unable to receive email both locally and externally

Discussion in 'Server Operation' started by ali888, Sep 21, 2011.

Page 2 of 2
  1. ali888

    ali888 New Member

    Hi Mark_NL,

    Sorry to ask another question.

    I got an error when trying to add a new account for a legitimate user in Outlook 2010.

    The error is "The server responded: 554 5.7.7 No Spoofing Allowed". What could possibly go wrong? I tried to google it but no luck.

    Thank you in advance
     
    ali888, Sep 30, 2011
    #21
  2. Mark_NL

    Mark_NL Member

    According to the RFC, the server should've replied with
    Maybe that points you in the right direction?

    Double check all your configuration settings for that user.
    ldap returns correct values?
     
    Mark_NL, Sep 30, 2011
    #22
  3. ali888

    ali888 New Member

    Hi Mark_NL,

    I could not think of anything else that might cause this error.

    By the way, I forgot to mention in the previous post that the error I posted was coming from the Outlook 2010.

    The following is what I found in mail.log when trying to connect from Outlook.

    server1 dovecot: auth(default): ldap(user2,59.4.29.12): pass search: base=ou=accounts,dc=example,dc=com scope=subtree filter=(&(objectClass=posixAccount)(uid=user2)) fields=uid,userPassword,homeDirectory,uidNumber,gidNumber
    server1 dovecot: auth(default): ldap(duke.myer,59.4.29.12): result: uid(user)=user2 uidNumber(userdb_uid)=1004 gidNumber(userdb_gid)=1004 userPassword(password)={CRYPT}dlUoPhzngF homeDirectory(userdb_home)=/home/vmail/user2
    server1 dovecot: auth(default): client out: OK#0111#011user=user2
    server1 dovecot: auth(default): master in: REQUEST#0114#0112686#0111
    server1 dovecot: auth(default): passwd(user2,59.4.29.12): lookup
    server1 dovecot: auth(default): passwd(user2,59.4.29.12): unknown user
    server1 dovecot: auth(default): master out: USER#0114#011user2#011uid=1004#011gid=1004#011home=/home/vmail/user2
    server1 dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=59.4.29.12, lip=59.4.29.13
    server1 dovecot: IMAP(user2): Disconnected in IDLE bytes=9/292
    server1 postfix/smtpd[2766]: warning: No server certs available. TLS won't be enabled
    server1 postfix/smtpd[2766]: connect from localhost[127.0.0.1]
    server1 postfix/smtpd[2766]: 182292400AE: client=localhost[127.0.0.1 server1 postfix/smtpd[2766]: lost connection after DATA (0 bytes) from localhost[127.0.0.1]
    server1 postfix/smtpd[2766]: disconnect from localhost[127.0.0.1]

    The following is in the mail.log when successfully logging to squirrelmail.

    server1 dovecot: auth(default): ldap(duke.myer,127.0.0.1): pass search: base=ou=accounts,dc=mailtest,dc=dyndns-free,dc=com scope=subtree filter=(&(objectClass=posixAccount)(uid=user2)) fields=uid,userPassword,homeDirectory,uidNumber,gidNumber
    server1 dovecot: auth(default): ldap(duke.myer,127.0.0.1): result: uid(user)=user2 uidNumber(userdb_uid)=1004 gidNumber(userdb_gid)=1004 userPassword(password)={CRYPT}dlUoPhzngF homeDirectory(userdb_home)=/home/vmail/user2
    server1 dovecot: auth(default): client out: OK#0111#011user=user2
    server1 dovecot: auth(default): master in: REQUEST#0114#0112485#0111
    server1 dovecot: auth(default): passwd(user2,127.0.0.1): lookup
    server1 dovecot: auth(default): passwd(user2,127.0.0.1): unknown user
    server1 dovecot: auth(default): master out: USER#0114#011user1#011uid=1004#011gid=1004#011home=/home/vmail/user2
    server1 dovecot: imap-login: Login: user=<user2>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

    I am not sure if the issue is with the localhost. When logging in via squirrelmail, I notice the rip and lip use 127.0.0.1, whereas trying to connect via outlook, I do not use 127.0.0.1.

    I tried to add the remote IPs to mynetworks in main.cf into as follows

    mynetworks = 127.0.0.0/8, 192.168.1.0/24, 59.4.29.12, 59.4.29.13

    This did not do the trick.

    Many thanks
     
    ali888, Oct 3, 2011
    #23
  4. Mark_NL

    Mark_NL Member

    Try connectiong without TLS via outlook.
    then check the logs again
     
    Mark_NL, Oct 3, 2011
    #24
  5. ali888

    ali888 New Member

    Hi Mark_NL,

    I got a good news here. The outlook is working now. The problem is I needed to change the SMTP Port in outlook to 125 because it is listening to Port 125 and ASSP is listening to Port 25 instead. All is good. Thank you very much for all your assistance. Without it, I could not have pulled this off myself :) as I am still getting my head around this new OS. Really appreciated it.

    Oh, one last question is I do not know how secure this Postfix mailserver would be without TLS though. I know I have to ask my users to come up with good and strong password. Sorry I'm just a bit paranoid that someone might use my mailserver as relay server.

    I think the following setting in main.cf is good enough to stop the mailserver being manipulated.

    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_sender_login_mismatch

    Thanks again
     
    ali888, Oct 4, 2011
    #25
  6. Mark_NL

    Mark_NL Member

    Hey, that great news! nice work! :)

    The piece of config code you pasted will suffice.
     
    Mark_NL, Oct 4, 2011
    #26
Page 2 of 2

Share This Page