cant get ssl working. need some help please.

Discussion in 'Installation/Configuration' started by wwparrish, Feb 5, 2006.

  1. wwparrish

    wwparrish New Member

    installed ispconfig on clean suse 10.0 install. all went well and I swear I saw the courier pop and imap ssl processes running. But now they dont show up with ps -ef and restarting them says they are started but still dont show up. Normal pop and Imap work fine. I uninstalled ispconfig with thoughts of reinstalling the courier software when I found this. For secure mail dont I need to uncomment the line in red (and maybe some others) ?

    The postfix main.cf file.

    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (yes) (never) (100)
    # ==========================================================================
    smtp inet n - n - - smtpd
    #submission inet n - n - - smtpd
    # -o smtpd_etrn_restrictions=reject
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes
    # -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
    #submission inet n - n - - smtpd
    # -o smtpd_etrn_restrictions=reject
    # -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
    #628 inet n - n - - qmqpd
    pickup fifo n - n 60 1 pickup
    cleanup unix n - n - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    .............
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop unix - n n - - pipe
    flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
    cyrus unix - n n - - pipe
    user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
    uucp unix - n n - - pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    ifmail unix - n n - - pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp unix - n n - - pipe
    flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
    procmail unix - n n - - pipe
    flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
     
    wwparrish, Feb 5, 2006
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Dont uninstall ISPCOnfig. ISPCOnfig does not configure IMAPS and SMTPS at all, so reinstalling it wont change anything!

    I guess the lines above are from your postfix master.cf, not from main.cf. Plesae try to uncomment the smtps line and restart postfix.

    For POP3s amd IMAPs, please post the output of:

    netstat -tap
     
    till, Feb 6, 2006
    #2
  3. wwparrish

    wwparrish New Member

    You are of correct, it is the master.cf. Thanks for the help. uncommenting that line and rebooting now. We shall see be right back. Sorry dont know how to make the cut and paste look better.

    Before (now) I get:
    ares:~ # netstat -tap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 *:filenet-rpc *:* LISTEN -
    tcp 0 0 *:nfs *:* LISTEN -
    tcp 0 0 *:mysql *:* LISTEN 8888/mysqld
    tcp 0 0 localhost:ris-cm *:* LISTEN 5236/fam
    tcp 0 0 *:783 *:* LISTEN 5275/rpc.rquotad
    tcp 0 0 *:sunrpc *:* LISTEN 4714/portmap
    tcp 0 0 *:hosts2-ns *:* LISTEN 13242/ispconfig_htt
    tcp 0 0 *:rrh *:* LISTEN 5249/rpc.mountd
    tcp 0 0 *:ftp *:* LISTEN 24871/proftpd: (acc
    tcp 0 0 ares.hitechfab.n:domain *:* LISTEN 13459/named
    tcp 0 0 localhost:domain *:* LISTEN 13459/named
    tcp 0 0 *:ipp *:* LISTEN 5582/cupsd
    tcp 0 0 *:smtp *:* LISTEN 24834/master
    tcp 0 0 localhost:953 *:* LISTEN 13459/named
    tcp 0 0 localhost:6010 *:* LISTEN 32542/0
    tcp 0 0 *:pop3 *:* LISTEN 24210/couriertcpd
    tcp 0 0 *:imap *:* LISTEN 24177/couriertcpd
    tcp 0 0 *:www-http *:* LISTEN 13311/httpd2-prefor
    tcp 0 0 *:ssh *:* LISTEN 4930/sshd
    tcp 0 0 *:smtp *:* LISTEN 24834/master
    tcp 0 0 localhost:953 *:* LISTEN 13459/named
    tcp 0 0 localhost:6010 *:* LISTEN 32542/0
    tcp 0 0 *:https *:* LISTEN 13311/httpd2-prefor
     
    wwparrish, Feb 6, 2006
    #3
  4. wwparrish

    wwparrish New Member

    Well, apparently I now have a secure smtp process running but no pops or imaps. Goint to set that back like it was so I dont get too many variables changing while I trouble shoot. Where does courier put its logs ?

    ares:/etc/postfix # netstat -tap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 *:filenet-rpc *:* LISTEN -
    tcp 0 0 *:nfs *:* LISTEN -
    tcp 0 0 *:mysql *:* LISTEN 8888/mysqld
    tcp 0 0 localhost:ris-cm *:* LISTEN 5236/fam
    tcp 0 0 *:783 *:* LISTEN 5275/rpc.rquotad
    tcp 0 0 *:sunrpc *:* LISTEN 4714/portmap
    tcp 0 0 *:smtps *:* LISTEN 24834/master
    tcp 0 0 *:hosts2-ns *:* LISTEN 13242/ispconfig_htt
    tcp 0 0 *:rrh *:* LISTEN 5249/rpc.mountd
    tcp 0 0 *:ftp *:* LISTEN 24871/proftpd: (acc
    tcp 0 0 ares.hitechfab.n:domain *:* LISTEN 13459/named
    tcp 0 0 localhost:domain *:* LISTEN 13459/named
    tcp 0 0 *:ipp *:* LISTEN 5582/cupsd
    tcp 0 0 *:smtp *:* LISTEN 24834/master
    tcp 0 0 localhost:953 *:* LISTEN 13459/named
    tcp 0 0 localhost:6010 *:* LISTEN 32542/0
    tcp 0 0 *:pop3 *:* LISTEN 24210/couriertcpd
    tcp 0 0 *:imap *:* LISTEN 24177/couriertcpd
    tcp 0 0 *:www-http *:* LISTEN 13311/httpd2-prefor
    tcp 0 0 *:smtps *:* LISTEN 24834/master
    tcp 0 0 *:ssh *:* LISTEN 4930/sshd
    tcp 0 0 *:smtp *:* LISTEN 24834/master
    tcp 0 0 localhost:953 *:* LISTEN 13459/named
    tcp 0 0 localhost:6010 *:* LISTEN 32542/0
    tcp 0 0 *:https *:* LISTEN 13311/httpd2-prefor
    tcp 0 3356


    ares.hitechfab.net:ssh
     
    wwparrish, Feb 6, 2006
    #4
  5. wwparrish

    wwparrish New Member

    Some more info Courier is enabled in the services in yast.

    System Services (Runlevel): Services


    │apache2 │Yes │Apache2 httpd │
    │atd │No │Start AT batch job daemon │
    │autofs │No │Start the autofs daemon for automatic mounting of file│
    │autoyast │No* │A start script to execute autoyast scripts │
    │bastille-firewall │No* │ │
    │bluetooth │No │Bluetooth protocol stack services ┴
    │courier-authdaemon │Yes │Courier-IMAP Authentication server │
    │courier-imap │Yes │Courier-IMAP server │
    │courier-imap-ssl │Yes │Courier-IMAP server for SSL connections │
    │courier-pop │Yes │Courier-POP3 server │
    │courier-pop-ssl │Yes │Courier-POP3 server for SSL connections
     
    wwparrish, Feb 6, 2006
    #5
  6. wwparrish

    wwparrish New Member

    I am having some luck with new/corrected startup scriprs provided by another post. By changing the startup scripts (not the config files) in /etc/init.d courier-imap-ssl and courier-pop-ssl to the modified ones I now have the processes back running and listening.

    going to test now. I noticed the firewall does not have the ssl ports open by default, I would assume (oh oh !!) that ports 993 and 995 need to be opened.

    new configuration survived a reboot with all 4 services pop pop-ssl imap imap-ssl running and listening.

    This is the post with the corrected/fixed scripts that (seem to) solved my problem.

    http://www.howtoforge.com/forums/showthread.php?t=2356
     
    Last edited: Feb 6, 2006
    wwparrish, Feb 6, 2006
    #6
  7. falko

    falko Super Moderator Howtoforge Staff

    Yes, port 993 for IMAPs and port 995 for POP3s.
     
    falko, Feb 6, 2006
    #7

Share This Page