SMTP error - Impossibile to send message with authentication

Hello
I have followed the your guide for a perfect server on ubuntu 20.
All works fine except for the email. All ports are opened, trying to send using port 25 the email is delivered but marked as spam.
So, I'm trying to use STARTTLS without success. Follow my configuration:

telnet test (tried with hosts: localhost, 104.248.91.55, mail.apedesign.net. Always get error: 'Connection closed by foreign host.')

Code:

root@ape-design-host:~# telnet mail.apedesign.net 587
Trying 104.248.91.55...
Connected to mail.apedesign.net.
Escape character is '^]'.
220 ape-design-host.apedesign.net ESMTP Postfix (Ubuntu)
EHLO ape-design-host.apedesign.net
250-ape-design-host.apedesign.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
STARTTLS
220 2.0.0 Ready to start TLS
AUTH LOGIN
Connection closed by foreign host.

ifconfig

Code:

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 104.248.91.55  netmask 255.255.240.0  broadcast 104.248.95.255
        inet6 fe80::c4b3:edff:fe22:ba5  prefixlen 64  scopeid 0x20<link>
        ether c6:b3:ed:22:0b:a5  txqueuelen 1000  (Ethernet)
        RX packets 921185  bytes 807806744 (807.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 877628  bytes 225848291 (225.8 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.110.0.2  netmask 255.255.240.0  broadcast 10.110.15.255
        inet6 fe80::b4b8:1dff:feb2:c5f2  prefixlen 64  scopeid 0x20<link>
        ether b6:b8:1d:b2:c5:f2  txqueuelen 1000  (Ethernet)
        RX packets 223  bytes 10898 (10.8 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 53  bytes 3806 (3.8 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 135824  bytes 22111459 (22.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 135824  bytes 22111459 (22.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

/ets/hosts

Code:

127.0.0.1       localhost.localdomain           localhost
127.0.1.1       ape-design-host.apedesign.net   ape-design-host
104.248.91.55   ape-design-host.apedesign.net   ape-design-host

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

hostname

Code:

ape-design-host

hostname -f

Code:

ape-design-host.apedesign.net

 

/etc/postfix/main.cf

Code:

sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_restriction_classes = greylisting
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_d>
smtpd_use_tls = yes
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_>
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostn>
smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_acces>
smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, reject_rbl_client zen.spamhaus.org, pe>
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA>
tls_preempt_cipherlist = no
address_verify_negative_refresh_time = 60s
enable_original_recipient = no
smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
address_verify_sender_ttl = 15686s
smtp_dns_support_level = dnssec
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
content_filter = lmtp:[127.0.0.1]:10024
receive_override_options = no_address_mappings
#smtpd_sasl_security_options = noanonymous

 

/etc/postfix/master.cf

Code:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (no)    (never) (100)
# ==========================================================================
smtp      inet  n       -       y       -       -       smtpd
#smtp      inet  n       -       y       -       1       postscreen
#smtpd     pass  -       -       y       -       -       smtpd
#dnsblog   unix  -       -       y       -       0       dnsblog
#tlsproxy  unix  -       -       y       -       0       tlsproxy
submission inet n       -       y       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_tls_auth_only=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
#  -o smtpd_recipient_restrictions=
#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       y       -       -       qmqpd
pickup    unix  n       -       y       60      1       pickup
cleanup   unix  n       -       y       -       0       cleanup
qmgr      unix  n       -       n       300     1       qmgr
#qmgr     unix  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       y       1000?   1       tlsmgr
rewrite   unix  -       -       y       -       -       trivial-rewrite
bounce    unix  -       -       y       -       0       bounce
defer     unix  -       -       y       -       0       bounce
trace     unix  -       -       y       -       0       bounce
verify    unix  -       -       y       -       1       verify
flush     unix  n       -       y       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       y       -       -       smtp
relay     unix  -       -       y       -       -       smtp
        -o syslog_name=postfix/$service_name
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       y       -       -       showq
error     unix  -       -       y       -       -       error
retry     unix  -       -       y       -       -       error
discard   unix  -       -       y       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       y       -       -       lmtp
anvil     unix  -       -       y       -       1       anvil
scache    unix  -       -       y       -       1       scache
postlog   unix-dgram n  -       n       -       1       postlogd
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}

amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
        -o smtp_send_xforward_command=yes
                -o smtp_bind_address=


127.0.0.1:10025 inet n - n - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o smtpd_end_of_data_restrictions=
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtp_send_xforward_command=yes
        -o disable_dns_lookups=yes


127.0.0.1:10027 inet n - n - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
        -o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o smtpd_end_of_data_restrictions=
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtp_send_xforward_command=yes
            -o milter_default_action=accept
        -o milter_macro_daemon_name=ORIGINATING
        -o disable_dns_lookups=yes

Where I'm wrong?
Thank you

 

Where is it marked as spam? On your host? Somewhere else? What is reason for marking as spam?
If mail gets to somewhere else, your mail server is working.

I can not see how STARTTLS is in any way involved in server sending e-mail and getting marked as spam.
Remove this line from /etc/hosts

Code:

127.0.1.1       ape-design-host.apedesign.net   ape-design-host

I do not know. What is the problem you are solving? STARTTLS? Email marked as spam? Something else?

 

Yes, sending an email using smtp on port 25 works and the email (sent to an @gmail.com account) is delivered to the spam folder.

Attempting to send the same email using STATTLS on port 587 produces the error: the server refuses to send email. As you can see from the telnet logs, the host is not recognized. So I think there is an incorrect configuration (but all my attempts do not produce a positive result).

Also sending email using roundcube (on port 587) produce the error: "SMTP Error (250): Authentication failed"

Removed it, the situation doesn't change.

I'm trying to fix the inability to send emails using secure authentication with TLS.

Thank you.

 

Mail.log is full of these logs (I :

Code:

Oct 14 10:22:38 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 10:22:38 ape-design-host postfix/smtpd[586040]: connect from unknown[45.142.120.179]
Oct 14 10:22:39 ape-design-host postfix/smtpd[585949]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: ***
Oct 14 10:22:40 ape-design-host postfix/smtpd[585949]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:22:41 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 10:22:41 ape-design-host postfix/smtpd[586280]: connect from unknown[45.142.120.179]
Oct 14 10:22:43 ape-design-host postfix/smtpd[585905]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: ***
Oct 14 10:22:43 ape-design-host postfix/smtpd[585905]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:22:44 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 10:22:45 ape-design-host postfix/smtpd[586512]: connect from unknown[45.142.120.179]
Oct 14 10:22:48 ape-design-host postfix/smtpd[585949]: connect from unknown[45.142.120.179]
Oct 14 10:22:50 ape-design-host postfix/smtpd[585923]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: ***
Oct 14 10:22:50 ape-design-host postfix/smtpd[585923]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:22:51 ape-design-host postfix/smtpd[585905]: connect from unknown[45.142.120.179]
Oct 14 10:22:53 ape-design-host postfix/smtpd[586040]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: ***
Oct 14 10:22:53 ape-design-host postfix/smtpd[586040]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:22:54 ape-design-host postfix/smtpd[585923]: connect from unknown[45.142.120.179]
Oct 14 10:22:56 ape-design-host postfix/smtpd[586280]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: ***
Oct 14 10:22:57 ape-design-host postfix/smtpd[586280]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:22:57 ape-design-host postfix/smtpd[586040]: connect from unknown[45.142.120.179]
Oct 14 10:23:00 ape-design-host postfix/smtpd[586512]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: ***
Oct 14 10:23:00 ape-design-host postfix/smtpd[585949]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 10:23:00 ape-design-host postfix/smtpd[585949]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:23:01 ape-design-host postfix/smtpd[586512]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:23:01 ape-design-host postfix/smtpd[586280]: connect from unknown[45.142.120.179]
Oct 14 10:23:04 ape-design-host postfix/smtpd[585949]: connect from unknown[45.142.120.179]
Oct 14 10:23:04 ape-design-host postfix/smtpd[585905]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 10:23:04 ape-design-host postfix/smtpd[585905]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:23:07 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 10:23:07 ape-design-host postfix/smtpd[586512]: connect from unknown[45.142.120.179]
Oct 14 10:23:07 ape-design-host postfix/smtpd[585923]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 10:23:07 ape-design-host postfix/smtpd[585923]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:23:10 ape-design-host postfix/smtpd[585905]: connect from unknown[45.142.120.179]
Oct 14 10:23:10 ape-design-host postfix/smtpd[586040]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 10:23:11 ape-design-host postfix/smtpd[586040]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:23:11 ape-design-host postfix/submission/smtpd[586636]: connect from localhost.localdomain[127.0.0.1]
Oct 14 10:23:11 ape-design-host postfix/submission/smtpd[586636]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 quit=1 commands=2
Oct 14 10:23:13 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 10:23:14 ape-design-host postfix/smtpd[585923]: connect from unknown[45.142.120.179]
Oct 14 10:23:14 ape-design-host postfix/smtpd[586280]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 10:23:14 ape-design-host postfix/smtpd[586280]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 10:23:16 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer

 

Looking better I found some more interesting logs:

Code:

Oct 14 11:26:34 ape-design-host postfix/submission/smtpd[589080]: warning: hostname ape-design-host.apedesign.net does not resolve to address 104.248.91.55
Oct 14 11:26:34 ape-design-host postfix/submission/smtpd[589080]: connect from unknown[104.248.91.55]
Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: SSL_accept error from unknown[104.248.91.55]: -1
Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl>
Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: lost connection after STARTTLS from unknown[104.248.91.55]
Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: disconnect from unknown[104.248.91.55] ehlo=1 starttls=0/1 commands=1/2

So, if I'm not wrong.. there is a problem with the ssl version and so postfix kill the connection. Correct? What can I do?
Thank you

 

I was thinking about it and I remember that during installation I get an error with Lets' Encrypt and the installation automatically fallback to self signed procedure. I'm sure. Now I have tried to connect using openssl and during the handshake it say:

Code:

SSL handshake has read 2695 bytes and written 423 bytes
Verification error: self signed certificate

So what's the procedure to regenerate certificates using let's encrypt? Thank you

 

https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/
https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/

 

Ok I followed Taleman link and correctly configured certs, now accessing with browser IPSConfig admin page on port 8080 don't warn me more about the certificate. Also now from ssh running the command openssl s_client -starttls smtp -connect example.com:587 it correctly do the handshake.

So, at now I sent correctly an email (with authentication) using openssh command but roundcube still doesn't work. I don't find any kind of log, only a toast message appear inside roundcube saying "SMTP error 250: Authentication error".

This is my roundcube config file:

Code:

$config = array();
include_once("/etc/roundcube/debian-db-roundcube.php");
$config['default_host'] = 'localhost';
$config['smtp_server'] = 'localhost';
$config['smtp_port'] = 587;
$config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p';
$config['support_url'] = '';
$config['product_name'] = 'Roundcube Webmail';
$config['des_key'] = 'xxxxxx';
$config['plugins'] = array(
);
$config['skin'] = 'elastic';
$config['enable_spellcheck'] = false;
$config['debug_level'] = 1;
$config['smtp_debug'] = true;

(About the update script, I'm in a production environment. So is it secure to use source from nightly?)

Thank you

 

Well, I have resolved.. "smtp_server" need to be set with "tls://nameserver.example.com".
I have one last doubt: as you can see in mail.log there are a lot of connection from an IP that I don't recognize
45.142.120.179
What is happening? Someone is trying to access my mail server?

 

Perhaps someone is trying to send an e-mail to your mail server? What exactly was in mail.log? The sending e-mail server must connect to your e-mail server when messages are to be sent.

 

This is a part of the last logs, it repeats infinitely and doesn't stop.

Code:

Oct 14 14:47:44 ape-design-host postfix/smtpd[601016]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 14 14:47:44 ape-design-host postfix/smtpd[601016]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:47:46 ape-design-host postfix/smtpd[601016]: connect from unknown[45.142.120.179]
Oct 14 14:47:48 ape-design-host postfix/smtpd[601475]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 14 14:47:49 ape-design-host postfix/smtpd[601475]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:47:49 ape-design-host postfix/smtpd[601010]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:47:49 ape-design-host postfix/smtpd[601475]: connect from unknown[45.142.120.179]
Oct 14 14:47:50 ape-design-host postfix/smtpd[601010]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:47:50 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Oct 14 14:47:52 ape-design-host postfix/smtpd[601196]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:47:52 ape-design-host postfix/smtpd[601196]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:47:52 ape-design-host postfix/smtpd[601196]: connect from unknown[45.142.120.179]
Oct 14 14:47:55 ape-design-host postfix/smtpd[602175]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:47:55 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Oct 14 14:47:55 ape-design-host postfix/smtpd[602175]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:47:56 ape-design-host postfix/smtpd[602175]: connect from unknown[45.142.120.179]
Oct 14 14:47:59 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Oct 14 14:47:59 ape-design-host postfix/smtpd[602177]: connect from unknown[45.142.120.179]
Oct 14 14:47:59 ape-design-host postfix/smtpd[601016]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:48:00 ape-design-host postfix/smtpd[601016]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:02 ape-design-host postfix/smtpd[601475]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:48:02 ape-design-host postfix/smtpd[601016]: connect from unknown[45.142.120.179]
Oct 14 14:48:03 ape-design-host postfix/smtpd[601475]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:05 ape-design-host postfix/smtpd[601196]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:48:05 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 14:48:05 ape-design-host postfix/smtpd[601475]: connect from unknown[45.142.120.179]
Oct 14 14:48:06 ape-design-host postfix/smtpd[602177]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 14 14:48:06 ape-design-host postfix/smtpd[602177]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:06 ape-design-host postfix/smtpd[601196]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:08 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 14:48:09 ape-design-host postfix/smtpd[602175]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server
Oct 14 14:48:09 ape-design-host postfix/smtpd[602177]: connect from unknown[45.142.120.179]
Oct 14 14:48:10 ape-design-host postfix/smtpd[602175]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:11 ape-design-host postfix/smtpd[601016]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 14 14:48:12 ape-design-host postfix/smtpd[601016]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:12 ape-design-host postfix/smtpd[601196]: connect from unknown[45.142.120.179]
Oct 14 14:48:15 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 14:48:15 ape-design-host postfix/smtpd[602175]: connect from unknown[45.142.120.179]
Oct 14 14:48:16 ape-design-host postfix/smtpd[601475]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct 14 14:48:16 ape-design-host postfix/smtpd[601475]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Oct 14 14:48:18 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Oct 14 14:48:19 ape-design-host postfix/smtpd[601016]: connect from unknown[45.142.120.179]

Can I ban this IP or block in other ways? mail.log grows unnecessarily.

 

Install fail2ban and enable postfix, sasl and recidive jails (in addition to ssh jail).

Install logrotate and check it is activated for mail.log. That keeps it from growing too huge.