Authentification SMTP failed

would be nice to know, still

also

not sure where you pulled this up from, but usually you test this on your local server on 127.0.0.1 first
or at least with the correct hostname, which would be vps.clicshopping.eu

please check this,
type

Code:

mail

 

systemctl status I have always in red this :

vps
State: degraded
Units: 509 loaded (incl. loaded aliases)
Jobs: 0 queued
Failed: 2 units
Since: Mon 2024-07-29 00:07:51 UTC; 3min 28s ago
systemd: 255.4-1ubuntu8.2
CGroup: /
├─init.scope
│ └─1 /sbin/init
├─system.slice
│ ├─apache2.service
│ │ ├─1082 /usr/sbin/apache2 -k start
│ │ ├─1088 "vlogger (access log)"
│ │ ├─1089 /usr/sbin/apache2 -k start
│ │ ├─1091 /usr/sbin/apache2 -k start
│ │ ├─1116 "Passenger watchdog"
│ │ ├─1145 "Passenger core"
│ │ ├─1176 /usr/sbin/apache2 -k start
│ │ └─1177 /usr/sbin/apache2 -k start
│ ├─clamav-freshclam.service
│ │ └─672 /usr/bin/freshclam -d --foreground=true
│ ├─cron.service
│ │ └─674 /usr/sbin/cron -f -P
│ ├─dbus.service
│ │ └─675 @dbus-daemon --system --address=systemd: --nofork --nopidf>
│ ├─dovecot.service
│ │ ├─ 677 /usr/sbin/dovecot -F

I do that also but on the reboot it failed

systemctl daemon-reload
systemctl enable clamav-daemon
Synchronizing state of clamav-daemon.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable clamav-daemon

 

is different from what I wrote in the previous post, I assume you're on it, just wanted to make sure

not sure if this breaks things but usually not. If it asks for a config file to be overwritten, just hit
enter which _usually_ is defaulting to no overwrite.

Code:

apt --reinstall install clamav-daemon rspamd dovecot

 

Which tutorial did you use to install the server? the latest to update 20.04 to 22.04.


systemctl enable clamav-daemon
Synchronizing state of clamav-daemon.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable clamav-daemon
root@vps:/home/ubuntu# /etc/init.d/postfix restart

Restarting postfix (via systemctl): postfix.service.
root@vps:/home/ubuntu# journalctl -xeu clamav-daemon
░░ The job identifier is 191.
Jul 29 00:07:56 vps systemd[1]: Started clamav-daemon.service - Clam AntiVirus >
░░ Subject: A start job for unit clamav-daemon.service has finished successfully
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ A start job for unit clamav-daemon.service has finished successfully.
░░
░░ The job identifier is 191.
Jul 29 00:08:07 vps systemd[1]: clamav-daemon.service: A process of this unit h>
░░ Subject: A process of clamav-daemon.service unit has been killed by the OOM >
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ A process of unit @UNIT has been killed by the Linux kernel out-of-memory (O>
░░ killer logic. This usually indicates that the system is low on memory and th>
░░ memory needed to be freed. A process associated with clamav-daemon.service h>
░░ as the best process to terminate and has been forcibly terminated by the
░░ kernel.
░░
░░ Note that the memory pressure might or might not have been caused by clamav->
Jul 29 00:08:07 vps systemd[1]: clamav-daemon.service: Main process exited, cod>
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ An ExecStart= process belonging to unit clamav-daemon.service has exited.
░░
░░ The process' exit code is 'killed' and its exit status is 9.
Jul 29 00:08:07 vps systemd[1]: clamav-daemon.service: Failed with result 'oom->
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ The unit clamav-daemon.service has entered the 'failed' state with result 'o>
Jul 29 00:08:07 vps systemd[1]: clamav-daemon.service: Consumed 9.246s CPU time.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support

journalctl -xeu rspamd


ul 29 00:07:56 vps systemd[1]: Starting rspamd.service - LSB: Rspamd spam filt>
░░ Subject: A start job for unit rspamd.service has begun execution
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ A start job for unit rspamd.service has begun execution.
░░
░░ The job identifier is 204.
Jul 29 00:07:56 vps systemd[1]: Started rspamd.service - LSB: Rspamd spam filte>
░░ Subject: A start job for unit rspamd.service has finished successfully
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ A start job for unit rspamd.service has finished successfully.
░░
░░ The job identifier is 204.


telnet smtp-relay.clicshopping.org 25
Server lookup failure: smtp-relay.clicshopping.org:25, Name or service not known

mail
Mail version 8.1.2 01/15/2001. Type ? for help.
"/var/mail/root": 530 messages 530 new
>N 1 [email protected] Wed Jan 10 15:51 16/612 [rkhunter] Warnings found f
N 2 MAILER-DAEMON@vps Wed Jan 10 19:27 92/3785 Undelivered Mail Returned t
N 3 [email protected] Thu Jan 11 00:00 16/612 [rkhunter] Warnings found f
N 4 [email protected] Thu Jan 11 06:25 20/826 Cron <root@vps> test -x /us
N 5 [email protected] Fri Jan 12 00:00 16/612 [rkhunter] Warnings found f
N 6 [email protected] Fri Jan 12 06:25 20/826 Cron <root@vps> test -x /us
N 7 [email protected] Sat Jan 13 00:00 16/612 [rkhunter] Warnings found f
N 8 [email protected] Sat Jan 13 06:25 20/826 Cron <root@vps> test -x /us
N 9 [email protected] Sun Jan 14 00:00 16/612 [rkhunter] Warnings found f
N 10 [email protected] Sun Jan 14 06:25 20/826 Cron <root@vps> test -x /us

 

apt --reinstall install clamav-daemon rspamd dovecot
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package dovecot is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package 'dovecot' has no installation candidate

 

clamav might be using too much memory and got killed by the system, great. well
https://forum.howtoforge.com/threads/clamav-consume-a-lot-of-memory.88996/page-2#post-453277
you could try this, maybe read the entire thread if there is any issue afterwards.

looking fine

true, just ignore that, it's probably allright.

your servers hostname is vps.clicshopping.eu

please check your /etc/apt/sources.list.d/rspamd.list
and ensure it has the correct repository enabled

Code:

deb [arch=amd64] http://rspamd.com/apt-stable/ jammy main
deb-src [arch=amd64] http://rspamd.com/apt-stable/ jammy main

if they are commented out or have the wrong codename (jammy is something else) edit the file,
run apt update && apt upgrade afterwards.

if you are using goaccess, procedure should be similar.

 

ls
goaccess.list.distUpgrade ondrej-ubuntu-php-jammy.sources
goaccess.sources rspamd.list.distUpgrade
ondrej-ubuntu-php-jammy.list.distUpgrade ubuntu.sources

root@vps:/etc/apt/sources.list.d# nano rspamd.list.distUpgrade
deb [arch=amd64 signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt-s>
deb-src [arch=amd64 signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/a>

that's all seems a problem here

oups an error : the latest to update is 22.04 to 24.04. Make a mistake

 

the files should be named rspamd.list
the .distUpgrade extensions is more or less disabling that sources.

well in that case it should be "noble" instead of "jammy" - without the quotes.

 

Also you did not set the reverse DNS for your servers ip yet.
As you named your server vps.clicshopping.eu this is the value you should enter in the area shown in the attached screen here
Authentification SMTP failed

 

there the result


apt update && apt upgrade
Hit:2 http://archive.ubuntu.com/ubuntu noble InRelease
Hit:3 http://security.ubuntu.com/ubuntu noble-security InRelease
Get:1 https://rspamd.com/apt-stable noble InRelease [3,158 B]
Hit:4 http://archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:5 http://archive.ubuntu.com/ubuntu noble-backports InRelease
Err:1 https://rspamd.com/apt-stable noble InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FFA232EDBF21E25E
Reading package lists... Done
W: GPG error: https://rspamd.com/apt-stable noble InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FFA232EDBF21E25E
E: The repository 'http://rspamd.com/apt-stable noble InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

 

and toolbox

smtp:91.134.91.2




220 vps.clicshopping.eu ESMTP Postfix (Ubuntu)

Test Result
SMTP Banner Check Reverse DNS does not match SMTP Banner More Info
SMTP Reverse DNS Mismatch OK - 91.134.91.2 resolves to vps-153df52e.vps.ovh.net
SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
SMTP TLS OK - Supports TLS.
SMTP Connection Time 0.312 seconds - Good on Connection time
SMTP Open Relay OK - Not an open relay.
SMTP Transaction Time 1.034 seconds - Good on Transaction Time

Connecting to 91.134.91.2

220 vps.clicshopping.eu ESMTP Postfix (Ubuntu) [190 ms]
EHLO keeper-us-east-1d.mxtoolbox.com
250-vps.clicshopping.eu
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING [193 ms]
MAIL FROM:<[email protected]>
250 2.1.0 Ok [219 ms]
RCPT TO:<[email protected]>
554 5.7.1 <[email protected]>: Relay access denied [233 ms]

LookupServer 3707ms

 

also there

I need to change vp-xxxxxxx by vps.clicshopping.eu Is it correct ?

 

rspamd should be fixed after this

Code:

rm /etc/apt/sources.list.d/rspamd.list
sudo apt-get install -y lsb-release wget gpg
CODENAME=`lsb_release -c -s`
sudo mkdir -p /etc/apt/keyrings
wget -O- https://rspamd.com/apt-stable/gpg.key | gpg --dearmor | sudo tee /etc/apt/keyrings/rspamd.gpg > /dev/null
echo "deb [signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt-stable/ $CODENAME main" | sudo tee /etc/apt/sources.list.d/rspamd.list
echo "deb-src [signed-by=/etc/apt/keyrings/rspamd.gpg] http://rspamd.com/apt-stable/ $CODENAME main"  | sudo tee -a /etc/apt/sources.list.d/rspamd.list
sudo apt-get update
sudo apt-get install rspamd
sudo apt upgrade

correct.

 

About the reverse, it s done

Seems ok forrspamd


Nowdo I need to check something via telnet for example ?

 

did you make a decision about clamav?

ok external reachable is working. let's see about your internal issues with roundcube.

/etc/roundcube/config.inc.php

Code:

$config['smtp_host'] = 'localhost:25';

not sure if you're missing

Code:

apt install redis-server

Also please double check your
/etc/postfix/master.cf

Code:

smtp      inet  n       -       y       -       -       smtpd

submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

submissions inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject


smtps inet n - - - - smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

Where I do have -o milter_macro_daemon_name=ORIGINATING at the server, for smtps, I'm copying this from right now but not too sure about this as this is a Debian and not Ubuntu one.
However the code in the blocks are used by the auto installer for debian based systems. Too bad I wasn't able to find a howto with the defined correct values.

Code:

 apt install dovecot-imapd dovecot-mysql dovecot-sieve dovecot-managesieved dovecot-lmtpd

 

Do you make a decision about clamav? Honnestly no I have no idea what to do with that my server has 4 go, and I have curently around 40% used.

do I need to comment $config['smtp_port'] = 25; befor to change ?
$config['smtp_server'] = 'localhost';

// SMTP port. Use 25 for cleartext, 465 for Implicit TLS, or 587 for STARTTLS (default)
$config['smtp_port'] = 25;
#$config['smtp_port'] = 587;

apt-get install redis-server ==> ok

about /etc/postfix/master.cf

submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes ==> difference
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

#127.0.0.1:smtps inet n - y - - smtpd
smtps inet n - y - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

I do not have the third
smtps inet n - - - - smtpd


apt-get install dovecot-imapd dovecot-mysql dovecot-sieve dovecot-managesieved dovecot-lmtpd
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
dovecot-imapd is already the newest version (1:2.3.21+dfsg1-2ubuntu5).
dovecot-mysql is already the newest version (1:2.3.21+dfsg1-2ubuntu5).
dovecot-sieve is already the newest version (1:2.3.21+dfsg1-2ubuntu5).
dovecot-managesieved is already the newest version (1:2.3.21+dfsg1-2ubuntu5).
dovecot-lmtpd is already the newest version (1:2.3.21+dfsg1-2ubuntu5).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

 

clamav alone can consume 2gb of memory alone and more when it is working/updating easily.
so either up your memory, add a swap-file on your precious expensive cloud storage or disable or have it external as a service on another vps just doing clamav. Some of these things are easier to achieve, some require some googleing foo and understanding what to copy and what will break your setup

not entirely sure, I never installed roundcube for like 15 years or so
I just copied that part from the auto installer, too.
smtp_server and smtp_port is seperate, should be fine.
Also if roundcube is running on the same server as postfix/dovecot it should be "fair enough"
but I'd also change it to port 587

But we can test both, just to be sure and see what is working, it's just a number change and test

well, that would be what some clients use to talk to mail-systems on port 465.
Though port 587 is recommended.
If you have no issues with your software or clients needing port 465 to communicate, it is not needed to add!

Though the autoinstaller does it, so I added it of course.

 

for clamav we can wait after I will see. I suppose there is no consequence about the port
Change to 587,restart postfix same thing authetification failed by roundcube.

 

ah sorry, you have this line.
Might differ from debian / ubuntu.
Leave it as it is.

Yeah not sure how this ended up there but this might be responsible for some of your issues.

 

-o smtpd_tls_auth_only I comment this, restart postfix,same situation