Cannot Mail System Logs
I have a remote router TL-WR940N, and I'm trying to make it send its system Logs by email to a private smtp mail server listening on 25 port without authentication, so there isn't any SSL encryptation or similar, it's all plain text.
I tested from an other machine and can send email through that SMTP server, and can read messages actually in my mail box on that same server. So my server SMTP confirms to be working properly.
I tried to test it form router interface: system tools, system logs, and click "Mail Log" button at the bottom of page, but it returns:
Failed to connect to the mail server. |
Please check the connection and the address of the SMTP Server in Mail Settings, and make sure the mail server supports SMTP. |
The connection address o SMTP server is OK, ad it is working by checking it with an other tool. Moreover it clearly sopports SMTP...
Questions:
- Is it possible to get some more logs or details about message sending smtp session?
- How tplink system logs mailing works exactly? What kind of SMTP server it expects for properly sending logs?
Any answer would be really appreciated,
thanks in advance!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
The target SMTP server is listens on 25 port only. And it doesn't request any authentication, it works fine just without any encrypt SSL or similar.
I tested it using very basic tools like telnet or netcat from a PC connected to internet by an other connection/ISP.
For instance:
$ telnet serverdomain.example 25
EHLO serverdomain.example
MAIL FROM: mybox@serverdomain.exmaple
RCPT TO: mybox@serverdomain.example
DATA
from: mybox@serverdomain.example
to: mybox@serverdomain.example
subject: Testing service for accepting logs from router
.
quit
So from an other internet connection it works, while if I test it form a windows machine of the LAN behind the TP-link router it doesn't work, cannot reach server and returns timeout error.
I'm starting to suspect that it isn't a router limitation. May be an ISP limitation instead.
The tp-link router is connected to internet with an ISP that assigns a CGNAT private IP address of 100.64.0.0/10 range.
Is there any chance the ISP is blocking outgoing connections towards port 25 services?
Or could the tplink router prevent that outgoing targets (directed to external targets listening on 25 port) with a firewall rule? I can't see any rule... there is just "spi firewall enabled" under basic security section, but I suppose it doesnt' prevent any outgoing connection toward an smtp server listening on port 25...
I also have an other TP-link router on an other location connected to internet with an other ISP, and it assigns a direct public IP. It's an older router but could have that mail logs function, I'll report a test from that router.
Thanks for reply, even if I don't think a firmware update can fix that "scenario", the test from the other machine of that router LAN confirms that something is blocking outgoing requests directed to port 25.
I'll report some other report after above explained checks. Any other comment and suggests are welcome.
Thanks again!
- Copy Link
- Report Inappropriate Content
Just tested from the router of the other location, it return an other error:
Wrong email address.
Please check the email address of the recipient. |
||||
From a linux machine of this other LAN I can reach remote SMTP server with the above telnet session, so here the problem seems related to some limitation of this tp-link router. In both cases fror instance It doesn't recognize the smtp server domain, it's someting like "smtpserver.example", while the router, i suspect, likely expects something similar to smtpservice.myserver.example. In the above error seems clear tath mail logs setup dosen't accept somthing about may mail recipient, but it is properly written and if I test it from a PC of the lan I can send the message, and I can confirm it is delivered properly to my mail box.
Any ideas to solve or inspect deeper is ever welcome.
PS. The other router connected with regular public IP without any ISP CGNAT in the middle is a:
Hardware Version: MR3420 v2 00000000
Firmware Version: 3.16.9 Build 150319 Rel.60489n
|
- Copy Link
- Report Inappropriate Content
Some ISPs block access to port 25 in order to try to avoid some issues with spammers.
However, this can also block you from being able to connect to your mail server to send mail through your domain.
Also you can try Instead of using a domain name to set the SMTP server by an IP address.
- Copy Link
- Report Inappropriate Content
Already tried to replace smpt domain name with its IP address, and seem to pass the "wrong SMTP error" returned by router.
Now it returns error about "wrong recipient". But that is actually the proper mail address.
A recap is needed because I have made varius checks and all thieese stuffs could appear confusing.
1) Location one
- ISP assigns to router a private ip 100.64.0.0/10, it is behind a CGNAT
- router cannot send mail logs via internet to an outdoor working server (it can reach its domain name via ping diagnostic, but fails if it setup as mail smtp domain name, also replacing the name with smtp IP address doesn't solve.
- from windows PC of that LAN also email to SMTP outdoor server fails (telnate returns timeout)
- suspect ISP firewall issue related to outgoing connection towards services that listen on port 25
2) Location 2
- ISP assign to the router a regular public IP, no CGNAT here
- router cannot send mail logs via internet to the outdoor smtp server (return error about wrong recipient, but that mail address is actually fine)
- from a linux PC of the LAN I can send mail to outdoor server with no errors
- from the router I can send mail logs to an internal SMTP server on the linux machine (postfix) it listen on port 25 and requests no auth all in plain text
- so router can send mail logs to an internal address (192.168.x.y/24)
- suspect tplink router has some limitation about domain name in email recipient address
So, this is the situation: mail logs seem to work towards internal addresses. I've non tried it on location 1, because I've no linux machine there with a smtp service running.
- Copy Link
- Report Inappropriate Content
From location 2:
my suspect was right, I've tried to replace domain name of my email box with its IP address (same of SMPT server) and it worked.
Let's suppose external SMTP server has IP address 1.2.x.y, here my tested working config:
Mail Account Settings
From: sender@somedomain.somedomain
To: recipient@1.2.x.y
SMTP Server: 1.2.x.y
From location 1 (CGNAT by ISP and likely 25 port blocked):
Same config as above, but it doesn't work at all.
It returns:
Failed to connect to the mail server.
Please check the connection and the address of the SMTP Server in Mail Settings, and make sure the mail server supports SMTP.
Now my question is, how to bypass the above ISP limitation on 25 external services port using some free solution?
- Copy Link
- Report Inappropriate Content
I investigated more:
Location 1 (router behind CGNAT)
As said yet I can't reach the target SMTP server, neither from router nor from the windows PC behind the router. I suspected a block imposed by the ISP for the outgoing requests directed to port 25 of remote hosts. Actually, after an other test it doesn't seem a limitation based just on port 25, but could instead be related to some sort of black list in use by ISP which contains the SMTP server domain/address.
I substituted the usual target SMTP server, with my Location 2 linux PC, on which is running "postfix" as SMTP internal delivery server. I added a forward rule in Location 2 router for port 25, forwarded to my linux pc, and opened port 25 on that system firewall. It's not a recommended configuration because it expose to internet that system with a service (SMTP) really prone to spamming and so on... anyway for a temporary test shouldn't be a problem.
So from windows on location 1, I tried the usual telnet test:
telnet location2publicIP 25
And it works!
So the location 1 ISP doesn't block outgoing requests to services listening on port 25. It blocks requests to SMTP service of usual target smpt server, likely by a blacklist mechanism.
Then as a confirm I tried from location 1 router, and it can send logs to my location 2 linux pc. The working config is like:
Mail Account Settings
From: tplinkrouter AT location DOT one
To: myuser AT mylinuxbox DOT full DOT domain
SMTP Server: locationtwo DOT ddns DOT something
I want to explain a bit more about above router config:
"From:" header
can contain a random address, but if the domain part (after "@") is something recognized as non valid, like "DOT invalid" for instance, the router will fail to send mail log and will return error.
"To: header"
has to contain the real "user" of my linux machine I want to deliver the message to, and its domain part has to be the real hostname fqdn of that system
SMTP Server
has to be the address of the router where the machine with smtp server is located, in my case I called it location 2. This domain has to be reachable from internet, in my example it is granted by a ddns service.
OK, now it is proved that location 1 ISP doesn't block port 25, but it blacklist the IP/domain name of the SMTP service I was going to use.
I could use my system on location 2 as SMTP server, as i done in my test above, but I don't want to stay with 25 port open forever.
I'll try to find some other ideas to solve, anyway it would be really appreciated if this configuration was a bit more versatile (able to let choose the port of smtp server for example, without various limitations about domains name, able to mail at more versatile time interval, and so on).
My goal was to reach the location 1 router from internet, and the windows PC of the LAN behind it. But CGNAT is an issue. I found luckily "location 2" with public IP and managed by the same ISP, I can access remotely to location 1 router, I mean if I open the browser on 100 DOT x DOT y DOT z address I can access te router.
The problem is that private IP changes about any week, and a dyndns service can't solve in this case.
With that IP known I can also reach the windows PC, also with wake on lan, and turn it on when needed...
The mail logs option of the router could be the last chance to know its private IP (it is reported in mail log).
Otherwise I has to think about an other "insider device" within that LAN with some smarter feature
That's all for now, hope these checking tests can be useful for anybody wondering about how this mailing log mechanism works and why often it fails.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 408
Replies: 7
Voters 0
No one has voted for it yet.