Authentification SMTP failed

https://github.com/roundcube/roundcubemail/issues/8676#issuecomment-2240821290

comment out smtp_host and smtp_port
and use

Code:

$config['smtp_server'] = 'tls://vpc.clicshopping.eu:587'; 

 

same situation (I restart apache to take in consideration this change)

 

oh cmon you must be kidding haha hold my coffee
are you able to attach! meaning download the /etc/postfix/main.cf and /etc/dovecot/dovecot.conf , rename to .txt and upload file here?

What you could try before would be:
https://www.stevenrombauts.be/2018/12/test-smtp-with-telnet-or-openssl/

Just skip the tests with port 25 and 465 for now,
auth login and auth plain are usually enabled by default.

Remember to test with your mailserver as hostname: vps.clicshopping.eu:587

Do not post the output of the echo command, e.g. the base64 encoded string you used in the "conversation" with the mail server. They are basically plaintext your credentials, base64 is no crypto

you can not simply use telnet anymore for testing with crypto enabled, though probably someone can but that'd be insane

 

I will do that tomorrow, I let you know and test different configuration we talk above about rounducbe config.
I will install the tool also and provide you the information.

 

-o smtpd_tls_auth_only=yes

should be fine for
submission
would put that in again

 

Hello @till,

the results
ps aux | grep amavis
ubuntu 59099 0.0 0.1 7044 2432 pts/0 S+ 12:22 0:00 grep --color=auto amavis

ps aux | grep rspamd
_rspamd 7012 0.0 13.9 658040 273652 ? Ss 00:57 0:11 rspamd: main process; 0.1 msg/sec, 0.0 msg/sec spam, 0.1 msg/sec ham; 0.89s avg processing time
_rspamd 7113 0.0 4.7 658040 93172 ? S 00:58 0:02 rspamd: rspamd_proxy process (localhost:11332)
_rspamd 7114 0.0 6.3 666052 124216 ? S 00:58 0:06 rspamd: controller process (localhost:11334)
_rspamd 7115 0.0 5.9 665272 117708 ? S 00:58 0:03 rspamd: normal process (localhost:11333)
_rspamd 7116 0.0 8.4 658040 166052 ? S 00:58 0:00 rspamd: hs_helper process
ubuntu 59127 0.0 0.1 7044 2432 pts/0 S+ 12:23 0:00 grep --color=auto rspamd

about postfix
nano /etc/postfix/main.cf
#smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_banner = vps.clicshopping.eu ESMTP $mail_name (Ubuntu)

About roundcube
nano /etc/roundcube/config.inc.php
$config['default_host'] = 'localhost';
$config['smtp_server'] = 'localhost';
$config['smtp_port'] = 25;

Also
/etc/init.d/apache2 restart
/etc/init.d/postfix restart

Conclusion
If I send an email [email protected] at [email protected],I have always authentification failed message Error SMTP.

And I open a ticket at OVH about the port 25.
the answer :
The error message tells you that the host name is unknown. After checking the resolved "smtp-relay.clicshopping.org" does not work. Consequently, I invite you to correct the configuration of your DNS zone in order to add the currently missing sub -domain. Here is the guide concerning the edition of a DNS zone: https://help.ovhcloud.com/csm/fr-dns-dns-dns-zone? This will lead to a time of spreading up to 24 hours. In parallel, I confirm that the Telnet of the IP address Telnet 91.134.91.2 for Port 25 is functional. The NMAP result shows that port 25 is open. Starting NMAP 7.80 (https://nmap.org) at 2024-07-29 11:22 CEST NMAP Scan Report for vps.clicshopping.eu (91.134.91.2) HOST IS UP (0.0061S LateNcy). Port State Service 25/TCP Open SMTP There is also no blockage from us concerning your port 25.

Mys screenshot about the dns

 

please, why are you trying smtp-relay. ?

This is reality in internet:
Postfix greets an external server with it's IP address and the hostname.
If the reverse dns IP does not match the hostname AND the hostname does not match the IP address
you will be rejected.
And just to be sure, add the vps as entry to your dns.

So any attempt to change your MX entry or Hostname should reflect this. Your hostname is vps. not smtp-relay.

 

please, why are you trying smtp-relay. ?
I do not try anything, It was just a message from OVH about a ticket on port 25.

 

I'd still say it could help to see what is actually configured on your system. e.g. checking on the mentioned config files.

Maybe the ispconfig reconfigure service did not work correctly or something along those lines.
Though I guess daytime is tilltime haha, no seriously, he knows his system best.

 

dang it, maybe it is simple as postfix has no connection to your database due to localhost/127.0.0.1 permissions for the database user or something.

Also I saw a second VM in your account, is this a multi server setup? And only one having mail or roundcube installed? Or trying to access email hosted on server a from roundcube on server b?

 

There the files
http://clicshopping.org/config.txt for roundcube
http://clicshopping.org/master.cf for postfixe
let me know if you need something else.

s this a multi server setup ==> No
Et un seul sur lequel Mail ou RoundCube est installé ? ==> No
everything is local, nothing else.

 

Code:

// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS

$config['des_key'] = '';

this is something you can change now as it was public to the internet.

while having the master.cf is nice, at least I was wondering about your /etc/postfix/main.cf
and /etc/dovecot/dovecot.conf

currently I just have a debian setup. Though spinning up a ubuntu 24 vm and do the autoinstall on that with a temp domain
is basically no issue, got some tasks to prioritize right now though.
If it's still an issue later, I might look into this.

 

however, I assume your rspamd is working now, which should be listening on the ports mentioned in the attached screen of yours.
wondering if you tried restarting postfix service and check the mail logs again for further issues?

 

@ztk
thank you
Yes it works, but the port 25 is not resolved for roundcube. the authentification is always failed.

ps aux | grep amavis
root 85314 0.0 0.1 7044 2432 pts/3 S+ 18:09 0:00 grep --color=auto amavis
root@vps:/home/ubuntu# ps aux | grep rspamd
_rspamd 7012 0.0 5.0 658040 98360 ? Ss 00:57 0:11 rspamd: main process; 0.1 msg/sec, 0.0 msg/sec spam, 0.1 msg/sec ham; 0.84s avg processing time
_rspamd 7113 0.0 4.7 658040 93812 ? S 00:58 0:03 rspamd: rspamd_proxy process (localhost:11332)
_rspamd 7114 0.0 5.7 666052 113260 ? S 00:58 0:10 rspamd: controller process (localhost:11334)
_rspamd 7115 0.0 6.3 666104 124332 ? S 00:58 0:36 rspamd: normal process (localhost:11333)
_rspamd 7116 0.0 8.4 658040 166052 ? S 00:58 0:00 rspamd: hs_helper process
root 85316 0.0 0.1 7044 2432 pts/3 S+ 18:09 0:00 grep --color=auto rspamd

Telnet
telnet smtp-relay.clicshopping.eu :25
Server lookup failure: smtp-relay.clicshopping.eu::25, Servname not supported for ai_socktype
root@vps:/home/ubuntu# telnet smtp-relay.clicshopping.org 25
Server lookup failure: smtp-relay.clicshopping.org:25, Name or service not known
telnet smtp-relay.vps.clicshopping.org 25
Server lookup failure: smtp-relay.vps.clicshopping.org:25, Name or service not known

About error
systemctl --state=failed
UNIT LOAD ACTIVE SUB DESCRIPTION
● clamav-daemon.service loaded failed failed Clam AntiVirus userspace daemon
● clamav-freshclam.service loaded failed failed ClamAV virus database updater
● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate

systemctl status rspamd.service
● rspamd.service - rapid spam filtering system
Loaded: loaded (/usr/lib/systemd/system/rspamd.service; enabled; preset: enabled)
Active: active (running) since Mon 2024-07-29 00:57:55 UTC; 17h ago
Docs: https://rspamd.com/doc/
Main PID: 7012 (rspamd)
Tasks: 5 (limit: 2218)
Memory: 242.7M (peak: 367.6M)
CPU: 1min 19.254s
CGroup: /system.slice/rspamd.service
├─7012 "rspamd: main process; 0.1 msg/sec, 0.0 msg/sec spam, 0.1 msg/sec ham; 1.07s avg processing time"
├─7113 "rspamd: rspamd_proxy process (localhost:11332)"
├─7114 "rspamd: controller process (localhost:11334)"
├─7115 "rspamd: normal process (localhost:11333)"
└─7116 "rspamd: hs_helper process"

Jul 29 00:57:55 vps systemd[1]: Started rspamd.service - rapid spam filtering system.
Jul 29 00:57:55 vps rspamd[7012]: 2024-07-29 00:57:55 #7012(main) <5d2b82>; main; main: rspamd 3.9.1 is loading configuration, build id: release

 

Code:

telnet smtp-relay.clicshopping.eu :25

Why do you insist on using smtp-relay.clicshopping.eu as hostname? You have been told umpteen times already on this thread you server hostname is not smtp-relay. Please stop testing that hostname, OK?

You wrote authenticatin always failed, but none of the command outputs or log lines show any authentication failures.
What exactly is not working and how do you determine it is not working?
My signature has link to e-mail setup tutorial, it has info on troubleshooting.

 

@Taleman
I try to give the informations allow you to help me.
You wrote authentication always failed, but none of the command outputs or log lines show any authentication failures.
What exactly is not working and how do you determine it is not working?
Simple I go rounducbe and I try to send an email [email protected] to admin@clicshopping. org as recommended above.
it does not work. I always have stmp authetification failed as messge from rouncube

I also check firewall side. everything is seems ok.

sudo iptables -t filter -L -n -v | grep "dpt:25\|spt:25"
8241 494K ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
ubuntu@vps:~$ ^C
ubuntu@vps:~$ sudo iptables -L INPUT -n -v
Chain INPUT (policy DROP 10755 packets, 1713K bytes)
pkts bytes target prot opt in out source destination
1180K 270M ufw-before-logging-input 0 -- * * 0.0.0.0/0 0.0.0.0/0
1180K 270M ufw-before-input 0 -- * * 0.0.0.0/0 0.0.0.0/0
11650 1759K ufw-after-input 0 -- * * 0.0.0.0/0 0.0.0.0/0
10755 1713K ufw-after-logging-input 0 -- * * 0.0.0.0/0 0.0.0.0/0
10755 1713K ufw-reject-input 0 -- * * 0.0.0.0/0 0.0.0.0/0
10755 1713K ufw-track-input 0 -- * * 0.0.0.0/0 0.0.0.0/0
ubuntu@vps:~$ sudo netstat -tuln | grep ":25"
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp6 0 0 :::25 :::* LISTEN
ubuntu@vps:~$ sudo ss -tuln | grep ":25"
tcp LISTEN 0 100 0.0.0.0:25 0.0.0.0:*
tcp LISTEN 0 100 [::]:25 [::]:*
ubuntu@vps:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To Action From
-- ------ ----
21/tcp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
25/tcp ALLOW IN Anywhere



tail -f /var/log/mail.log | grep dovecot
2024-07-29T19:29:36.384947+00:00 vps dovecot: auth: Error: auth client 0 disconnected with 1 pending requests: Connection reset by peer

 

anything in
tail -f /var/log/mail.log
while doing that?
could also be in
tail -f /var/log/syslog

 

I sent an mail via rouncube at [email protected]

tail -f /var/log/syslog
2024-07-29T23:11:08.975307+00:00 vps postfix/smtps/smtpd[103731]: connect from unknown[194.169.175.65]
2024-07-29T23:11:12.520125+00:00 vps postfix/submission/smtpd[107509]: connect from localhost[127.0.0.1]
2024-07-29T23:11:12.520829+00:00 vps postfix/submission/smtpd[107509]: disconnect from localhost[127.0.0.1] ehlo=1 quit=1 commands=2
2024-07-29T23:11:15.474264+00:00 vps postfix/smtpd[106667]: connect from unknown[80.94.95.209]
2024-07-29T23:11:15.491390+00:00 vps postfix/smtpd[107501]: warning: unknown[80.94.95.209]: SASL LOGIN authentication failed: (reason unavailable), [email protected]
2024-07-29T23:11:16.826861+00:00 vps postfix/smtpd[107501]: disconnect from unknown[80.94.95.209] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
2024-07-29T23:11:19.206802+00:00 vps postfix/smtpd[106695]: connect from unknown[80.94.95.248]
2024-07-29T23:11:19.837442+00:00 vps kernel: [UFW BLOCK] IN=ens3 OUT= MAC=fa:16:3e:52:37:b7:fa:ea:41:5e:49:76:86:dd SRC=2607:ff10:00c8:0594:0000:0000:0000:000e DST=2001:41d0:0304:0200:0000:0000:0000:936b LEN=60 TC=40 HOPLIMIT=232 FLOWLBL=0 PROTO=TCP SPT=57163 DPT=8010 WINDOW=65535 RES=0x00 SYN URGP=0

tail -f /var/log/mail.log
2024-07-29T23:14:41.614375+00:00 vps postfix/submission/smtpd[107596]: connect from localhost[127.0.0.1]
2024-07-29T23:14:41.615383+00:00 vps postfix/submission/smtpd[107596]: disconnect from localhost[127.0.0.1] ehlo=1 quit=1 commands=2
2024-07-29T23:14:41.781305+00:00 vps postfix/smtpd[107501]: disconnect from unknown[80.94.95.209] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4