Hi! We are running debian 10 and since hours ispconfig 3.2. The update to ispconfig 3.2 runned without errors. For now, we cant recieve emails - the delivering to the mailboxes stopped. Here the logs form the mail.service: Mail.log: Code: Nov 3 19:49:35 monarch dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=213.133.113.84, lip=136.243.X.XXX, mpid=11440, session=<Ugj7Ujizq8fVhXFU> Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Loading modules from directory: /usr/lib/dovecot/modules Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Module loaded: /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Added userdb setting: mail=maildir:/var/vmail/xxxxx.at/office/Maildir Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Added userdb setting: plugin/quota_rule=*:storage=212860928000B Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Added userdb setting: plugin/sieve=/var/vmail/xxxxx.at/office/.sieve Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Effective uid=5000, gid=5000, home=/var/vmail/xxxxx.at/office Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Quota root: name=user backend=dict args=:file:/var/vmail/products4more.at/office/.quotausage Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Quota rule: root=user mailbox=* bytes=212860928000 messages=0 Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Quota grace: root=user bytes=21286092800 (10%) Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: dict quota: [email protected], uri=file:/var/vmail/xxxxx.at/office/.quotausage, noenforcing=0 Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Namespace inbox: type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/vmail/products4more.at/office/Maildir Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: maildir++: root=/var/vmail/xxxxx.at/office/Maildir, index=, indexpvt=, control=, inbox=/var/vmail/xxxxx.at/office/Maildir, alt= Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: quota: quota_over_flag check: quota_over_script unset - skipping Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Debug: Mailbox INBOX: Mailbox opened because: EXAMINE Nov 3 19:49:35 monarch dovecot: imap([email protected])<11440><Ugj7Ujizq8fVhXFU>: Connection closed (SEARCH finished 0.003 secs ago) in=48 out=1148 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Nov 3 19:49:35 monarch dovecot: auth: login(?,141.98.80.76): Request timed out waiting for client to continue authentication (150 secs) Nov 3 19:49:42 monarch dovecot: auth: login(?,141.98.80.76): Request timed out waiting for client to continue authentication (150 secs) Nov 3 19:49:42 monarch postfix/smtpd[10718]: connect from unknown[45.142.120.XXX] Nov 3 19:49:42 monarch dovecot: auth-worker(9321): sql([email protected],45.142.120.XXX): unknown user Nov 3 19:49:43 monarch dovecot: auth: login(?,141.98.80.76): Request timed out waiting for client to continue authentication (150 secs) Nov 3 19:49:43 monarch dovecot: auth: login(?,141.98.80.76): Request timed out waiting for client to continue authentication (150 secs) Nov 3 19:49:43 monarch postfix/smtpd[9790]: warning: unknown[45.142.120.60]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 19:49:43 monarch postfix/smtpd[9686]: warning: unknown[45.142.120.54]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 19:49:43 monarch postfix/smtpd[9686]: disconnect from unknown[45.142.120.54] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Nov 3 19:49:43 monarch postfix/smtpd[9790]: disconnect from unknown[45.142.120.60] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Nov 3 19:49:44 monarch dovecot: auth: plain(?,78.128.113.120): Request timed out waiting for client to continue authentication (150 secs) Nov 3 19:53:55 monarch postfix/smtpd[9788]: NOQUEUE: reject: RCPT from mgw2.xxxxxx.at[217.116.179.XX]: 450 4.1.1 <[email protected]>: Recipient address rejected: unverified address: host monarch.xxxxxx.at[private/dovecot-lmtp] said: 501 5.5.4 Invalid FROM: Invalid domain (in reply to MAIL FROM command); from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mgw2.xxxxxx.at> mail.warn: Code: Nov 3 19:55:05 monarch postfix/smtpd[9767]: warning: unknown[45.142.120.35]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 19:55:05 monarch postfix/smtpd[9787]: warning: unknown[78.128.113.120]: SASL PLAIN authentication failed: mail.err Code: Nov 3 17:54:48 monarch postfix/smtpd[865]: fatal: proxymap service is not configured for table "mysql:/etc/postfix/mysql-virtual_relaydomains.cf" Nov 3 17:55:02 monarch postfix/cleanup[1492]: fatal: proxymap service is not configured for table "mysql:/etc/postfix/mysql-virtual_alias_maps.cf" Nov 3 19:14:29 monarch dovecot: auth-worker(1274): Error: mysql(localhost): Connect failed to database (dbispconfig): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) - waiting for 5 seconds before retry Nov 3 19:14:29 monarch dovecot: auth-worker(1274): Error: mysql(localhost): Connect failed to database (dbispconfig): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) - waiting for 5 seconds before retry Nov 3 19:15:02 monarch amavis[1793]: (01793-06) (!!)TROUBLE in process_request: sql exec: err=1927, 70100, DBD::mysql::st execute failed: Connection was killed at (eval 109) line 173. at (eval 111) line 333. Nov 3 1 Code: netstat -ln | grep mysql unix 2 [ ACC ] STREAM LISTENING 350411 /var/run/mysqld/mysqld.sock Can anyone help in this issue? Thank you for any (quick) hints! Martin
Start with this: https://www.howtoforge.com/community/threads/please-read-before-posting.58408/ Are all services running: Code: systemctl --state=failed
I think all necessary is running, but: systemctl --state=failed UNIT LOAD ACTIVE SUB DESCRIPTION ● fail2ban.service loaded failed failed Fail2Ban Service ● gitlab-runsvdir.service loaded failed failed GitLab Runit supervision process
Here the output of your ispconfig-analyse-scripts and an excerpt of the quickgrowing error-log of mysql.err and maybe a hint from mail.warn - maybe in relation to a certificate. I did my own solution for letsencrypt-certs for the mail-services. In the update to 3.2 I did not create a certificate (as described in the update-howto). Code: cat htf_report.txt | more ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.24-3+0~20201103.72+debian10~1.gbp945915 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.40-0+deb8u2 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 1945) [INFO] I found the following mail server(s): Postfix (PID 1380) [INFO] I found the following pop3 server(s): Dovecot (PID 944) [INFO] I found the following imap server(s): Dovecot (PID 944) [INFO] I found the following ftp server(s): PureFTP (PID 1785) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (982/named) [anywhere]:21 (1785/pure-ftpd) ***.***.***.***:53 (982/named) [localhost]:53 (982/named) [anywhere]:22 (1002/sshd) [localhost]:5432 (1130/postgres) [anywhere]:25 (1380/master) [localhost]:5433 (1107/postgres) [localhost]:953 (982/named) [localhost]:5434 (1092/postgres) [localhost]:9980 (2177/docker-proxy) [anywhere]:993 (944/dovecot) [anywhere]:995 (944/dovecot) [localhost]:10023 (786/postgrey) [localhost]:10024 (1644/amavisd-new) [localhost]:10025 (1380/master) [localhost]:10026 (1644/amavisd-new) [localhost]:10027 (1380/master) [anywhere]:587 (1380/master) [localhost]:6379 (996/redis-server) [localhost]:11211 (932/memcached) [anywhere]:110 (944/dovecot) [anywhere]:143 (944/dovecot) [anywhere]:10000 (1672/perl) [anywhere]:465 (1380/master) *:*:*:*::*:21 (1785/pure-ftpd) *:*:*:*::*:53 (982/named) *:*:*:*::*:22 (1002/sshd) *:*:*:*::*:25 (1380/master) *:*:*:*::*:953 (982/named) *:*:*:*::*:443 (1945/apache2) *:*:*:*::*:993 (944/dovecot) *:*:*:*::*:995 (944/dovecot) *:*:*:*::*:10024 (1644/amavisd-new) *:*:*:*::*:3306 (1071/mysqld) *:*:*:*::*:10026 (1644/amavisd-new) *:*:*:*::*:587 (1380/master) *:*:*:*::*:6379 (996/redis-server) [localhost]10 (944/dovecot) [localhost]43 (944/dovecot) *:*:*:*::*:8080 (1945/apache2) *:*:*:*::*:80 (1945/apache2) *:*:*:*::*:8081 (1945/apache2) *:*:*:*::*:465 (1380/master) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination DOCKER-USER all -- [anywhere]/0 [anywhere]/0 DOCKER-ISOLATION-STAGE-1 all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED DOCKER all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain DOCKER (1 references) target prot opt source destination ACCEPT tcp -- [anywhere]/0 ***.***.***.*** tcp dpt:9980 Chain DOCKER-ISOLATION-STAGE-1 (1 references) target prot opt source destination DOCKER-ISOLATION-STAGE-2 all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-ISOLATION-STAGE-2 (1 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-USER (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 mysql.err: Code: 2020-11-03 21:59:20 12717 [Warning] Aborted connection 12717 to db: 'dbispconfig' user: 'ispconfig' host: 'localhost' (Got an error reading communication packets) mail.err Code: Nov 3 22:58:37 monarch postfix/smtpd[26872]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:../ssl/statem/statem_srvr.c:2284: Nov 3 22:58:38 monarch postfix/smtpd[26926]: warning: unknown[45.142.120.74]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 3 22:58:39 monarch postfix/smtpd[26921]: warning: unknown[212.70.149.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
That's outdated for debian 10 (not your mysql issue, but...) Do you have an ssl certificate setup for mysql?
Hi! Fixed the fail2ban-service issue by disabling roudcube-check Code: pico /etc/fail2ban/jail.local #[roundcube-auth] #enabled = true #maxretry = 10 No fail2ban ist up and running. Im trying for hours to configure ispconfig to use cli-7.3 according to https://www.howtoforge.com/communit...annel-after-upgrade-to-3-2.85472/#post-411277 On our webspaces/hosts we use php 5.6 to 7.4 (configured by ispconfig), 7.4 is installed on the system, but its not used by default. I tried it to setup in ispconfig-panel (system/serverconfiguration/[server]/web/php-setting) but it will not work because the settings are not saveable (quit with an error altough all paths are set, like "). I reconfigured ispconfig 3.2 (downloaded fresh package -> php -q update.php) after setting the alternatives Code: #php -v PHP 7.3.24-3+0~20201103.72+debian10~1.gbp945915 (cli) #php-cgi -v PHP 7.3.24-3+0~20201103.72+debian10~1.gbp945915 (cgi-fcgi) a2enmod php7.3 and service apache2 restart - but no effect for ispconfig :-( Code: cat htf_report.txt | more ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.4.12 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.40-0+deb8u2 No, I do not have an SSL-cert-Setup for MySQL. Is that necessary? Is it possible to do it in a quick way or do disable the need for temporary? Got now a status-mail form an internal printing-machine - and two spams in my inbox. "Normal"-Mails from outside do not work. Code: Nov 3 22:49:31 monarch dovecot: auth-worker(1494): sql([email protected],45.142.120.38): unknown user Nov 4 06:31:09 monarch postfix/smtpd[9977]: NOQUEUE: filter: RCPT from wlan-246-35.stone-rich.at[80.75.246.35]: <[email protected]>: Sender address triggers FILTER lmtp:[127.0.0.1]:10026; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<SC-S60600Series-588A3F> Nov 4 06:31:09 monarch postfix/qmgr[9944]: 5E2005584EBB: from=<[email protected]>, size=831, nrcpt=1 (queue active) Nov 4 06:31:14 monarch postfix/qmgr[9944]: 856B955852BF: from=<[email protected]>, size=1352, nrcpt=1 (queue active) Nov 4 06:31:14 monarch amavis[32176]: (32176-10) Passed CLEAN {RelayedInternal}, ORIGINATING LOCAL [127.0.0.1] [80.75.246.35] <[email protected]> -> <[email protected]>, Message-ID: <1.20201104082553@sc-s60600series-588a3f>, mail_id: KY5n2Jh4VT3z, Hits: -1.998, size: 831, queued_as: 856B955852BF, 5018 ms Nov 4 06:31:14 monarch dovecot: lmtp([email protected])<10798><MFcVJqI8ol8uKgAA7NYFew>: sieve: msgid=<1.20201104082553@SC-S60600Series-588A3F>: sent vacation response to <[email protected]> Nov 4 06:31:15 monarch amavis[32175]: (32175-11) Passed CLEAN {RelayedOpenRelay}, [127.0.0.1] <> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: 60WsUTaGnqKI, Hits: -1.9, size: 1155, queued_as: 483A555838AF, 540 ms Nov 4 06:31:15 monarch postfix/lmtp[11072]: AA1A75585360: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.69, delays=0.14/0/0/0.54, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 483A555838AF) Nov 4 06:31:15 monarch postfix/smtp[11071]: 483A555838AF: to=<[email protected]>, relay=none, delay=0.08, delays=0.04/0/0.04/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=device.epson type=AAAA: Host not found) Why comes this in the inbox? Because its sent with the same credentials als we log to our inbox? Thanks for any hints!
Curious. Run "which php", maybe you have multiple "php" executables in your path? No it isn't, it actually adds one more thing to ensure is setup/updated correctly, so don't add that at least until everything is up and running for you (and even after that, it's not needed if you only use localhost db connections).
Code: #which php /usr/bin/php #php-cgi -v PHP 7.3.24-3+0~20201103.72+debian10~1.gbp945915 (cgi-fcgi) (built: Nov 3 2020 14:31:51) Copyright (c) 1997-2018 The PHP Group # wget -q -O htf-common-issues.php "http://gitplace.net/pixcept/ispconfig-tools/raw/stable/htf-common-issues.php" && php -q htf-common-issues.php # cat htf_report.txt | more ---snip--- [INFO] OS version is Debian GNU/Linux 10 (buster) ##### ISPCONFIG ##### ISPConfig version is 3.2 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.24-3+0~20201103.72+debian10~1.gbp945915 [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.40-0+deb8u2 ---snip--- So any ideas to fix this? Thanks for your inputs.
