unable to login via pop3 email client

I am using Ubuntu - Here is my problem or at least one of them

1. I am unable to login with a pop3 client-however I can generate a test email (using outlook to test connection.but account never logs into server). I can only see the email on the server and not the pop3 client.
2. I can send mail to a user from any pop3 client, but the mail gets stuck on the server and never gets to the intended pop3 client
3. I can send mail from the server to anyone

Again I am unable to use a pop3 client to send/receive mail -this issue seems to be unable to login to server with id/password

I am using Postfix -Do I also need SendMail as well ?

Confused ?

Thanks for any and all help

Happy

 

No, either Postfix (which I prefer because it's a lot easier to configure) or Sendmail, but not both.

Any errors in your mail log? What are the output of

Code:

netstat -tap

and

Code:

postconf -n

?

 

netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 3745/mysqld
tcp 0 0 *:10000 *:* LISTEN 4056/perl
tcp 0 0 mail.the12345.n:domain *:* LISTEN 3542/named
tcp 0 0 localhost.locald:domain *:* LISTEN 3542/named
tcp 0 0 *:smtp *:* LISTEN 9278/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 3542/named
tcp6 0 0 *:imaps *:* LISTEN 3619/couriertcpd
tcp6 0 0 *op3s *:* LISTEN 3654/couriertcpd
tcp6 0 0 *op3 *:* LISTEN 3634/couriertcpd
tcp6 0 0 *:imap2 *:* LISTEN 3594/couriertcpd
tcp6 0 0 *:www *:* LISTEN 4033/apache2
tcp6 0 0 *:ftp *:* LISTEN 3989/proftpd: (acce
tcp6 0 0 *:ssh *:* LISTEN 3914/sshd
tcp6 0 0 *:smtp *:* LISTEN 9278/master
tcp6 0 0 ip6-localhost:953 *:* LISTEN 3542/named
tcp6 0 0 *:https *:* LISTEN 4033/apache2
tcp6 0 1928 mail.12345.net:ssh CPE-75-81-8-102.kc:4981
ESTABLISHED14879/0

postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_protocols = all
mailbox_command = procmail -a $EXTENSION
mailbox_size_limit = 0
mydestination = the12345.net, mail.the12345.net, localhost.the12345.net, , localhost
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
recipient_delimiter = +
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

I saw some errors last night in the logs saying fatal errors on sending-they are no longer there now.

I can also telnet
telnet localhost pop3
server1:/etc/postfix# telnet localhost pop3
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Hello there.
quit
+OK Better luck next time.
Connection closed by foreign host.

 

You must configure Postfix to use Maildir instead of mbox because Courier uses Maildir:

Code:

postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart

 

ok I ran the following command


postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart

I then tried logging into the server with a pop3 account (Outlook) using both the server IP address and the server name for the incoming server-which I have a public record for-still unable to connect with pop3 clinet
Here are the logs I took from the mail logs :
mail log
Jul 9 21:13:45 mail courierpop3login: Connection, ip=[::ffff:75.81.8.102]


Mail -warn
Jul 9 14:52:18 mail postfix/smtpd[12722]: warning: TLS library problem: 12722:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Jul 9 14:52:18 mail postfix/smtpd[12722]: warning: TLS library problem: 12722:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 9 19:01:37 mail postfix/smtpd[12993]: warning: TLS library problem: 12993:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/postfix/ssl/cacert.pem','r'):
Jul 9 19:01:37 mail postfix/smtpd[12993]: warning: TLS library problem: 12993:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Jul 9 19:01:37 mail postfix/smtpd[12993]: warning: TLS library problem: 12993:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274:
Jul 9 20:39:47 mail postfix/postqueue[13294]: warning: Mail system is down -- accessing queue directly
Jul 9 20:40:00 mail postfix/postqueue[13364]: warning: Mail system is down -- accessing queue directly
Am I missing something or is the system so jacked up I need to reload OS and PostFix

Thanks
Happy

 

Can you post the outputs of

Code:

postconf -n

and

Code:

netstat -tap

?

 

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_protocols = all
mailbox_command =
mailbox_size_limit = 0
mydestination = 123456.net, mail.123456.net, localhost.123456.net, , localhost
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
recipient_delimiter = +
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom


netstat -tap

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 3766/mysqld
tcp 0 0 *:10000 *:* LISTEN 4079/perl
tcp 0 0 mail.123456.n:domain *:* LISTEN 3563/named
tcp 0 0 localhost.locald:domain *:* LISTEN 3563/named
tcp 0 0 *:smtp *:* LISTEN 3908/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 3563/named
tcp6 0 0 *:imaps *:* LISTEN 3640/couriertcpd
tcp6 0 0 *op3s *:* LISTEN 3675/couriertcpd
tcp6 0 0 *op3 *:* LISTEN 3655/couriertcpd
tcp6 0 0 *:imap2 *:* LISTEN 3615/couriertcpd
tcp6 0 0 *:www *:* LISTEN 4056/apache2
tcp6 0 0 *:ftp *:* LISTEN 4012/proftpd: (acce
tcp6 0 0 *:ssh *:* LISTEN 3937/sshd
tcp6 0 0 *:smtp *:* LISTEN 3908/master
tcp6 0 0 ip6-localhost:953 *:* LISTEN 3563/named
tcp6 0 0 *:https *:* LISTEN 4056/apache2
tcp6 0 1928 mail.12345.net:ssh CPE-75-81-8-102.kc:2943 ESTABLISHED4849/0

 

If you don't need TLS, comment out this part in /etc/postfix/main.cf and restart Postfix:

Code:

smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

Code:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 3766/mysqld
tcp 0 0 *:10000 *:* LISTEN 4079/perl
tcp 0 0 mail.123456.n:domain *:* LISTEN 3563/named
tcp 0 0 localhost.locald:domain *:* LISTEN 3563/named
tcp 0 0 *:smtp *:* LISTEN 3908/master
tcp 0 0 localhost.localdoma:953 *:* LISTEN 3563/named
tcp6 0 0 *:imaps *:* LISTEN 3640/couriertcpd
tcp6 0 0 *op3s *:* LISTEN 3675/couriertcpd
tcp6 0 0 *op3 *:* LISTEN 3655/couriertcpd
tcp6 0 0 *:imap2 *:* LISTEN 3615/couriertcpd
tcp6 0 0 *:www *:* LISTEN 4056/apache2
tcp6 0 0 *:ftp *:* LISTEN 4012/proftpd: (acce
tcp6 0 0 *:ssh *:* LISTEN 3937/sshd
tcp6 0 0 *:smtp *:* LISTEN 3908/master
tcp6 0 0 ip6-localhost:953 *:* LISTEN 3563/named
tcp6 0 0 *:https *:* LISTEN 4056/apache2
tcp6 0 1928 mail.12345.net:ssh CPE-75-81-8-102.kc:2943 ESTABLISHED4849/0

Courier is working ok, so you should be able to log in with POP3. Please make sure that no firewall is blocking port 110.

 

I commented out the TLS items as suggested and still unable to login to server via pop3-Any other suggestions before I reload OS and just postfix?

Thanks

Happy

 

You're mixing up SMTP and POP3. POP3 is for fetching emails, this is handled by Courier in your case. SMTP is for sending emails, this is handled by Postfix. Postfix had certificate errors in the mail log, that's why I told you to comment out the TLS stuff. So the SMTP part should be ok now.

Regarding POP3:
What's the output of

Code:

iptables -L

?

 

Ok here is the output you requested
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

I am sorry I did not mean to confuse the SMTP (receive mail) with POP3 (send mail). However, I beleive I had both issues, but beleive the SMTP issue is now resolved So the issue that stands is sending mail. I am not able to login to the server using a pop3 client


Thanks

Happy

 

SMTP and sending refers to the same. If you have a problem with fetching emails, then it's a POP3 problem.

What's the exact error message you get in your mail client? Is the server in the same network as your PC, or is it a remote server?

 

Not sure what happen but it appears to be working now-What changed?

Thanks

Happy

 

Ok it looks like all is good and working. I changed my MX records so I will see. A couple of more questions
1. How do I not allow any email users to SSH to the mail server?
2. If I install SpamAssasain and AVClam is there anthing I need to configure?

Thanks

Happy

 

Ok just think I ran into a snag
the isp was host the email before witht he domain name of thexxx.net. The uesers email address is [email protected]. I have a mx record set that refers all mail for thexxx.net to mail.thexxx.net. However, when I send mail from the server it send it out as [email protected]. When I was testing I was using [email protected] and also same for pop3 and this worked fine. Now that I have flipped the switch so to speak to a differnt mail server. I think I need to put in aliases for the users so that [email protected] is the also [email protected]-how do I do that?

Does this make sense

Thanks
Happy

 

You must set the sender address in your email client (e.g. Outlook, Thunderbird, Evolution, ...).

Give your users a shell that doesn't allow them to log in with SSH. E.g., in /etc/passwd, change /bin/bash to /bin/false.

Take a look here: http://www.howtoforge.com/amavisd_postfix_debian_ubuntu

 

Ok, the aliases seem to be working. It looks like I just have to change the users pop3 email server. As far as locking users out of sshing to the server-this will not lock out the root account as well will it

Happy

 

Started changing all pop3 email server on desktop and also checking to make sure users can log into new server-found only a handful of people that could log into the server via pop3. Tried deleteing one user that was unable to login to server via pop3 and re-adding still not good. I tested my test account on this desktop and it worked fine. Any ideas?

Thanks

Happy

 

As long as you don't change the shell of the root user in /etc/passwd - no.

Any errors in your mail log? Did you get any errors when you re-added that user? How often is that user listed in /etc/passwd?

 

Any errors in your mail log? Did you get any errors when you re-added that user? How often is that user listed in /etc/passwd?


Yes there were login errors for the client that failed something like this fffff: then their public ip address they were coming from. I did not encounter any errors that I could tell when I readded this user. I only see the user once, but not sure how to confirm this via command line


Happy