Closed arnydo closed 7 years ago
rommelfs
commented
7 years ago Your operating system is reporting that the address is already in use (OSError: [Errno 98] Address already in use). I would trust this and check with netstat -napt (on Linux, as root) which process is binding.
arnydo
commented
7 years ago This actually showed no processes using the port.
I am assuming this is related to how misp is running in docker. I tried adding the service to supervisor and it shows it is running but email (via fake smtp) is being rejected.
Get Outlookhttps://aka.ms/qtex0l for iO
From: Sascha Rommelfangen notifications@github.com Sent: Friday, October 13, 2017 10:39:33 AM To: MISP/mail_to_misp Cc: arnydo; Author Subject: Re: [MISP/mail_to_misp] Address Already in Use (#10)
Your operating system is reporting that the address is already in use (OSError: [Errno 98] Address already in use). I would trust this and check with netstat -napt (on Linux, as root) which process is binding.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/MISP/mail_to_misp/issues/10#issuecomment-336472227, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ALHP1y8Pg-tkcwtErVJpmXeJLzeoUixFks5sr3YlgaJpZM4P2DWa.
rommelfs
commented
7 years ago Hi,
Could you show me the output of netstat -napt run as root?
Thanks, Sascha
On 13 Oct 2017, at 19:55, arnydo notifications@github.com wrote:
This actually showed no processes using the port.
I am assuming this is related to how misp is running in docker. I tried adding the service to supervisor and it shows it is running but email (via fake smtp) is being rejected.
Get Outlookhttps://aka.ms/qtex0l for iO
From: Sascha Rommelfangen notifications@github.com Sent: Friday, October 13, 2017 10:39:33 AM To: MISP/mail_to_misp Cc: arnydo; Author Subject: Re: [MISP/mail_to_misp] Address Already in Use (#10)
Your operating system is reporting that the address is already in use (OSError: [Errno 98] Address already in use). I would trust this and check with netstat -napt (on Linux, as root) which process is binding.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/MISP/mail_to_misp/issues/10#issuecomment-336472227, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ALHP1y8Pg-tkcwtErVJpmXeJLzeoUixFks5sr3YlgaJpZM4P2DWa. — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.
arnydo
commented
7 years ago Okay, since I am running this in Docker I am guessing I have to configure this to run with Supervisor. I did that and it appears to be running on port 25. However, I am still getting rejections when sending email to it.
Supervisor config:
[program:fake-smtp]
command=python3 /var/www/MISP/mail_to_misp/fake_smtp.py
user = root
startsecs = 5
autorestart = falseNetstat:
root@misp:/var/www/MISP# netstat -napt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 12/redis-server 127
tcp 0 0 127.0.0.11:33998 0.0.0.0:* LISTEN -
**tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 7/python3**
tcp 0 0 127.0.0.1:32824 127.0.0.1:6379 TIME_WAIT -
tcp 0 0 127.0.0.1:6379 127.0.0.1:32846 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:32860 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:6379 127.0.0.1:32850 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:6379 127.0.0.1:32838 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:6379 127.0.0.1:32860 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:6379 127.0.0.1:32856 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:32850 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:32846 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:32828 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:32842 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:32856 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:6379 127.0.0.1:32832 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:6379 127.0.0.1:32842 ESTABLISHED 12/redis-server 127
tcp 0 0 127.0.0.1:32832 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:32838 127.0.0.1:6379 ESTABLISHED -
tcp 0 0 127.0.0.1:6379 127.0.0.1:32828 ESTABLISHED 12/redis-server 127
tcp6 0 0 :::80 :::* LISTEN 10/apache2
tcp6 0 0 :::443 :::* LISTEN 10/apache2Process:
root@misp:/var/www/MISP# ps 7
PID TTY STAT TIME COMMAND
7 ? S 0:00 python3 /var/www/MISP/mail_to_misp/fake_smtp.pyDocker's Netstat:
tcp6 0 0 :::9443 :::* LISTEN 24692/docker-proxy
tcp6 0 0 :::9000 :::* LISTEN 24804/docker-proxy
tcp6 0 0 :::9001 :::* LISTEN 24812/docker-proxy
tcp6 0 0 :::3306 :::* LISTEN 28443/docker-proxy
tcp6 0 0 :::80 :::* LISTEN 11307/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 1252/sshd
tcp6 0 0 :::25 :::* LISTEN 11325/docker-proxy
tcp6 0 0 :::33306 :::* LISTEN 28424/docker-proxy
tcp6 0 0 :::443 :::* LISTEN 11287/docker-proxy'Rejections' = SMTP rejections? Probably not, since I see that your port 25 is only bound to 127.0.0.1, you won't be able to access this from outside. I'm just analyzing what I see, I don't know how you have to configure this within Docker.
arnydo
commented
7 years ago "Facepalm"
You know I have looked at that a dozen times and didn't even pay attention.
Changed to "0.0.0.0" and worked perfect.
Thank you for checking on this @rommelfs.
rommelfs
commented
7 years ago Glad to hear it works now 👍
Hello, I have a fresh install of MISP (via XMP's docker image) and when I attempt to run the fake smtp script I receive an "address already in use" error.
root@misp:/var/www/MISP/mail_to_misp# python3 fake_smtp.py Starting Fake-SMTP-to-MISP server Traceback (most recent call last): File "fake_smtp.py", line 39, in <module> server = CustomSMTPServer((smtp_addr, smtp_port), None) File "/usr/lib/python3.5/smtpd.py", line 662, in __init__ self.bind(localaddr) File "/usr/lib/python3.5/asyncore.py", line 329, in bind return self.socket.bind(addr) OSError: [Errno 98] Address already in useI have double checked and nothing is running on port 25. Am I missing something?