I thought I did everything right, but now there is another "construction site" with the E-Mail. I've set up domains and Email mailboxes etc., but I can't connect with the client, and I see in maillog e.g. such lines: Code: Oct 11 09:44:57 myserver postfix/master[1779]: warning: process /usr/libexec/postfix/smtpd pid 9940 exit status 1 Oct 11 09:44:57 myserver postfix/smtpd[9941]: fatal: no SASL authentication mechanisms Oct 11 09:44:58 myserver postfix/master[1779]: warning: process /usr/libexec/postfix/smtpd pid 9941 exit status 1 Oct 11 09:45:01 myserver postfix/smtpd[9935]: fatal: no SASL authentication mechanisms Oct 11 09:45:02 myserver postfix/master[1779]: warning: process /usr/libexec/postfix/smtpd pid 9935 exit status 1 Oct 11 09:45:02 myserver dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secu$ Oct 11 09:45:06 myserver postfix/smtpd[9948]: fatal: no SASL authentication mechanisms Oct 11 09:45:07 myserver postfix/master[1779]: warning: process /usr/libexec/postfix/smtpd pid 9948 exit status 1 Oct 11 09:45:11 myserver dovecot: auth: Fatal: sql: driver not set in configuration file /etc/dovecot-sql.conf Oct 11 09:45:11 myserver dovecot: master: Error: service(auth): command startup failed, throttling for 60 secs Oct 11 09:45:11 myserver dovecot: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 9 secs): user=<>, rip=127.0.0.1$ Oct 11 09:45:30 myserver dovecot: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=xx.xx.xxx.xxx$ Oct 11 09:45:32 myserver dovecot: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=xxx.xxx.xxx.xxx$ Oct 11 09:45:50 myserver dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=10101, input bytes=0 Oct 11 09:45:50 myserver dovecot: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=xx.xx.xx$ Oct 11 09:45:52 myserver dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=10104, input bytes=0 Oct 11 09:45:52 myserver dovecot: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=xxx.xxx.$ Oct 11 09:45:57 myserver postfix/smtpd[10131]: connect from localhost.localdomain[127.0.0.1] Any ideas?
The one for CentOS, I'm sure: https://www.howtoforge.com/tutorial...l-php-pureftpd-postfix-dovecot-and-ispconfig/
Please psot the content of the file /etc/dovecot-sql.conf. Just remove the password which is in the connect line right after password=
Here it goes: Code: # This file is opened as root, so it should be owned by root and mode 0600. # # http://wiki.dovecot.org/AuthDatabase/SQL # # For the sql passdb module, you'll need a database with a table that # contains fields for at least the username and password. If you want to # use the user@domain syntax, you might want to have a separate domain # field as well. # # If your users all have the same uig/gid, and have predictable home # directories, you can use the static userdb module to generate the home # dir based on the username and domain. In this case, you won't need fields # for home, uid, or gid in the database. # # If you prefer to use the sql userdb module, you'll want to add fields # for home, uid, and gid. Here is an example table: # # CREATE TABLE users ( # username VARCHAR(128) NOT NULL, # domain VARCHAR(128) NOT NULL, # password VARCHAR(64) NOT NULL, # home VARCHAR(255) NOT NULL, # uid INTEGER NOT NULL, # gid INTEGER NOT NULL, # active CHAR(1) DEFAULT 'Y' NOT NULL # ); # Database driver: mysql, pgsql, sqlite #driver = # Database connection string. This is driver-specific setting. # # pgsql: # For available options, see the PostgreSQL documention for the # PQconnectdb function of libpq. # # mysql: # Basic options emulate PostgreSQL option names: # host, port, user, password, dbname # # But also adds some new settings: # client_flags - See MySQL manual # ssl_ca, ssl_ca_path - Set either one or both to enable SSL # ssl_cert, ssl_key - For sending client-side certificates to server # ssl_cipher - Set minimum allowed cipher security (default: HIGH) # option_file - Read options from the given file instead of # the default my.cnf location # option_group - Read options from the given group (default: client) # # You can connect to UNIX sockets by using host: host=/var/run/mysql.sock # Note that currently you can't use spaces in parameters. # # MySQL supports multiple host parameters for load balancing / HA. # # sqlite: # The path to the database file. # # Examples: # connect = host=192.168.1.1 dbname=users # connect = host=sql.example.com dbname=virtual user=virtual password=blarg # connect = /etc/dovecot/authdb.sqlite # #connect = # Default password scheme. # # List of supported schemes is in # http://wiki.dovecot.org/Authentication/PasswordSchemes # #default_pass_scheme = MD5 # passdb query to retrieve the password. It can return fields: # password - The user's password. This field must be returned. # user - user@domain from the database. Needed with case-insensitive lookups. # username and domain - An alternative way to represent the "user" field. # # The "user" field is often necessary with case-insensitive lookups to avoid # e.g. "name" and "nAme" logins creating two different mail directories. If # your user and domain names are in separate fields, you can return "username" # and "domain" fields instead of "user". # # The query can also return other fields which have a special meaning, see # http://wiki.dovecot.org/PasswordDatabase/ExtraFields # # Commonly used available substitutions (see http://wiki.dovecot.org/Variables # for full list): # %u = entire user@domain # %n = user part of user@domain # %d = domain part of user@domain # # Note that these can be used only as input to SQL query. If the query outputs # any of these substitutions, they're not touched. Otherwise it would be # difficult to have eg. usernames containing '%' characters. # # Example: # password_query = SELECT userid AS user, pw AS password \ # FROM users WHERE userid = '%u' AND active = 'Y' # #password_query = \ # SELECT username, domain, password \ # FROM users WHERE username = '%n' AND domain = '%d' # userdb query to retrieve the user information. It can return fields: # uid - System UID (overrides mail_uid setting) # gid - System GID (overrides mail_gid setting) # home - Home directory # mail - Mail location (overrides mail_location setting) # # None of these are strictly required. If you use a single UID and GID, and # home or mail directory fits to a template string, you could use userdb static # instead. For a list of all fields that can be returned, see # http://wiki.dovecot.org/UserDatabase/ExtraFields # # Examples: # user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' # user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u' # user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' # #user_query = \ # SELECT home, uid, gid \ # FROM users WHERE username = '%n' AND domain = '%d' # If you wish to avoid two SQL lookups (passdb + userdb), you can use # userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll # also have to return userdb fields in password_query prefixed with "userdb_" # string. For example: #password_query = \ # SELECT userid AS user, password, \ # home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ # FROM users WHERE userid = '%u' driver = mysql connect = host=localhost dbname=dbispconfig user=ispconfig password=youdontwanttoknow port=3306 default_pass_scheme = CRYPT # password-query with prefetch password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildi$ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) a$ # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers. # Do not enable it on Dovecot 1.x servers iterate_query = SELECT email as user FROM mail_user WHERE server_id = '1'
Strange, the error messahe states that the driver is not set "auth: Fatal: sql: driver not set in configuration file /etc/dovecot-sql.conf" but according to the config file, it sets "driver = mysql" correctly.
What can I do then? Could it be related to the fact that in /etc is only a symlink to the file which is located in /etc/dovecot? What I find curious, too, is the fact that there is a file "covecot-sql.conf" in the same folder.
Try to re-run an ispconfig update with reconfigure servives = yes to see if it fixes the issue. Run: ispconfig_update.sh and choose git-stable as update target.
That's a script in /usr/local/bin/ so it's in the default in search path, you don't need to use a specific path.
Somehow it didn't want to. But now I got it The restart of the services didn't work, however, I always get these messages: Code: Restarting services ... Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39) Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39) Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39) Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39) Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39) Error getting authority: Error initializing authority: Could not connect: Connection refused (g-io-error-quark, 39) I'll try to restart the server.
Oh boy, now I get these: Code: Okt 11 17:09:24 myserver httpd[3739]: [Thu Oct 11 17:09:24.442744 2018] [alias:warn] [pid 3739] AH00671: The ScriptAlias directive in /etc/httpd/conf.d/mailman.conf at line 6 will probably never match because it overlaps an earlier ScriptAlias. Okt 11 17:09:24 myserver httpd[3739]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/httpd/conf/httpd.conf:356 Okt 11 17:09:24 myserver httpd[3739]: AH00526: Syntax error on line 71 of /etc/httpd/conf/sites-enabled/000-ispconfig.vhost: Okt 11 17:09:24 myserver httpd[3739]: first argument must be 'add', 'set', 'append', 'merge', 'unset', 'echo', 'edit', or 'edit*'. Okt 11 17:09:24 myserver systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE Okt 11 17:09:24 myserver kill[3741]: kill: cannot find process "" Okt 11 17:09:24 myserver systemd[1]: httpd.service: control process exited, code=exited status=1 Okt 11 17:09:24 myserver systemd[1]: Failed to start The Apache HTTP Server. Okt 11 17:09:24 myserver systemd[1]: Unit httpd.service entered failed state. Okt 11 17:09:24 myserver systemd[1]: httpd.service failed.
Please change the line 71 in that file to: Header setifempty add Strict-Transport-Security "max-age=15768000" seems as if we introduced that issue yesterday by accident in git.
Tried that. Acrtually, I did it. But when I restart httpd.service, I get the same error message asking to run status, which spits out the words I've mentioned above. As if the change never happened. I restarted the vserver, checked with nano and with mc's editor, both show that the "add" has been added. Yet httpd reports: Code: systemctl -l status httpd.service ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since Do 2018-10-11 18:05:33 UTC; 56s ago Docs: man:httpd(8) man:apachectl(8) Process: 1158 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE) Process: 998 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE) Main PID: 998 (code=exited, status=1/FAILURE) Okt 11 18:05:32 myserver httpd[998]: [Thu Oct 11 18:05:32.061203 2018] [alias:warn] [pid 998] AH00671: The ScriptAlias directive in /etc/httpd/conf.d/mailman.conf at line 6 will probably never match because it overlaps an earlier ScriptAlias. Okt 11 18:05:32 myserver httpd[998]: AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/httpd/conf/httpd.conf:356 Okt 11 18:05:33 myserver httpd[998]: AH00526: Syntax error on line 71 of /etc/httpd/conf/sites-enabled/000-ispconfig.vhost: Okt 11 18:05:33 myserver httpd[998]: first argument must be 'add', 'set', 'append', 'merge', 'unset', 'echo', 'edit', or 'edit*'. Okt 11 18:05:33 myserver systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE Okt 11 18:05:33 myserver kill[1158]: kill: cannot find process "" Okt 11 18:05:33 myserver systemd[1]: httpd.service: control process exited, code=exited status=1 Okt 11 18:05:33 myserver systemd[1]: Failed to start The Apache HTTP Server. Okt 11 18:05:33 myserver systemd[1]: Unit httpd.service entered failed state. Okt 11 18:05:33 myserver systemd[1]: httpd.service failed. The web server is most important...
Strange. You can even remove that line for a test as its just an additional security setting and the server will work without it-
I found out what dovecot's problem is. The symlink in /etc to /etc/dovecot/dovecot.conf" was actually pointing to "/etc/dovecot/covecot.conf", the file that I saw there but was empty. I changed the symlink and now at least dovecot runs fine. However, I still cannot connect from Thunderbird to the account. Removing the line (I commented it out) worked. Now the apache runs again. Remains the problem with accessing the mails. Code: systemctl -l status dovecot ● dovecot.service - Dovecot IMAP/POP3 email server Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled) Active: active (running) since Do 2018-10-11 18:44:25 UTC; 8h ago Process: 3921 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS) Main PID: 3928 (dovecot) CGroup: /system.slice/dovecot.service ├─ 3928 /usr/sbin/dovecot -F ├─ 3932 dovecot/anvil ├─ 3933 dovecot/log ├─17672 dovecot/config └─28726 dovecot/ssl-params Okt 12 03:20:24 myserver dovecot[3933]: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, session=<nuF6kf93LgDZ+024> Okt 12 03:20:33 myserver dovecot[3933]: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, session=<G3wCkv93EAAuO4p5> Okt 12 03:20:44 myserver dovecot[3933]: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=28715, input bytes=0 Okt 12 03:20:44 myserver dovecot[3933]: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, session=<nuF6kf93LgDZ+024> Okt 12 03:20:47 myserver dovecot[3933]: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS, session=<cMvckv937gDZ+024> Okt 12 03:20:53 myserver dovecot[3933]: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=28720, input bytes=0 Okt 12 03:20:53 myserver dovecot[3933]: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, session=<G3wCkv93EAAuO4p5> Okt 12 03:21:04 myserver dovecot[3933]: auth: Fatal: sql: driver not set in configuration file /etc/dovecot-sql.conf Okt 12 03:21:04 myserver dovecot[3928]: master: Error: service(auth): command startup failed, throttling for 60 secs Okt 12 03:21:04 myserver dovecot[3933]: pop3-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 27 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS, session=<cMvckv937gDZ+024>
CentOS is really a mess, the continuously change things in their stable version which breaks the setup then. Have you considered using one of the recommended Linux Distributions Debian or Ubuntu instead?
No, I had bad experiences with Debian and particularly Ubuntu. Locally I use Manjaro, which is very good, but on the server I didn't have so many choices, and CentOS seemed to me the best choice. Changing once again would also mean a longer downtime, which I want to avoid. Last night was long enough... My websites are generally quite actively visited, and I have several users using the mail system - which is currently not working. :-(
Here some more info, which I find odd: I copied the contents of etc/dovecot/dovecot-sql.conf into /etc/dovecot/covecot-sql.conf, because the error message reappeared (for some reason the symlink was set back to /etc/dovecot/covecot). Now I don't get the error about driver empty, but the following: Code: Okt 12 07:00:40 myserver systemd[1]: Starting Dovecot IMAP/POP3 email server... Okt 12 07:00:41 myserver systemd[1]: Started Dovecot IMAP/POP3 email server. Okt 12 07:00:41 myserver dovecot[9940]: master: Dovecot v2.2.10 starting up for imap, pop3 (core dumps disabled) Okt 12 07:00:43 myserverdovecot[9944]: auth: Fatal: Unknown database driver 'mysql' Okt 12 07:00:43 myserver dovecot[9940]: master: Error: service(auth): command startup failed, throttling for 2 secs Okt 12 07:00:45 myserver dovecot[9944]: auth: Fatal: Unknown database driver 'mysql' Okt 12 07:00:45 myserver dovecot[9940]: master: Error: service(auth): command startup failed, throttling for 4 secs Could it be that I need to install something? Yes, found it: Code: yum install dovecot-mysql I've no idea why this wasn't installed... Now dovecot doesn't give any error when trying to connect, and I could "download" the IMAP folders, but they are all empty. What is with the messages that must have poured in while I couldn't connect (I get about 100 to 200 mails a day)?