I'm having two problems with postfix: - can't login or send using Apple Mail with either POP or IMAP, server responds but then rejects my password - Roundcube won't work, can't log in - when I send mail via ISPConfig webmail, gmail thinks it's spam and hotmail doesn't deliver it (presumably for the same reason)! - I've created one main domain with several Co-Domains in ISP Config, will I be able to create e-mail addresses [email protected] [email protected] with separate mailboxes for each one? I'd like to be able to log into my mail accounts with IMAP and POP, as well as use Roundcube for webmail. /etc/postfix/main.cf Code: smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h myhostname = localhost.localdomain alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = lemegalodon.net, sd-1494.dedibox.fr, vihinfo.net, papamamanbebe.net, localhost relayhost = mynetworks = 127.0.0.0/8 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_sasl_local_domain = $,myhostname smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_tls_auth_only = no smtp_use_tls = yes smtpd_use_tls = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom virtual_maps = hash:/etc/postfix/virtusertable mydestination = /etc/postfix/local-host-names #home_mailbox = Maildir/ Here is the mail headers identified as spam by gmail: Code: X-Gmail-Received: c68ee8d21e848f0ef23eda0de880ffbb459cac98 Delivered-To: [email]***@gmail.com[/email] Received: by 10.90.93.20 with SMTP id q20cs43371agb; Sat, 26 Aug 2006 04:00:53 -0700 (PDT) Received: by 10.49.41.18 with SMTP id t18mr6543838nfj; Sat, 26 Aug 2006 04:00:52 -0700 (PDT) Return-Path: <[email protected]> Received: from localhost.localdomain (sd-1494.dedibox.fr [88.191.14.190]) by mx.gmail.com with ESMTP id x1si4534365nfb.2006.08.26.04.00.52; Sat, 26 Aug 2006 04:00:52 -0700 (PDT) Received-SPF: neutral (gmail.com: 88.191.14.190 is neither permitted nor denied by best guess record for domain of [email][email protected][/email]) Received: from UebiMiau (localhost.localdomain [127.0.0.1]) by localhost.localdomain (Postfix) with SMTP id 33BB010B072B; Sat, 26 Aug 2006 13:01:28 +0200 (CEST) Received: from client 82.247.155.121 for UebiMiau2.7 (webmail client); Sat, 26 Aug 2006 13:01:28 +0100 Date: Sat, 26 Aug 2006 13:01:28 +0100 From: "vihinfo.net" <[email protected]> To: [email]***@free.fr[/email] Cc: [email]***@hotmail.com[/email], "***@gmail.com"@sd-1494.dedibox.fr Reply-To: "vihinfo.net" <[email protected]> Subject: test13h envoi depuis lemegalodon.net X-Priority: 3 X-Mailer: UebiMiau 2.7.2 X-Original-IP: 82.247.155.121 Content-Transfer-Encoding: 8bit X-MSMail-Priority: Medium Importance: Medium Content-Type: text/plain; charset="iso-8859-1"; MIME-Version: 1.0 Message-Id: <[email protected]> test13h envoi depuis lemegalodon.nettest13h envoi depuis lemegalodon.nettest13h envoi depuis lemegalodon.net netstat -tap Code: Connexions Internet actives (serveurs et ?tablies) Proto Recv-Q Send-Q Adresse locale Adresse distante Etat PID/Program name tcp 0 0 *:pop3s *:* LISTEN 1701/inetd tcp 0 0 *:mysql *:* LISTEN 1758/mysqld tcp 0 0 *:pop3 *:* LISTEN 1701/inetd tcp 0 0 *:81 *:* LISTEN 1970/ispconfig_http tcp 0 0 *:ftp *:* LISTEN 11290/proftpd: (acc tcp 0 0 sd-1494.dedibox.:domain *:* LISTEN 2131/named tcp 0 0 localhost.locald:domain *:* LISTEN 2131/named tcp 0 0 *:smtp *:* LISTEN 11408/master tcp 0 0 localhost.localdoma:953 *:* LISTEN 2131/named tcp 0 0 sd-1494.dedibox.f:33908 bandit-ingalls.osm:ircd ESTABLISHED2836/php tcp6 0 0 *:imaps *:* LISTEN 1690/couriertcpd tcp6 0 0 *:imap2 *:* LISTEN 1672/couriertcpd tcp6 0 0 *:www *:* LISTEN 2232/apache2 tcp6 0 0 *:ssh *:* LISTEN 1916/sshd tcp6 0 0 *:smtp *:* LISTEN 11408/master tcp6 0 0 ip6-localhost:953 *:* LISTEN 2131/named tcp6 0 0 *:https *:* LISTEN 2232/apache2 tcp6 0 0 sd-1494.dedibox.fr:www i04m-87-90-82-28.d:4296 FIN_WAIT2 - tcp6 0 0 sd-1494.dedibox.fr:www lj601411.inktomis:53542 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www lj601411.inktomis:53555 TIME_WAIT - tcp6 0 2400 sd-1494.dedibox.fr:ssh ::ffff:82.247.155:55401 ESTABLISHED27039/2 tcp6 0 0 sd-1494.dedibox.fr:ssh pha75-11-82-236-8:49803 ESTABLISHED19208/1 tcp6 0 0 sd-1494.dedibox.fr:www lj602129.inktomis:60325 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www lj602072.inktomis:57447 TIME_WAIT - tcp6 0 11413 sd-1494.dedibox.fr:www ::ffff:82.206.147:32304 ESTABLISHED6548/apache2 tcp6 0 0 sd-1494.dedibox.fr:www lj602066.inktomis:54145 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www sd-1494.dedibox.f:40143 TIME_WAIT - tcp6 0 11588 sd-1494.dedibox.fr:www ::ffff:82.206.147:32301 FIN_WAIT1 - tcp6 0 8456 sd-1494.dedibox.fr:www ::ffff:82.206.147:32277 FIN_WAIT1 5632/apache2 tcp6 0 0 sd-1494.dedibox.fr:www lj601746.inktomis:34948 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www lj602182.inktomis:54497 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www lj601113.inktomis:43570 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www ::ffff:196.207.206:2167 TIME_WAIT - tcp6 0 0 sd-1494.dedibox.fr:www d07v-213-44-79-174:1892 TIME_WAIT - iptables -L Code: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination In mail.log, I'm having problems logging in with authentification (IMAP) Code: Aug 26 22:20:38 localhost imapd-ssl: Unexpected SSL connection shutdown. Aug 26 22:20:38 localhost imaplogin: /usr/lib/courier/courier/imaplogin: No such file or directory Aug 26 22:20:59 localhost postfix/smtpd[8282]: warning: SASL authentication failure: Password verification failed Aug 26 22:20:59 localhost postfix/smtpd[8282]: warning: pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79]: SASL PLAIN authentication failed Aug 26 22:20:59 localhost postfix/smtpd[8282]: lost connection after AUTH from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 26 22:20:59 localhost postfix/smtpd[8282]: disconnect from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] At this point I can log in via POP3: Code: Aug 26 22:29:06 localhost ipop3d[8555]: pop3 service init from 82.236.87.79 Aug 26 22:29:06 localhost ipop3d[8555]: Login user=web6_info host=pha75-11-82-236-87-79.fbx.proxad.net [82.236.87.79] nmsgs=2/2 Aug 26 22:29:07 localhost ipop3d[8555]: Logout user=web6_info host=pha75-11-82-236-87-79.fbx.proxad.net [82.236.87.79] nmsgs=2 ndele=0 Aug 26 22:29:10 localhost imaplogin: /usr/lib/courier/courier/imaplogin: No such file or directory Aug 26 22:29:12 localhost last message repeated 2 times I still cannot send mail or check mail via IMAP. Also, my host settings are obviously wrong (mail is going out as if it were from localhost.localdomain instead of the correct domain)...
First, pop3 and IMAP have nothing to do with postfix. To your pop3 / imap problem: Did you follow one of the perfect setup howtos? It seems that you use courier imap together with ipop3d which is a bit strange combination. Is your server at home hosted on a dsl line? No. The mailboxes where created for all domains. If you need separate mailboxes you must create separate websites.
I used a distrib of Debian pre-installed with ISPConfig. I did go back and try to do the perfect setup for mail, but it stalled when doing the authentifcation certificate, I think. I want to use a standard combination for POP/IMAP, not a strange one. What do I need to do at this point to achieve this? No, it's a dedicated server in a server farm. OK, that's what I thought. But if I create separate websites, can I have them all pointing to the same web directory? Can I set this up in ISPConfig or is this I have to do separately? Can ISPConfig work with such a configuration?
Run: apt-get install courier-imap courier-imap-ssl courier-pop courier-pop-ssl postconf -e 'home_mailbox = Maildir/' postconf -e 'mailbox_command =' /etc/init.d/postfix restart No. either you use co-domains and have the email addresses for all domains or you use different websites with different directories.
OK, done. I still can't log in or send e-mail via Apple Mail with IMAP. With this configuration, do I set my mail app to use SSL? If so, what kind of authentification is it using: Password, MD5 Challenge Response, Kerberos version 4, NTLM or Kerberos version 5? Is it the same authentification both for sending and receiving? If I want to use mbox files (to easily download mailbox files and import them into another app which can read the .mbox format), is this compatible with Roundcube and the Maildir/ option? Here is what's happening in mail.log Code: Aug 27 13:53:03 sd-1494 postfix/smtpd[764]: warning: empty macro name: "$,myhostname" Aug 27 13:53:03 sd-1494 postfix/smtpd[764]: warning: database /etc/aliases.db is older than source file /etc/aliases Aug 27 13:53:05 sd-1494 postfix/smtpd[764]: warning: SASL authentication failure: Password verification failed Aug 27 13:53:05 sd-1494 postfix/smtpd[764]: warning: unknown[82.247.155.121]: SASL PLAIN authentication failed Aug 27 13:57:07 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 13:57:15 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 13:57:17 sd-1494 imapd-ssl: LOGOUT, ip=[::ffff:82.247.155.121] Aug 27 13:57:17 sd-1494 imapd-ssl: Connection, ip=[::ffff:82.247.155.121] Aug 27 13:57:22 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] I tried sending an email from Roundcube, but the mail was rejected by at least one of my other mail servers, because the mail appeared to be coming from localhost.localname rather than from vihinfo.net. Here is the excerpt from mail.log, as well as another example of failed authentification. Code: Aug 27 13:57:05 sd-1494 postfix/smtp[963]: setting up TLS connection to survivreausida.net Aug 27 13:57:05 sd-1494 postfix/smtp[963]: verify error:num=18:self signed certificate Aug 27 13:57:05 sd-1494 postfix/smtp[963]: Peer verification: CommonName in certificate does not match: oannes.site5.com != survivreausida.net Aug 27 13:57:05 sd-1494 postfix/smtp[963]: Peer certificate could not be verified Aug 27 13:57:06 sd-1494 postfix/smtp[963]: 2C41410B0596: to=<[email protected]>, relay=survivreausida.net[209.123.133.252], delay=1, status=bounce$ Another test message has been deferred by the receiving server: Code: Aug 27 14:05:16 sd-1494 postfix/smtp[1246]: 4DE2710B0928: to=<jm@un2sun8>, relay=none, delay=267524, status=deferred (connect to un2sun8[88.191.254.2]: Connection refused) /etc/hostname Code: sd-1494.dedibox.fr /etc/hosts Code: 127.0.0.1 localhost.localdomain localhost dz 88.191.14.190 sd-1494.dedibox.fr mail #88.191.14.190 mail.vihinfo.net mail #88.191.14.190 sd-1494.dedibox.fr dz # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts /etc/resolv.conf Code: domain sd-1494.dedibox.fr nameserver 88.191.254.60 nameserver 88.191.254.70 /etc/mailname Code: sd-1494.dedibox.fr /etc/postfix/local-host-names Code: ################################### # # ISPConfig local-host-names Configuration File # Version 1.0 # ################################### localhost sd-1494.dedibox.fr localhost.sd-1494.dedibox.fr localhost.dedibox.fr localhost.localdomain www.vihinfo.net papamamanbebe.net www.papamamanbebe.net lemegalodon.net www.lemegalodon.net vihinfo.net #### MAKE MANUAL ENTRIES BELOW THIS LINE! #### #added by reda 22 august 2006 #sd-1494.dedibox.fr /etc/aliases Code: mailer-daemon: postmaster postmaster: root nobody: root hostmaster: root usenet: root news: root webmaster: root www: root ftp: root abuse: root noc: root security: root root: redasadki postfix check Code: postfix/postfix-script: warning: not owned by group postdrop: /var/spool/postfix/public postfix/postfix-script: warning: not owned by group postdrop: /var/spool/postfix/maildrop postfix/postfix-script: warning: not owned by group postdrop: /usr/sbin/postqueue postfix/postfix-script: warning: not owned by group postdrop: /usr/sbin/postdrop Despite all this I still get localhost.localname in the mailer headers if my test email sent from roundcube: Code: Received: from 88.191.14.190 (HELO localhost.localdomain) (88.191.14.190) by mrelay4-1.free.fr with SMTP; 27 Aug 2006 12:03:08 -0000 Received: from localhost (localhost.localdomain [127.0.0.1]) by localhost.localdomain (Postfix) with ESMTP id B49FE10B0596; Sun, 27 Aug 2006 14:03:23 +0200 (CEST)
Please change "$,myhostname" to "$myhostname" in your postfix main.cf file and restart postfix. Which username do you use for pop3 and imap. The username must have the form web[ID]_ when you do not disable the username prefix.
IMAP IMAP now appears to work! I can now log in with IMAP if I use web6_info, but not with [email protected]. How do I enable the username prefix so that I can use the e-mail address as the login? This is important because I know my users already have enough difficulty setting up their mail accounts! Also my SSL certificate is showing up as invalid because it's for localhost (or something like that). Anything I can do to fix that so that the certificate is relevant to the mail server name rather than localhost? Sending mail Now I get "Relay access denied" when trying to send mail from [email protected] using mail.vihinfo.net as the SMTP server. If I activate authentication (password) for sending mail, the server won't recognize my user id (I tried both web6_info and [email protected]) and rejects my password. Mail headers Shouldn't I be changing this line in main.cf? Right now I'm seeing the hostname (sd-1494.dedibox.fr) a lot in mail headers, when in fact I'd like to see the name of the relevant domain (vihinfo.net). Code: myhostname = localhost.localdomain
This isn't possible because ISPConfig creates system users, not virtual users. Run the steps to create the mail certificate again from the appropriate "Perfect Setup" on HowtoForge. In your mail log you have this: Please check /etc/postfix/main.cf for typos (e.g. $,myhostname instead of $myhostname). Then run Code: newaliases to create a new /etc/aliases.db. Restart Postfix afterwards.
Relay access denied That fixed the SSL bad certificate authentification problem. However, when I reinstalled postfix with this command, I was not asked the questions listed on this page: http://www.howtoforge.com/perfect_setup_debian_sarge_strato_p2 Code: apt-get install postfix postfix-tls procmail libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl (all in one line!) Now I get: Relay access denied, and if I add password authentification, it rejects my password after accepting my web6_info user name. Code: Aug 27 14:26:54 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 14:27:13 sd-1494 postfix/postfix-script: fatal: usage: postfix start (or stop, relo$ Aug 27 16:38:41 sd-1494 postfix/postqueue[7622]: fatal: Cannot flush mail queue - mail sys$ Aug 27 16:39:34 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 16:39:44 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 16:40:07 sd-1494 imaplogin: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 16:40:14 sd-1494 imaplogin: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 16:40:52 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 16:41:28 sd-1494 last message repeated 4 times Aug 27 16:41:37 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.247.155.121] Aug 27 20:29:27 sd-1494 imaplogin: LOGIN FAILED, ip=[::ffff:82.236.87.79] Aug 27 20:29:52 sd-1494 last message repeated 2 times Aug 27 20:29:54 sd-1494 imaplogin: DISCONNECTED, ip=[::ffff:82.236.87.79], time=7 Aug 27 20:30:15 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.236.87.79] Aug 27 20:30:26 sd-1494 imapd-ssl: LOGIN FAILED, ip=[::ffff:82.236.87.79] Aug 28 01:32:38 sd-1494 imaplogin: DISCONNECTED, user=web6_info, ip=[::ffff:82.247.155.121$
and in mail.log Code: Aug 28 11:12:15 sd-1494 postfix/smtpd[13645]: connect from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 28 11:12:17 sd-1494 postfix/smtpd[13645]: warning: SASL authentication failure: Password verification failed Aug 28 11:12:17 sd-1494 postfix/smtpd[13645]: warning: pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79]: SASL PLAIN authentication failed Aug 28 11:12:17 sd-1494 postfix/smtpd[13645]: lost connection after AUTH from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 28 11:12:17 sd-1494 postfix/smtpd[13645]: disconnect from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 28 11:12:37 sd-1494 postfix/smtpd[13645]: warning: Read failed in network_biopair_interop with errno=0: num_read=0, want_read=5
Configuration problems have gotten worse with these last steps: now my IMAP account shows me my home directory, including cgi-bin, log, Maildir, phptemp, ssl, temp, user, and web folders! How do I correct this?! On my mail client (Apple Mail) there is an option for an "IMAP Path Prefix" but of course I'd much rather set this on the server side. Worse, I'm already being blacklisted so I cannot send messages to my server: Code: Aug 28 11:55:47 sd-1494 postfix/smtp[15871]: B2E0D10B092A: to=<>, relay=diwane.net[209.123.133.252], delay=1, status=bounced (host diwane.net[209.123.133.252] said: 550-Message rejected because sd-1494.dedibox.fr (localhost.localdomain) 550-[88.191.14.190] is blacklisted at sbl-xbl$ Aug 28 11:55:47 sd-1494 postfix/smtp[15874]: C05E110B0981: to=<>, orig_to=<[email protected]>, relay=survivreausida.net[209.123.133.252], delay=1, status=bounced (host survivreausida.net[209.123.133.252] said: 550-Message rejected because sd-1494.dedibox.fr $ Now test messages sent from both blacklisted and unblacklisted mail servers are not arriving in the inbox on my sd-1494.dedibox.fr server!
For a normal user, or for a site admin? Did you change the IMAP configuration somehow? Please make sure your server is no open relay, and if you're sure, ask the blacklist maintainers to remove you from their blacklists.
Can't authenticate SMTP server for outgoing mail I still cannot authenticate to send SMTP mail Code: # testsaslauthd -u web6_info -p **** connect() : No such file or directory I now get this mail.log when trying to send via SMTP Code: Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: connect from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: setting up TLS connection from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: TLS connection established from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79]: TLSv1 with cipher RC4-SHA (128/128 bits) Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: warning: SASL authentication failure: Password verification failed Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: warning: pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79]: SASL PLAIN authentication failed Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: lost connection after AUTH from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] Aug 31 13:48:25 sd-1494 postfix/smtpd[5424]: disconnect from pha75-11-82-236-87-79.fbx.proxad.net[82.236.87.79] /etc/postfix/sasl/smtpd.conf Code: pwcheck_method: saslauthd mech_list: SHADOW PLAIN LOGIN CRAM-MD5 DIGEST-MD5 /etc/default/saslauthd Code: # This needs to be uncommented before saslauthd will be run automatically START=yes PARAMS="-m /var/spool/postfix/var/run/saslauthd -r" MECHANISMS="shadow" /etc/shadow and /etc/passwd both show information for web6_info, the account I'm trying to use to send via SMTP.
I fixed my authentification problem by changing this line in /etc/postfix/main.cf Code: smtpd_sasl_local_domain = I found this in another post: http://www.howtoforge.com/forums/showpost.php?p=21336&postcount=6 Now I can log in and send mail using accounts set up in ISPConfig. At last.
