Connection refused via JDBC

I have another connection refused problem, seems to be common.
Looked at previous posts, answer(s) were not explicit.
Able to connect to db via SQL navigator.
What do I have to do?
my code:
try {
DriverManager.registerDriver (new
oracle.jdbc.driver.OracleDriver());
     DriverManager.getConnection
     ("jdbc:oracle:thin:@192.168.0.3:1521:orcl", "scott", "tig
er");
     }catch ( SQLException sqle ) {
          out.println( "jdbc error: " + sqle );
error message:
jdbc error: java.sql.SQLException: Io exception: Connection
refused(DESCRIPTION=(TMP=)(VSNNUM=135294976)(ERR=12505)
(ERROR_STACK=(ERROR=(CODE=12505)(EMFI=4))))
listener log:
05-JUL-2001 09:30:32 * (CONNECT_DATA=(SID=orcl)(CID=(PROGRAM=)
(HOST=__jdbc__)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)
(HOST=192.168.0.3)(PORT=1407)) * establish * orcl * 12505
TNS-12505: TNS:listener could not resolve SID given in connect
descriptor

Problem solved!
Helps to look at the tnsnames.ora file. All I had to do was use
the host name in the URL, because that's the way its spelled out
in tnsnames.ora

Similar Messages

Connecting to IDMS database via JDBC

Has anyone successfully set up JDBC connectivity to generate reports using data in an IDMS mainframe database containing multiple schemas, where several schemas may contain tables with the same name?
We have no issues when using ODBC to connect to the various schemas in this IDMS databases, but we need to convert the connectivity for existing reports to JDBC.
When I open the JDBC connection, I see the expected hierarchy of schemas and tables in the Database Expert window. If I try to select a table I get the following error message if a table of that same name exists in other schemas:
Failed to retrieve data from the database.
Details: SQL exception: [SQL State:] 42000 [Error message:] DB002046 T11094 C-4M347: Duplicate table ids for ASISCHEM.SR-ACT and CORPCHEM.SR-ACT in area CORPDB.ACTIVITY-AREA [Database Vendor Code: -4]
So although we can connect to the database via JDBC, we can't use the connectivity because Crystal does not appear to correctly resolve that I'm selecting the table from within a specific schema.
Can anyone advise on how to make sure the table name selection is qualified by the correct schema name?
Thanks in advance.

Hello,
Try running the query outside of CR to verify the JDBC driver is passing the fully qualified name also.
Then look in the Designer and Show SQL to verify it's there as well as Set Table Location. You may be able to fully qualify it in that UI.
Thank you
Don

Error trying to connect via jdbc

I'm trying to connect via jdbc driver from a java application to a remote db. The code is quite simple
DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
Connection conn = DriverManager.getConnection
("jdbc:oracle:thin:@dbhost:orcl", "user", "password");
in my CLASSPATH I have the ojdbc14.jar file
When I run this program I get the following error:
Exception in thread "main" java.sql.SQLException: Io exception: The Network Adapter could not establish the connection
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:134)
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:179)
at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:334)
at oracle.jdbc.ttc7.TTC7Protocol.handleIOException(TTC7Protocol.java:366
8)
at oracle.jdbc.ttc7.TTC7Protocol.logon(TTC7Protocol.java:353)
at oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:371)
at oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.ja
va:551)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:351)
at java.sql.DriverManager.getConnection(DriverManager.java:525)
at java.sql.DriverManager.getConnection(DriverManager.java:171)
at Test.main(Test.java:12)
Please be aware of the following facts:
1) sqlplus from the same machine has no problem connecting to the db
2) there is no firewall or router between the client and the server
3) As host name I've tried the fqdn (resolved by the DNS), a name I've set up in /etc/hosts, the mere IP address
4) Checking with tcpdump, I've verified that NO network packet actually leaves the client, so the problem completely lies there.
Has anyone some good idea why this happens?

Make sure you are providing correct hostname and listener port number

10G Forms connect to MS Access via JDBC

A new project requires a 10G Form to connect to MS Access database. I understand 10G no longer connects to Access using ODBC. Will JDBC work? If JDBC can be used does anyone have a "How To" document or examples on how to connect orms 10G to MS Access via JDBC
Thanks
Ralph

I dont think it will work. In 10g forms is going to implement transparent gateways.
Is there a possibility of getting the data from MS access directly to Oracle database and then connect to Oracle DB from forms ?
Rajesh Alex

Error Integrating BOE via KM in Portal : Connection Refused

Hi
I am following the steps outlined on http://wiki.sdn.sap.com/wiki/display/BOBJ/IntegrateBOEXI3.1intoaKMNavigationintoSAPEP+portal in order to integrate BOE content into the portal via KM iViews.
I create the repository, and it shows up in the KM Content area, but as soon as I click on it, I get the following error:
java.net.ConnectException: Connection refused
I check the default trace file from NWA, and there are a bunch of error messages, starting with this one:
com.sapportals.wcm.repository.ResourceException: Invalid root sid. It must be an Integer representing the SI_ID on CMS.
I have used the default ID (23), which corresponds to the ID of the root folder in BOE. I have also tried using the ID of another folder, still with the same error message.
I have checked the security settings on the folder(s), and the user group Everyone has Full Access, so I don't think it is an access problem.
Any ideas on how I can get this working?
Cheers,
Andrew

Hi Andrew
Have you find a solution?
br
Murat

Compression via JDBC connection

Hi,
I am looking for alternatives or option using compression via JDBC thin or OCI connection. I am using JDK 1.6X on Sun platform and my Oracle Database version is 11.1.2.0. Is there any way to compress my data stream while connecting to JDBC connection ? I did tried knowledge base but didn't find a concrete answer from there?

Mechanisms like that are always a trade off one which doesn't necessarily work over time.
The problem is that one is trading CPU time for network bandwidth. And relation between those can vary greatly in a short amount of time.
In terms of absolute performance the best way is to create a design that minimizes volume and size.

MSSQL's JDBC random connection refused

I am having a random "unable to connect" error from my java application. Sometimes it's fine, apps running without any problem, but sometimes this exception comes up. I am writing this app at home and my SQL server is at office (behind a router with SPI firewall, but i have port forwarded TCP port 1433 for the connection). If I telnet to SQL server, i wont get any error message but a blank screen, it looks like the server side is waiting for my console input.
IDE: NetBeans IDE 6.0 (Build 200711261600)
JavaSDK: 1.6.0 build 1.6.0_03-b05
MSSQL JDBC Driver: should be latest (i downloaded off from MS website in early March)
MSSQL: MS SQL 2005 Developer Edition
com.microsoft.sqlserver.jdbc.SQLServerException: The TCP/IP connection to the host has failed. java.net.ConnectException: Connection refused: connect
any help would be appreciated
Jimmyson

this is a sample of my JDBC code:
    private boolean isOnline()
        Connection myConnection = null;
        String myServerPath =      "jdbc:sqlserver://" + dbAddress + ":" + dbPort + ";" +
                    "databaseName=" + dbDefaultDB + ";user=" + dbUsername +
                    ";password=" + dbPassword;
        try
            Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
            myConnection = DriverManager.getConnection(myServerPath);
            myConnection.close();
            return true;
        catch (Exception e)
            e.printStackTrace();
            return false;
    }Sorry if my code is bad
Edited by: istudio on Mar 27, 2008 6:23 AM for formatting issue

Connecting to crystal report via JDBC

Hi,
I am new to Crystal Reports. I want to connect to MSSQL Database using JDBC drivers. I was wondering if there is a way I can use JDBC drivers for connection with Crystal Reports when designing the report ?
Thanks
Sherif

Hi Sheriff,
I am not aware of CR 9 as it is out of support. But in CRXIR2 and CR2008 you can simply do it while creating new report. In the wizard you just need to select JDBC(JNDI) option under Create new connection.
After that just specify the connection url and JDBC class name.
I would suggest you to upgrade your product to CR2008 as it has excellent new features which would realy help you with the same.
Regards,
Nilesh Benke

Connection refused with HTTPS

Hello,
We have created a webservice deployed to WebLogic Server 9.2. It requires secure transport using the annotation
@UserDataConstraint(transport=UserDataConstraint.Transport.CONFIDENTIAL)
We're able to test this successfully using an XSmiles client browser.
However, I've written a Java client started with "clientgen" that runs successfully when connecting in nonsecure mode (annotation removed) to a local instance. But when I try to connect to our remote server in secure mode I get "connection refused" (the lengthy call stack is copied below).
The client code is also copied below (a few strings and IPs were changed). It's able to retrieve the WSDL, but then bombs when calling a port method. This is probably something simple but I've followed tutorials and have not found reference to this particular error on forums or via Google. Any ideas would be appreciated!
Thanks,
CJ
= = = = = = = =
System.setProperty ("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
java.security.Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider());
// must define .trustStoreType, .trustStore, and .trustStorePassword
System.setProperty("javax.net.ssl.trustStore", "c:\\client-keytool.ts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
System.setProperty("javax.net.ssl.trustStoreType", "JCEKS");
System.setProperty("weblogic.wsee.client.ssl.stricthostchecking", "false");
System.out.println ("Connecting to the webservice...");
PatientRegistrationService service = new PatientRegistrationService_Impl ("https://domain/ws/services/PatientRegistrationPort?WSDL");
PatientRegistrationPort port = service.getPatientRegistrationPort();
SecurityQuestionRequestType request = new SecurityQuestionRequestType();
RequestHeaderType requestHeader = new RequestHeaderType();
requestHeader.setApplication("x");
requestHeader.setAppLoginId("x");
requestHeader.setAppPassword("x");
request.setRegistrationRequest (requestHeader);
System.out.println ("Calling getSecurityQuestion method...");
SecurityQuestionResponseType response = port.getSecurityQuestion (request);
System.out.println ("...just called getSecurityQuestion.");
= = = = = = = =
Connecting to the webservice...
Calling getSecurityQuestion method...
Exception in thread "Main Thread" java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://schemas.xmlsoap.org/soap/envelope/}Server] FaultString [Failed to send message using connection:(SoapClientConnection@41626058 <transport=(HTTPSClientTransport@41626055 <url=https://IPADDRESS:9223/domain/ws/PatientRegistrationPort>)>)Connection refused: connect] FaultActor [null] Detail [<detail><bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0"></bea_fault:stacktrace>java.net.ConnectException: Connection refused: connect
     at java.net.PlainSocketImpl.socketConnect(Ljava.net.InetAddress;II)V(Native Method)
     at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
     at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
     at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
     at java.net.Socket.connect(Socket.java:507)
     at java.net.Socket.connect(Socket.java:457)
     at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
     at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
     at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
     at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:280)
     at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:337)
     at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:176)
     at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:744)
     at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:162)
     at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:836)
     at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
     at weblogic.wsee.connection.transport.http.HTTPClientTransport.send(HTTPClientTransport.java:161)
     at weblogic.wsee.connection.soap.SoapConnection.send(SoapConnection.java:54)
     at weblogic.wsee.connection.soap.SoapClientConnection.send(SoapClientConnection.java:89)
     at weblogic.wsee.ws.dispatch.client.ConnectionHandler.handleRequest(ConnectionHandler.java:89)
     at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:127)
     at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:100)
     at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:101)
     at weblogic.wsee.ws.WsStub.invoke(WsStub.java:89)
</detail>]; nested exception is:
     javax.xml.rpc.soap.SOAPFaultException: Failed to send message using connection:(SoapClientConnection@41626058 <transport=(HTTPSClientTransport@41626055 <url=https://IPADDRESS:9223/domain/ws/PatientRegistrationPort>)>)Connection refused: connect
     at test.wsclient.PatientRegistrationPort_Stub.getSecurityQuestion(PatientRegistrationPort_Stub.java:337)
     at test.client.TestClient4.main(TestClient4.java:80)
Caused by: javax.xml.rpc.soap.SOAPFaultException: Failed to send message using connection:(SoapClientConnection@41626058 <transport=(HTTPSClientTransport@41626055 <url=https://IPADDRESS:9223/domain/ws/PatientRegistrationPort>)>)Connection refused: connect
     at weblogic.wsee.codec.soap11.SoapCodec.decodeFault(SoapCodec.java:259)
     at weblogic.wsee.ws.dispatch.client.CodecHandler.decodeFault(CodecHandler.java:105)
     at weblogic.wsee.ws.dispatch.client.CodecHandler.decode(CodecHandler.java:90)
     at weblogic.wsee.ws.dispatch.client.CodecHandler.handleFault(CodecHandler.java:78)
     at weblogic.wsee.handler.HandlerIterator.handleFault(HandlerIterator.java:254)
     at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.java:224)
     at weblogic.wsee.ws.dispatch.client.ClientDispatcher.handleResponse(ClientDispatcher.java:161)
     at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:116)
     at weblogic.wsee.ws.WsStub.invoke(WsStub.java:89)
     at weblogic.wsee.jaxrpc.StubImpl._invoke(StubImpl.java:335)
     at test.wsclient.PatientRegistrationPort_Stub.getSecurityQuestion(PatientRegistrationPort_Stub.java:332)
     ... 1 more
Caused by: weblogic.wsee.handler.InvocationException: Failed to send message using connection:(SoapClientConnection@41626058 <transport=(HTTPSClientTransport@41626055 <url=https://IPADDRESS:9223/domain/ws/PatientRegistrationPort>)>)
     at weblogic.wsee.ws.dispatch.client.ConnectionHandler.handleRequest(ConnectionHandler.java:91)
     at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:127)
     at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:100)
     at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:101)
     ... 4 more
Caused by: java.net.ConnectException: Connection refused: connect
     at java.net.PlainSocketImpl.socketConnect(Ljava.net.InetAddress;II)V(Native Method)
     at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
     at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
     at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
     at java.net.Socket.connect(Socket.java:507)
     at java.net.Socket.connect(Socket.java:457)
     at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
     at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
     at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
     at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:280)
     at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:337)
     at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:176)
     at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:744)
     at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:162)
     at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:836)
     at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
     at weblogic.wsee.connection.transport.http.HTTPClientTransport.send(HTTPClientTransport.java:161)
     at weblogic.wsee.connection.soap.SoapConnection.send(SoapConnection.java:54)
     at weblogic.wsee.connection.soap.SoapClientConnection.send(SoapClientConnection.java:89)
     at weblogic.wsee.ws.dispatch.client.ConnectionHandler.handleRequest(ConnectionHandler.java:89)
     at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:127)
     at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:100)
     at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:101)
     at weblogic.wsee.ws.WsStub.invoke(WsStub.java:89)

Never mind, my silly mistake!
Thanks to http://jordan.fortwayne.com/oracle/oralinux.html
I realized that I had forgotten to do 'lsnrctl start'
R. Inamdar (guest) wrote:
: I downloaded Oracle 805 for Linux. I was able to successfully
: able to connect to the test database and issue queries with
: SVRMGRL. However, I get a 'Connection Refused' exception
: while connecting through the JDBC sample program.
: How do I enable diagnostics. I tried
: TRACE_LEVEL_LISTENER = SUPPORT
: but no trace file was created.
: What am I doing wrong. Thanks for the help...
: My evironment is:
: JDK1.1.7
: Linux Red Hat 5.2
: Thin JDBC driver
: Code fragment:
: DriverManager.registerDriver(new
jdbc.driver.OracleDriver());
: Connection conn =
: DriverManager.getConnection (
: "jdbc:oracle:thin:@localhost.localdomain:1521:test",
: "system",
: "manager"
: I tried with "localhost" in place of "localhost.localdomain"
: without success.
: Following is my listener.ora
: # Installation Generated Net8 Configuration
: # Version Date: Jun-17-97
: # Filename: Listener.ora
: LISTENER =
: (ADDRESS_LIST =
: (ADDRESS= (PROTOCOL= IPC)(KEY= test))
: (ADDRESS= (PROTOCOL= IPC)(KEY= PNPKEY))
: (ADDRESS= (PROTOCOL= TCP)(Host=
: localhost.localdomain)(Port= 1521))
: SID_LIST_LISTENER =
: (SID_LIST =
: (SID_DESC =
: (GLOBAL_DBNAME= localhost.localdomain.)
: (ORACLE_HOME= /usr/local/oracle/805)
: (SID_NAME = test)
: (SID_DESC =
: (SID_NAME = extproc)
: (ORACLE_HOME = /usr/local/oracle/805)
: (PROGRAM = extproc)
: STARTUP_WAIT_TIME_LISTENER = 0
: CONNECT_TIMEOUT_LISTENER = 10
: TRACE_LEVEL_LISTENER = OFF
: # TRACE_LEVEL_LISTENER = SUPPORT
: # TRACE_FILE_LISTENER = lsnr
: # TRACE_DIRECTORY_LISTENER=/usr/local/oracle/805/network/trace
null

Lost index stats in Ora 8.1.6 Tables when selecting via jdbc

Hi,
i'm using JBuilder8 and Kylix2 on a Linux machine with Oracle oci drivers of client 8.1.7.
The connect through JB8 jdbc via DBPilot is succesful and shows the tables of the db.
After executing a select on any table the index stats of this table are lost.
Kylix works fine without this failure.
Thanks for any comments to this problem
Jens

Well, it's not the PL/SQL code that is causing a problem. Everything worked fine for many months. Then one day (without any changes in the environment or code) the update of a table from a java application (via JDBC) fails. The same update done directly on the DB with SQL Plus still succeeds!
This led us to think that something is wrong with the JDBC connection (which was up for several months). Maybe a memory corruption?
Anyone that experienced similar problems with JDBC?

Problems with SSH: Connection Refused

Greetings fellow Arch users,
I have hit a bit of a snag that I could really use some extra help getting around. I've tried everything I can think of (and everything that Google thought might work) and I have my back rather against a wall, so I thought I'd come here to see if anyone can offer some advice.
To make a long story short, I am a college student and am attempting to set up an ssh server on a desktop at my house so I can access it remotely from the college. I have the computer set up and the server running, however I am having difficulty making connections to it from my laptop. I know that the server is running, because I can log into it both from the server itself (sshing into local host) and from my laptop when I use the internal IP address.
The server is on a static IP address within the network(192.168.0.75), and my router is configured to forward TCP port 1500 to it (I'm using 1500 as the port for my ssh server). However, when I attempt to log into the ssh server using my network's external IP address, the connection is refused. I used nmap to scan my network and found that, even though the proper ports are forwarded to the proper place as far as my Router's configuration interface is concerned, port 1500 is not listed as one of the open TCP ports. I also, to test it, temporarily disabled the firewalls on both the server and the client. That didn't help. The command that I am running is:
ssh -p 1500 douglas@[external ip address
As I am really not sure what is causing this problem, I don't know what information to provide. So here is everything that my inexperienced mind sees as likely being important. If you need anything more, let me know and I will do my best to provide it.
Here is the sshd_config file from my server.
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 1500
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Ciphers and keying
#RekeyLimit default none
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
PrintMotd no # pam does that
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
The ouptut of ip addr when run on the server:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp8s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:21:9b:3a:be:94 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.75/24 brd 192.168.255.0 scope global enp8s0
valid_lft forever preferred_lft forever
inet6 fe80::221:9bff:fe3a:be94/64 scope link
valid_lft forever preferred_lft forever
Here is the output from running nmap on the network:
Starting Nmap 6.40 ( http://nmap.org ) at 2013-09-28 21:05 EDT
Initiating Ping Scan at 21:05
Scanning address [2 ports]
Completed Ping Scan at 21:05, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 21:05
Completed Parallel DNS resolution of 1 host. at 21:05, 0.05s elapsed
Initiating Connect Scan at 21:05
Scanning pa-addresss.dhcp.embarqhsd.net (address) [1000 ports]
Discovered open port 80/tcp on address
Discovered open port 443/tcp on address
Discovered open port 23/tcp on address
Discovered open port 21/tcp on address
Completed Connect Scan at 21:05, 4.08s elapsed (1000 total ports)
Nmap scan report for pa-address.dhcp.embarqhsd.net (address)
Host is up (0.036s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp open telnet
80/tcp open http
443/tcp open https
8080/tcp filtered http-proxy
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.19 seconds
Here is the ssh_config client-side:
# $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
Output of ssh -v during connection attempt:
OpenSSH_6.3, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/douglas/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to address [address] port 1500.
debug1: connect to address address port 1500: Connection refused
ssh: connect to host address port 1500: Connection refused
Thank you guys ahead of time. Getting this server operational is hardly critical, it is just a side project of mine, but I would really like to see it working.
Douglas Bahr Rumbaugh
Last edited by douglasr (2013-09-29 02:58:56)

Okay, so I finally have the opportunity to try and log in from a remote network. And. . . it doesn't work. Which is just my luck because I now need to wait an entire week, at least, before I can touch the server again. Anyway, running ssh with the maximum verbosity I get this output:
douglas ~ $ ssh -vvv -p 2000 address
OpenSSH_6.3, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/douglas/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to address [address] port 2000.
debug1: connect to address address port 2000: Connection timed out
ssh: connect to host address port 2000: Connection timed out
It takes a minute or two for the command to finish with the connection timeout, as one would expect. And yes, I am reasonably sure that the address that I am using is my home network's external IP. It is dynamic, but I checked it before I left which was just over an hour ago. I guess that it may have changed. I'll know that for sure in the morning, when my server sends me an automatic email with the network's current address. In the meantime I am operating under the assumption that the address I am using is correct. What else could be the problem?

Lion Server postfix mail not being delivered to mailboxes. "SMTP restriction `reject_invalid_helo_hostname' after `permit' is ignored" and "connect to private/policy: Connection refused" errors.

All, Im stumped. In fact I have been on the phone with Apple Support and this has been escalated to the top engineers, as I think its got them too..
Anyway, here is my problem..
I'm running an Mac Mini with OS X 10.7.4 Server. I have had mail running on it for 2 months or so, without any issues. The mail was actually migrated from 10.6 in March, and It actually went smoothly. I have 3 domains which all recieve mail and they all work (or did up until 2 weeks ago)..
So the story is this.. I can send mail from my domains, without issue. imap and dovecot must be working.. cause all the stored mail, can be read with the mail IMAP client.. I can even transfer mail messages from one mailbox to another with Mail client. Sending mail is a breeze, it still works and the recipients still recieve their mail. But I noticed I wasnt getting any mail at all from those mailboxes... no mail, no spam, nothing.. which is unusal. I fired up Server admin and checked out the SMTP log, and this is what it showed for every email recieved: (xxxxxx is just me hiding sensitive info)
Jul 21 14:25:20 xxxxxxxx postfix/postscreen[65857]: CONNECT from [17.158.233.225]:41909
Jul 21 14:25:26 xxxxxxxx postfix/postscreen[65857]: PASS OLD [17.158.233.225]:41909
Jul 21 14:25:26 xxxxxxxx postfix/smtpd[65858]: connect from nk11p03mm-asmtp994.mac.com[17.158.233.225]
Jul 21 14:25:26 xxxxxxxx postfix/smtpd[65858]: warning: restriction `reject_invalid_helo_hostname' after `permit' is ignored
Jul 21 14:25:27 xxxxxxxx postfix/smtpd[65858]: warning: connect to private/policy: Connection refused
Jul 21 14:25:27 xxxxxxxx postfix/smtpd[65858]: warning: problem talking to server private/policy: Connection refused
Jul 21 14:25:28 xxxxxxxx postfix/smtpd[65858]: warning: connect to private/policy: Connection refused
Jul 21 14:25:28 xxxxxxxx postfix/smtpd[65858]: warning: problem talking to server private/policy: Connection refused
Jul 21 14:25:28 xxxxxxxx postfix/smtpd[65858]: NOQUEUE: reject: RCPT from nk11p03mm-asmtp994.mac.com[17.158.233.225]: 451 4.3.5 Server configuration problem; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<nk11p99mm-asmtpout004.mac.com>
Jul 21 14:25:28 azathoth postfix/smtpd[65858]: disconnect from nk11p03mm-asmtp994.mac.com[17.158.233.225]
Ok, now what is odd, is these rejected messages are not even appearing in the mail queue in Server Admin. I have no idea why there are not being delivered
Ive checked my postfix main.cf file and master.cf files they both look ok.. Ive even replaced them with the main.cf.defualt.10.7 and master.cf.default.10.7 files and to no avail... same problem..
So in summary
I can send mail out
IMAP is working on the client end (thus dovecot is) exsisting stored emails can be accessed, read, moved unread etc..
mail is coming into the sever, but its being rejected. there is NO rejection email sent back to the sender.
mail is recieved by postfix, but cyrus isnt doing anything with it.. I have no idea where it goes...
Could anyone shed light on this...
my main.cf file:
# Global Postfix configuration file. This file lists only a subset
# of all 300+ parameters. See the postconf(5) manual page for a
# complete list.
# The general format of each line is: parameter = value. Lines
# that begin with whitespace continue the previous line. A value can
# contain references to other $names or ${name}s.
# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF
# POSTFIX STILL WORKS AFTER EVERY CHANGE.
# SOFT BOUNCE
# The soft_bounce parameter provides a limited safety net for
# testing. When soft_bounce is enabled, mail will remain queued that
# would otherwise bounce. This parameter disables locally-generated
# bounces, and prevents the SMTP server from rejecting mail permanently
# (by changing 5xx replies into 4xx replies). However, soft_bounce
# is no cure for address rewriting mistakes or mail routing mistakes.
# soft_bounce = no
# LOCAL PATHNAME INFORMATION
# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
queue_directory = /private/var/spool/postfix
# The command_directory parameter specifies the location of all
# postXXX commands.
command_directory = /usr/sbin
# The daemon_directory parameter specifies the location of all Postfix
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
daemon_directory = /usr/libexec/postfix
# QUEUE AND PROCESS OWNERSHIP
# The mail_owner parameter specifies the owner of the Postfix queue
# and of most Postfix daemon processes. Specify the name of a user
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
# USER.
mail_owner = _postfix
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#default_privs = nobody
# INTERNET HOST AND DOMAIN NAMES
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#mydomain = domain.tld
# SENDING MAIL
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# [email protected].
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#myorigin = $myhostname
#myorigin = $mydomain
# RECEIVING MAIL
# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on. By default,
azathoth:postfix root#
azathoth:postfix root# less main.cf
azathoth:postfix root# more main.cf
# Global Postfix configuration file. This file lists only a subset
# of all 300+ parameters. See the postconf(5) manual page for a
# complete list.
# The general format of each line is: parameter = value. Lines
# that begin with whitespace continue the previous line. A value can
# contain references to other $names or ${name}s.
# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF
# POSTFIX STILL WORKS AFTER EVERY CHANGE.
# SOFT BOUNCE
# The soft_bounce parameter provides a limited safety net for
# testing. When soft_bounce is enabled, mail will remain queued that
# would otherwise bounce. This parameter disables locally-generated
# bounces, and prevents the SMTP server from rejecting mail permanently
# (by changing 5xx replies into 4xx replies). However, soft_bounce
# is no cure for address rewriting mistakes or mail routing mistakes.
# soft_bounce = no
# LOCAL PATHNAME INFORMATION
# The queue_directory specifies the location of the Postfix queue.
# This is also the root directory of Postfix daemons that run chrooted.
# See the files in examples/chroot-setup for setting up Postfix chroot
# environments on different UNIX systems.
queue_directory = /private/var/spool/postfix
# The command_directory parameter specifies the location of all
# postXXX commands.
command_directory = /usr/sbin
# The daemon_directory parameter specifies the location of all Postfix
# daemon programs (i.e. programs listed in the master.cf file). This
# directory must be owned by root.
daemon_directory = /usr/libexec/postfix
# QUEUE AND PROCESS OWNERSHIP
# The mail_owner parameter specifies the owner of the Postfix queue
# and of most Postfix daemon processes. Specify the name of a user
# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS
# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In
# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED
# USER.
mail_owner = _postfix
# The default_privs parameter specifies the default rights used by
# the local delivery agent for delivery to external file or command.
# These rights are used in the absence of a recipient user context.
# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER.
#default_privs = nobody
# INTERNET HOST AND DOMAIN NAMES
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#mydomain = domain.tld
# SENDING MAIL
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# [email protected].
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#myorigin = $myhostname
#myorigin = $mydomain
# RECEIVING MAIL
# The inet_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on. By default,
# the software claims all active interfaces on the machine. The
# parameter also controls delivery of mail to user@[ip.address].
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
# Note: you need to stop/start Postfix when this parameter changes.
#inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
# The proxy_interfaces parameter specifies the network interface
# addresses that this mail system receives mail on by way of a
# proxy or network address translation unit. This setting extends
# the address list specified with the inet_interfaces parameter.
# You must specify your proxy/NAT addresses when your system is a
# backup MX host for other domains, otherwise mail delivery loops
# will happen when the primary MX host is down.
#proxy_interfaces =
#proxy_interfaces = 1.2.3.4
# The mydestination parameter specifies the list of domains that this
# machine considers itself the final destination for.
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
# The default is $myhostname + localhost.$mydomain. On a mail domain
# gateway, you should also include $mydomain.
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
#       mail.$mydomain, www.$mydomain, ftp.$mydomain
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
# The local_recipient_maps parameter specifies optional lookup tables
# with all names or addresses of users that are local with respect
# to $mydestination, $inet_interfaces or $proxy_interfaces.
# If this parameter is defined, then the SMTP server will reject
# mail for unknown local users. This parameter is defined by default.
# To turn off local recipient checking in the SMTP server, specify
# local_recipient_maps = (i.e. empty).
# The default setting assumes that you use the default Postfix local
# delivery agent for local delivery. You need to update the
# local_recipient_maps setting if:
# - You define $mydestination domain recipients in files other than
#   /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
#   For example, you define $mydestination domain recipients in
#   the $virtual_mailbox_maps files.
# - You redefine the local delivery agent in master.cf.
# - You redefine the "local_transport" setting in main.cf.
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
#   feature of the Postfix local delivery agent (see local(8)).
# Details are described in the LOCAL_RECIPIENT_README file.
# Beware: if the Postfix SMTP server runs chrooted, you probably have
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify a bare username, an @domain.tld
# wild-card, or specify a [email protected] address.
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#local_recipient_maps =
# The unknown_local_recipient_reject_code specifies the SMTP server
# response code when a recipient domain matches $mydestination or
# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty
# and the recipient address or address local-part is not found.
# The default setting is 550 (reject mail) but it is safer to start
# with 450 (try again later) until you are certain that your
# local_recipient_maps settings are OK.
unknown_local_recipient_reject_code = 550
# TRUST AND RELAY CONTROL
# The mynetworks parameter specifies the list of "trusted" SMTP
# clients that have more privileges than "strangers".
# In particular, "trusted" SMTP clients are allowed to relay mail
# through Postfix. See the smtpd_recipient_restrictions parameter
# in postconf(5).
# You can specify the list of "trusted" network addresses by hand
# or you can let Postfix do it for you (which is the default).
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
# On Linux, this does works correctly only with interfaces specified
# with the "ifconfig" command.
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
# Don't do this with a dialup site - it would cause Postfix to "trust"
# your entire provider's network. Instead, specify an explicit
# mynetworks list by hand, as described below.
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host
# Alternatively, you can specify the mynetworks list by hand, in
# which case Postfix ignores the mynetworks_style setting.
# Specify an explicit list of network/netmask patterns, where the
# mask specifies the number of bits in the network part of a host
# address.
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here. Specify type:table for table-based lookups
# (the value on the table right-hand side is not used).
#mynetworks = 168.100.189.0/28, 127.0.0.0/8
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
# The relay_domains parameter restricts what destinations this system will
# relay mail to. See the smtpd_recipient_restrictions description in
# postconf(5) for detailed information.
# By default, Postfix relays mail
# - from "trusted" clients (IP address matches $mynetworks) to any destination,
# - from "untrusted" clients to destinations that match $relay_domains or
#   subdomains thereof, except addresses with sender-specified routing.
# The default relay_domains value is $mydestination.
# In addition to the above, the Postfix SMTP server by default accepts mail
# that Postfix is final destination for:
# - destinations that match $inet_interfaces or $proxy_interfaces,
# - destinations that match $mydestination
# - destinations that match $virtual_alias_domains,
# - destinations that match $virtual_mailbox_domains.
# These destinations do not need to be listed in $relay_domains.
# Specify a list of hosts or domains, /file/name patterns or type:name
# lookup tables, separated by commas and/or whitespace. Continue
# long lines by starting the next line with whitespace. A file name
# is replaced by its contents; a type:name table is matched when a
# (parent) domain appears as lookup key.
# NOTE: Postfix will not automatically forward mail for domains that
# list this system as their primary or backup MX host. See the
# permit_mx_backup restriction description in postconf(5).
#relay_domains = $mydestination
# INTERNET OR INTRANET
# The relayhost parameter specifies the default host to send mail to
# when no entry is matched in the optional transport(5) table. When
# no relayhost is given, mail is routed directly to the destination.
# On an intranet, specify the organizational domain name. If your
# internal DNS uses no MX records, specify the name of the intranet
# gateway host instead.
# In the case of SMTP, specify a domain, host, host:port, [host]:port,
# [address] or [address]:port; the form [host] turns off MX lookups.
# If you're connected via UUCP, see also the default_transport parameter.
#relayhost = $mydomain
#relayhost = [gateway.my.domain]
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
# REJECTING UNKNOWN RELAY USERS
# The relay_recipient_maps parameter specifies optional lookup tables
# with all addresses in the domains that match $relay_domains.
# If this parameter is defined, then the SMTP server will reject
# mail for unknown relay users. This feature is off by default.
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify an @domain.tld wild-card, or specify
# a [email protected] address.
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
# INPUT RATE CONTROL
# The in_flow_delay configuration parameter implements mail input
# flow control. This feature is turned on by default, although it
# still needs further development (it's disabled on SCO UNIX due
# to an SCO bug).
# A Postfix process will pause for $in_flow_delay seconds before
# accepting a new message, when the message arrival rate exceeds the
# message delivery rate. With the default 100 SMTP server process
# limit, this limits the mail inflow to 100 messages a second more
# than the number of messages delivered per second.
# Specify 0 to disable the feature. Valid delays are 0..10.
#in_flow_delay = 1s
# ADDRESS REWRITING
# The ADDRESS_REWRITING_README document gives information about
# address masquerading or other forms of address rewriting including
# username->Firstname.Lastname mapping.
# ADDRESS REDIRECTION (VIRTUAL DOMAIN)
# The VIRTUAL_README document gives information about the many forms
# of domain hosting that Postfix supports.
# "USER HAS MOVED" BOUNCE MESSAGES
# See the discussion in the ADDRESS_REWRITING_README document.
# TRANSPORT MAP
# See the discussion in the ADDRESS_REWRITING_README document.
# ALIAS DATABASE
# The alias_maps parameter specifies the list of alias databases used
# by the local delivery agent. The default list is system dependent.
# On systems with NIS, the default is to search the local alias
# database, then the NIS alias database. See aliases(5) for syntax
# details.
# If you change the alias database, run "postalias /etc/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.
# It will take a minute or so before changes become visible. Use
# "postfix reload" to eliminate the delay.
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# The alias_database parameter specifies the alias database(s) that
# are built with "newaliases" or "sendmail -bi". This is a separate
# configuration parameter, because alias_maps (see above) may specify
# tables that are not necessarily all under control by Postfix.
#alias_database = dbm:/etc/aliases
#alias_database = dbm:/etc/mail/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
# ADDRESS EXTENSIONS (e.g., user+foo)
# The recipient_delimiter parameter specifies the separator between
# user names and address extensions (user+foo). See canonical(5),
# local(8), relocated(5) and virtual(5

Ok 1st one. The warning restriction message relates to this line in main.cf:
smtpd_helo_restrictions = permit_sasl_authenticated permit_mynetworks check_helo_access hash:/etc/postfix/helo_access reject_non_fqdn_hostname reject_invalid_hostname permit reject_invalid_helo_hostname
The last reject occurs after the single word "permit" and is ignored.
However, that's not the problem.
I'm not exactly sure what's happening, but this might be a clue.
It would appear that either postfix is not being able to create the socket for private/policy or it's somehow created with the wrong permissions. You might need to ramp up the debug level to get a better idea.
You could check if it's being created by "netstat -a | grep private/policy" in terminal.
My guess is that it's not being created because there is no setup statement in your master.cf file, but I don't understand why postfix would be looking for it if it isn't set up. Private/policy I think relates to grey listing. Maybe gives you a hint.

Remote Desktop 'Connection Refused'

Modem/Router Model: GT704-WG-B
Firmware Version: 30.17.0 (Red background)
Operating System: Windows 7 Enterprise
Here is what I have set up to allow me access from outside my network via RDP.
Router config: Security > Applications "RDP" Rule Applied | Port 3389 Start/End/Port Map Start
UPnP is on
Modem/Router Firewall is OFF
Windows Firewall is ON with TCP 3389 allowed In/Out
Local PC has static IP address outside of DHCP range
Remote desktop (any version of RDP) allowed in Computer > Properties > Remote
I use Jaadu RDP iPhone application and have used it successfully for quite some time. When I first got Verizon service I set up RDP on the router and everything worked fine. I ran into an issue that caused a verizon tech to tell me to reset my modem/router to the factory defaults. Ever since, I have not been able to access my local PC via RDP. Every time I attempt to connect I get a connection refused message. I receive the same type of message when attempting to RDP in from another PC. I am able to RDP from within my LAN from both my iPhone and my other PC.
I have crossed my Ts and dotted my Is and am at a loss at this point. If anyone has experienced this issue and found a fix, I would appreciate some help.
Thanks

#1 If the router turn off UPnP, since you will not be needing it.
#2 If that does not resolve it / or it happen again, please post...
If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

Connection refused error running JSP on Jdev 10.1.3.0.3.3412 with MySL 5.0

Hello,
I'm using Jdeveloper 10.1.3.0.3.3412 on a Mac with a MySQL database. In Jdeveloper i can make a connection to the database and create adf business components
I've made a JSP page with ADF on a single table. No errors when compiling. When I try to run the JSP Page using Embedded OC4J (on Mac OSX Tiger) I get the error:
5/12/09 00:45:50 java.net.ConnectException: Connection refused
05/12/09 00:45:50      at java.net.PlainSocketImpl.socketConnect(Native Method)
05/12/09 00:45:50      at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
05/12/09 00:45:50      at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
05/12/09 00:45:50      at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
05/12/09 00:45:50      at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:428)
05/12/09 00:45:50      at java.net.Socket.connect(Socket.java:507)
05/12/09 00:45:50      at java.net.Socket.connect(Socket.java:457)
05/12/09 00:45:50      at java.net.Socket.<init>(Socket.java:365)
05/12/09 00:45:50      at java.net.Socket.<init>(Socket.java:207)
05/12/09 00:45:50      at oracle.jdevimpl.runner.oc4j.Oc4jNotifier.sendMessage(Oc4jNotifier.java:98)
05/12/09 00:45:50      at oracle.jdevimpl.runner.oc4j.Oc4jNotifier.postInitApplicationServer(Oc4jNotifier.java:55)
05/12/09 00:45:50      at com.evermind.server.ApplicationServer.serverExtensionPostInit(ApplicationServer.java:1041)
05/12/09 00:45:50      at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:927)
05/12/09 00:45:50      at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:98)
05/12/09 00:45:50      at java.lang.Thread.run(Thread.java:613)
What am I doing wrong? The embedded OC4J library is added to the project. I've tried to use the javac compiler. It looks like the OC4J instance cannot make a connection to the db.
Thanks,
Martin

Hello
I've added the connection to the web.xml, but still get the same error.
When I go to embedded OC4J preferences and change the JNDI-names of the datasources (global and current-workspace) to the same name (this was default), i get this error message:
9-dec-2005 9:30:09 com.evermind.server.ApplicationStateRunning initNativeDataSource
SEVERE: Error creating native data source. The location 'jdbc/MySQLConnectionCoreDS' is already in use.
05/12/09 09:30:09 Application: current-workspace-app is in state FAILED
05/12/09 09:30:09 Error instantiating application 'current-workspace-app' at file:/Users/martinsuijs/jdevhome/mywork/myWorldApp/myWorldApp-oc4j-app.xml: Error creating native data source. The location 'jdbc/MySQLConnectionCoreDS' is already in use.
05/12/09 09:30:14 java.net.ConnectException: Connection refused
grtz
Martin

Telnet connection refused in non global zone

I have recently installed a new zone and I am trying to log into the new zone via telnet and I get the following error;
telnet: Unable to connect to remote host: Connection refused
when i check the services on the zone they are as follows;
# svcs -a
STATE STIME FMRI
legacy_run 12:25:02 lrc:/etc/rcS_d/S51installupdates
disabled 12:25:01 svc:/network/rpc/keyserv:default
disabled 12:25:01 svc:/network/rpc/nisplus:default
disabled 12:25:01 svc:/network/nis/server:default
disabled 12:25:01 svc:/network/nis/client:default
disabled 12:25:01 svc:/network/dns/client:default
disabled 12:25:01 svc:/network/ldap/client:default
disabled 12:25:01 svc:/network/nfs/cbd:default
disabled 12:25:01 svc:/network/nfs/mapid:default
disabled 12:25:01 svc:/network/inetd-upgrade:default
disabled 12:25:01 svc:/system/auditd:default
disabled 12:25:01 svc:/application/print/server:default
disabled 12:25:01 svc:/network/ntp:default
disabled 12:25:01 svc:/system/rcap:default
disabled 12:25:01 svc:/network/dhcp-server:default
disabled 12:25:01 svc:/network/nfs/server:default
disabled 12:25:01 svc:/network/rarp:default
disabled 12:25:01 svc:/network/rpc/bootparams:default
disabled 12:25:01 svc:/application/gdm2-login:default
disabled 12:25:01 svc:/application/management/webmin:default
disabled 12:25:02 svc:/network/dns/server:default
disabled 12:25:02 svc:/network/http:apache2
disabled 12:25:02 svc:/network/nis/passwd:default
disabled 12:25:02 svc:/network/nis/update:default
disabled 12:25:02 svc:/network/nis/xfr:default
disabled 12:25:02 svc:/network/security/kadmin:default
disabled 12:25:02 svc:/network/security/krb5kdc:default
disabled 12:25:02 svc:/network/slp:default
disabled 12:25:02 svc:/system/consadm:default
disabled 12:25:02 svc:/system/filesystem/volfs:default
disabled 12:25:02 svc:/system/sar:default
online 12:25:00 svc:/system/svc/restarter:default
online 12:25:01 svc:/network/physical:default
online 12:25:01 svc:/network/loopback:default
online 12:25:01 svc:/milestone/name-services:default
online 12:25:01 svc:/system/filesystem/root:default
online 12:25:01 svc:/milestone/network:default
online 12:25:01 svc:/system/identity:node
online 12:25:01 svc:/system/boot-archive:default
online 12:25:01 svc:/system/filesystem/usr:default
online 12:25:01 svc:/system/device/local:default
online 12:25:02 svc:/system/keymap:default
online 12:25:02 svc:/milestone/devices:default
online 12:25:02 svc:/system/filesystem/minimal:default
online 12:25:02 svc:/system/rmtmpfiles:default
online 12:25:02 svc:/system/cryptosvc:default
online 12:25:02 svc:/application/print/cleanup:default
online 12:25:02 svc:/system/name-service-cache:default
online 12:25:02 svc:/system/identity:domain
online 12:25:02 svc:/network/initial:default
online 12:25:02 svc:/network/service:default
online 12:25:02 svc:/system/manifest-import:default
online 12:25:02 svc:/milestone/single-user:default
online 12:25:02 svc:/system/filesystem/local:default
online 12:25:02 svc:/system/cron:default
online 12:25:02 svc:/application/font/fc-cache:default
online 12:25:02 svc:/system/coreadm:default
online 12:25:02 svc:/system/sysidtool:net
online 12:25:02 svc:/network/rpc/bind:default
online 12:25:03 svc:/network/nfs/status:default
online 12:25:03 svc:/network/nfs/nlockmgr:default
offline 12:25:01 svc:/system/utmp:default
offline 12:25:01 svc:/milestone/sysconfig:default
offline 12:25:01 svc:/network/inetd:default
offline 12:25:01 svc:/system/filesystem/autofs:default
offline 12:25:01 svc:/system/system-log:default
offline 12:25:01 svc:/system/console-login:default
offline 12:25:01 svc:/network/nfs/client:default
offline 12:25:01 svc:/network/smtp:sendmail
offline 12:25:01 svc:/milestone/multi-user:default
offline 12:25:01 svc:/network/ssh:default
offline 12:25:01 svc:/milestone/multi-user-server:default
offline 12:25:01 svc:/application/print/ipp-listener:default
offline 12:25:02 svc:/system/sac:default
offline* 12:25:02 svc:/system/sysidtool:system
uninitialized 12:25:01 svc:/network/rpc/gss:default
uninitialized 12:25:01 svc:/application/font/stfsloader:default
uninitialized 12:25:01 svc:/application/print/rfc1179:default
uninitialized 12:25:01 svc:/application/x11/xfs:default
uninitialized 12:25:01 svc:/network/apocd/udp:default
uninitialized 12:25:01 svc:/network/chargen:dgram
uninitialized 12:25:01 svc:/network/chargen:stream
uninitialized 12:25:02 svc:/network/comsat:default
uninitialized 12:25:02 svc:/network/daytime:dgram
uninitialized 12:25:02 svc:/network/daytime:stream
uninitialized 12:25:02 svc:/network/discard:dgram
uninitialized 12:25:02 svc:/network/discard:stream
uninitialized 12:25:02 svc:/network/echo:dgram
uninitialized 12:25:02 svc:/network/echo:stream
uninitialized 12:25:02 svc:/network/finger:default
uninitialized 12:25:02 svc:/network/ftp:default
uninitialized 12:25:02 svc:/network/login:eklogin
uninitialized 12:25:02 svc:/network/login:klogin
uninitialized 12:25:02 svc:/network/login:rlogin
uninitialized 12:25:02 svc:/network/nfs/rquota:default
uninitialized 12:25:02 svc:/network/rexec:default
uninitialized 12:25:02 svc:/network/rpc/ocfserv:default
uninitialized 12:25:02 svc:/network/rpc/rex:default
uninitialized 12:25:02 svc:/network/rpc/rstat:default
uninitialized 12:25:02 svc:/network/rpc/rusers:default
uninitialized 12:25:02 svc:/network/rpc/smserver:default
uninitialized 12:25:02 svc:/network/rpc/spray:default
uninitialized 12:25:02 svc:/network/rpc/wall:default
uninitialized 12:25:02 svc:/network/security/krb5_prop:default
uninitialized 12:25:02 svc:/network/security/ktkt_warn:default
uninitialized 12:25:02 svc:/network/shell:default
uninitialized 12:25:02 svc:/network/shell:kshell
uninitialized 12:25:02 svc:/network/talk:default
uninitialized 12:25:02 svc:/network/telnet:default
uninitialized 12:25:02 svc:/network/time:dgram
uninitialized 12:25:02 svc:/network/time:stream
uninitialized 12:25:02 svc:/network/tname:default
uninitialized 12:25:02 svc:/network/uucp:default
uninitialized 12:25:02 svc:/network/rpc-100235_1/rpc_ticotsord:default
uninitialized 12:25:02 svc:/network/rpc-100083_1/rpc_tcp:default
uninitialized 12:25:02 svc:/network/rpc-100068_2-5/rpc_udp:default
any suggestions? Thanks in advance.

After taking your suggestions, i found that there was no loghost defined in /etc/host. I defined one and now all of my services came up. I still don't have any ssh, it says
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 2. Could not load hostkey or GSS-API mechanisms
sshd: no hostkeys available -- exiting.
Any suggestions? Thanks for yur help, i will make sure to give you a star.
Harvey

Connection refused via JDBC

Similar Messages

Maybe you are looking for