spambounce
set properties ""

poll mail.foo.org with proto POP3
user 'joe@foo.org' there with password 'secret' is joe.office@foo.com here options fetchall nokeep ssl smtphost localhost

Copy Paste /etc/fetchmailrc

For each mail server fetchmail retrieved from this e-mail, a poll line is created. The aim is to retrieve the external mailbox from joe@foo.org to the POP3 Server mail.foo.org and to be delivered to the user joe.office@foo.com via the localhost via Postfix to the Mailbox Server. To prevent logging in maillog, log is made in fetchmail instead of it.

Possibilities with fetchmail

fetchmail offers a number of syntactic subtleties to make it easier for fetchmailrc to read files. For example, the words and, with, has, wants, and options are ignored by fetchmail, as well as punctuation marks. While it is possible to provide credentials for a server on a row, common configurations are specified over a number of different lines. fetchmail is insensitive to whitespace unless the argument is in quotation marks and closing characters.

fetchmail options

There are fetchmail provide several options for the Poll statement (e.B. nofetchall (default), fetchall, keep, nokeep ).The meanings are as follows:

nofetchall: retrieve only new messages (default). Unless otherwise specified (i.e. fetchall, keep ), this means nofetchall.
fetchall: get all messages, seen or not.keep.
keep: do not delete any message on server.
nokeep: delete the read messages on server.

Create the fetchmail user and group and set the rights.

$ groupadd -r fetchmail
$ useradd -r -m -g fetchmail -s /sbin/nologin fetchmail
$ chown fetchmail /etc/fetchmailrc
$ chmod 0600 /etc/fetchmailrc
$ touch /var/log/fetchmail
$ chown fetchmail:fetchmail /var/log/fetchmail
$ chmod 0600 /var/log/fetchmail

The fetchmail e-mail daemon starts.

$ /etc/rc.d/init.d/fetchmaild start

After changing the fetchmailrc configuration, the systemd daemon have to restart.

$ systemctl daemon-reload

fetchmail check

You can check the fetchmail e-mail daemon conversation to server with run the following command:

$ fetchmail -vv -N --ssl -p pop3 -P 995 -ujoe@foo.org mail.foo.org

Test the fetchmailrc configuration file.

$ fetchmail -v -a -k -f /etc/fetchmailrc

Check the fetchmail e-mail daemon process.

$ ps -ef | grep -v grep | grep fetchmail

The output may look something like this:

fetchma+ 4126 1 0 19:19 ?        00:00:00 fetchmail -vv -d 900 -a -f /etc/fetchmailrc -L /var/log/fetchmail
root 6488 3985 0 16:25 pts/0 00:00:00 su fetchmail

fetchmail daemon logging

fetchmail e-mail daemon logging now takes place in the fetchmail file.

$ tail -f /var/log/fetchmail

The fetchmail e-mail daemon man page outputs a lot of information.

$ man fetchmail

Howto Tutorials (EN)

Nameserver resolvconf Ubuntu

Home » Howto Tutorials (EN)

22. 09. 2017 Don Matteo Leave a comment

Ubuntu uses the nameserver resolvconf program to configure local DNS resolution. The resolvconf package includes a simple database and a runtime for dynamically modifying nameserver information.

Ubuntu nameserver resolvconf NetworkManager

Typically, the program resolvconf runs through a network interface to push routines such as ifup, ifdown, NetworkManager, dhclient, and pppd, or local nameservers such as dnsmasq to update the DNS information.

If static IP addresses and DNS records are used on a host, the resolvconf package should be deactivated under Ubuntu, so that the DNS configuration from the dnsmasq daemon is not automatically made, the configuration that has been edited in /etc/resolv.conf and /etc/network/interfaces will otherwise be overwritten by the resolvconf program.

Disable nameserver resolvconf

$ resolvconf --disable-updates

Disable Ubuntu resolvconf from boot level and quit the program.

$ systemctl disable systemd-resolved.service
$ service systemd-resolved stop

Customize the Network Manager with default DNS.

$ vi /etc/NetworkManager/NetworkManager.conf
..
dns=default
..

Remove the symlink resolv.conf under /etc.

$ rm /etc/resolv.conf

Edit resolv.conf

and create a new resolv.conf file with the nameservers. in this example, it’s Google Public DNS.

On a local network or ADS the internal nameservers should be used.

$ vi /etc/resolv.conf

nameserver 8.8.8.8
nameserver 8.8.4.4

Delete the resolv.conf file of the systemd configuration program.

$ rm /etc/systemd/resolved.conf

change the configuration.

$ service network-manager restart

nameservers can also be defined in the interface configuration.

$ vi /etc/network/interfaces

auto lo
iface lo inet loopback

auto ens160
iface ens160 inet static
  address 10.10.0.8
  gateway 10.10.0.1
  netmask 255.255.255.0
  network 10.10.0.0
  broadcast 10.10.0.255
  dns-nameservers 8.8.8.8 8.8.4.4
  dns-search my.local

The interface name (ens160) may differ and must correspond to that of the respective host.

The /etc/resolv.conf file should not be missing.

Now enable the new network settings it will be read into memory.

$ /etc/init.d/networking restart

Troubleshooting using DNS

Many network issues are due to incorrect DNS or incorrect configuration of resolver. In a home network there is often no internal DNS, whereby the router or the firewall can be used as a nameserver, such as the Linksys or Netgear router. Basically, it should be ensured that the firewall used has a DNS cache, with semi-professional firewalls such as the FortiGate that not every model provide such a cache. For open source-based firewalls most provide a cache through DNS forwarder or dnsmasq.

After open up a command prompt will changes to the nameservers in Windows, the DNS cache should be reset.

C:\> ipconfig /flushdns

For Linux, the DNS cache can be reset out from terminal, with one of the following commands, depending on which service is installed.

$ sudo /etc/init.d/nscd restart
$ service nscd restart
$ service nscd reload
$ sudo /etc/init.d/dnsmasq restart
$ service dnsmasq restart
$ rndc reload

In the Mac OS X terminal as root.

$ lookupd -flushcache

If there is no internal DNS in the local network, the name servers of the Internet provider can be used, or may the Cloudflare public DNS.

1.1.1.1 1.0.0.1

Example of a nameserver querying its provider on Windows.

C:\> nslookup -type=ns green.ch
Server: dns1.agrinet.ch
Address: 81.221.250.11

Non-authoritative response:
green.ch nameserver = dns2.agrinet.ch
green.ch nameserver = dns1.agrinet.ch

dns1.agrinet.ch internet address = 81.221.250.11

Example nameserver lookup query on Linux.

$ host -t ns green.ch
green.ch name server dns1.agrinet.ch.
green.ch name server dns2.agrinet.ch.

host dns1.agrinet.ch & host dns2.agrinet.ch
dns1.agrinet.ch has address 81.221.250.11
dns2.agrinet.ch has address 81.221.252.11
dns2.agrinet.ch has IPv6 address 2a01:2a8:2001:252::11

A ping -n1 resolves addresses to host names with parameters –a and –4 for IPv4 address.

C:\> ping -4 -n 1 -a www.google.com

Ping runs for www.google.com with [216.58.201.4]32 bytes of data:
Response from 216.58.201.4: Bytes=32 Time=32ms TTL=50

Ping statistics for 216.58.201.4:
    Packages: Sent = 1, Receive = 1, Lost = 0
    (0% loss),
Approx. times in millisec.:
    Minimum = 32ms, Maximum = 32ms, Mean = 32ms

Show the current DNS nameservers available use systemd resolver.

$ systemd-resolve --status