PDA

View Full Version : DNS Config Problem


bolinux
13th August 2005, 19:09
Hallo,

zuerst einmal vielen Dank für die Wahnsinns Anleitung für Suse uns ISPConfig.
Hat alles wunderbar geklappt, hab jetzt nur ein Problem mit der DNS Config.
Wie, wo und was muss ich im ISPConfig eintragen das alles funktioniert, also www geht aber Mail geht nicht hab folgende Fehlermeldung:

Das E-Mail-System konnte diese Nachricht nicht übermitteln, ohne einen besonderen Grund dafür anzugeben. Sie die Adresse, und versuchen Sie es dann erneut. Wenn die Übermittlung nochmals fehlschlägt, wenden Sie sich an den Systemadministrator. < advx.xyz.com #5.0.0 X-Postfix; mail for yxz.de loops back to myself>

Hab die Domains bei Lycos wo ich diverse DNS Parameter setzen kann, oder gleich einen anderen DNS-Server
zum verwalten der Zonen angeben kann, ist das dann meine Server?

Danke schon mal

bolinux

Suse 9.3 ISPconfig 2.0.6

falko
13th August 2005, 20:19
Ok, I answer in English so that the others can understand this, too. :)

Wie, wo und was muss ich im ISPConfig eintragen das alles funktioniert, also www geht aber Mail geht nicht hab folgende Fehlermeldung:

Quote:
Das E-Mail-System konnte diese Nachricht nicht übermitteln, ohne einen besonderen Grund dafür anzugeben. Sie die Adresse, und versuchen Sie es dann erneut. Wenn die Übermittlung nochmals fehlschlägt, wenden Sie sich an den Systemadministrator. < advx.xyz.com #5.0.0 X-Postfix; mail for yxz.de loops back to myself>

You need to put the domain xyz.de into /etc/postfix/local-host-names and restart Postfix. Please have a look at this post:
http://www.howtoforge.com/forums/showpost.php?p=880&postcount=2

bolinux
13th August 2005, 20:34
thx for your fast reply!

ok, I answer in English to, but i do not think others can understand this! :rolleyes:

i resolve the problem, i have make a bad dns entry in my lycos dns controle pannel. :confused:

now it works fine!

but one question more: why do my mail client not need "authentication" for smtp? is this okay?

bolinux

till
13th August 2005, 20:38
thx for your fast reply!

ok, I answer in English to, but i do not think others can understand this! :rolleyes:

i resolve the problem, i have make a bad dns entry in my lycos dns controle pannel. :confused:

now it works fine!

but one question more: why do my mail client not need "authentication" for smtp? is this okay?

bolinux

You never need SMTP-Auth for local Domains. But when you try to send an email to e.g. an yahoo mail account, it should fail without smtp-auth.

bolinux
13th August 2005, 20:44
Okay, you mean only exsisting domain user can send mail via my server?
i m, a littel paranoid about some body rapped my server. :eek:

bolinux

till
13th August 2005, 20:48
Okay, you mean only exsisting domain user can send mail via my server?
i m, a littel paranoid about some body rapped my server. :eek:

bolinux

Yes, only existing domain users can use your server as mailrelay. You can check this by sending an email trough your server to a recipient outside your server without smtp-auth enabled in your mailclient. Sending this mail should fail.

bolinux
13th August 2005, 21:02
No, it works without smtp-auth too! :confused:
How to fix this? i use your install suse howto, maybe i fail?

bolinux
13th August 2005, 21:04
No, it works without smtp-auth too! :confused:
How to fix this? i use your install suse howto, maybe i fail?

here my main.cfg

inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
#virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = advx.$mydomain
program_directory = /usr/lib/postfix
inet_interfaces = all
masquerade_domains =
#mydestination = $myhostname, localhost.$mydomain
defer_transports =
disable_dns_lookups = no
relayhost =
mailbox_command =
mailbox_transport =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_ relay_domains
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtp_use_tls = yes
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
mydomain = xyz.com
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names

till
13th August 2005, 21:07
No, it works without smtp-auth too! :confused:
How to fix this? i use your install suse howto, maybe i fail?

Do you have this line in your postfix main.cf?

smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_ relay_domains

and have you restarted postfix after changing main.cf?

/etc/init.d/postfix restart

bolinux
13th August 2005, 21:08
yes, i have!?

till
13th August 2005, 21:11
yes, i have!?

What output did you get when you test smtp-auth:

To see if SMTP-AUTH and TLS work properly now run the following command:

telnet localhost 25

After you have established the connection to your postfix mail server type

ehlo localhost

bolinux
13th August 2005, 21:17
okay, here the output:

advx:~ # telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 advx.xyz.com ESMTP Postfix

500 Error: bad syntax

okay i edit:

ehlo localhost

nothing happens!

next try, it works:

advx:~ # telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 advx.xyz.com ESMTP Postfix
ehlo localhost
250-advx.xyz.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME

till
13th August 2005, 21:28
Please try to add this line to your main.cf:

mynetworks = 127.0.0.0/8

then restart postfix:

/etc/init.d/postfix restart

And try if your server still relays mails to other servers without smtp-auth enabled in your mailclient.

bolinux
13th August 2005, 21:35
no longer posible to send without smtp-auth, but my email client always ask my login & password, i cant send any mail!? :confused:

Webmail works!

bolinux
13th August 2005, 21:51
no longer posible to send without smtp-auth, but my email client always ask my login & password, i cant send any mail!? :confused:

Webmail works!

now i am totaly confused, now it works only without smtp-auth!!!

bolinux
13th August 2005, 22:30
here my log files:

mail

Aug 13 21:23:33 advx postfix/smtpd[12916]: warning: zonk.xyz.de[xxx.28.199.xx]: SASL LOGIN authentication failed
Aug 13 21:23:33 advx postfix/smtpd[12916]: lost connection after AUTH from zonk.xyz.de[xxx.28.199.xx]
Aug 13 21:23:33 advx postfix/smtpd[12916]: disconnect from zonk.xyz.de[xxx.28.199.xx]
Aug 13 21:23:34 advx pop3d: Connection, ip=[::ffff:xxx.28.199.xx]
Aug 13 21:23:34 advx pop3d: LOGIN, user=web6_bo, ip=[::ffff:xxx.28.199.xx]
Aug 13 21:23:34 advx pop3d: LOGOUT, user=web6_bo, ip=[::ffff:xxx.28.199.xx], top=0, retr=0, time=0

mail.warn

Aug 13 21:23:31 advx postfix/smtpd[12916]: warning: connect to private/tlsmgr: No such file or directory
Aug 13 21:23:32 advx postfix/smtpd[12916]: warning: connect to private/tlsmgr: No such file or directory
Aug 13 21:23:32 advx postfix/smtpd[12916]: warning: problem talking to server private/tlsmgr: No such file or directory
Aug 13 21:23:32 advx postfix/smtpd[12916]: warning: no entropy for TLS key generation: disabling TLS support
Aug 13 21:23:32 advx postfix/smtpd[12916]: warning: zonk.xyz.de[xxx.28.199.xx]: SASL LOGIN authentication failed
Aug 13 21:23:33 advx postfix/smtpd[12916]: warning: zonk.xyz.de[xxx.28.199.xx]: SASL LOGIN authentication failed

and my full main.cf

#soft_bounce = no
#default_privs = nobody
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
#mydomain = domain.tld
#myorigin = $myhostname
#myorigin = $mydomain
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#proxy_interfaces =
#proxy_interfaces = 1.2.3.4
##mydestination = $myhostname, localhost.$mydomain, localhost
##mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
##mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#local_recipient_maps =
#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host
#mynetworks = $config_directory/mynetworks
#mynetworks = hash:/etc/postfix/network_table
#relay_domains = $#mydestination
#relayhost = $mydomain
#relayhost = [gateway.my.domain]
#relayhost = [mailserver.isp.tld]
#relayhost = uucphost
#relayhost = [an.ip.add.ress]
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
# Specify 0 to disable the feature. Valid delays are 0..10.
#in_flow_delay = 1s
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
#alias_database = dbm:/etc/aliases
#alias_database = dbm:/etc/mail/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
#recipient_delimiter = +
#home_mailbox = Mailbox
#home_mailbox = Maildir/
#mail_spool_directory = /var/mail
#mail_spool_directory = /var/spool/mail
#mailbox_command = /some/where/procmail
#mailbox_command = /some/where/procmail -a "$EXTENSION"
#mailbox_transport = lmtp:unix:/file/name
#mailbox_transport = cyrus
#fallback_transport = lmtp:unix:/file/name
#fallback_transport = cyrus
#fallback_transport =
#luser_relay = $user@other.host
#luser_relay = $local@other.host
#luser_relay = admin+$local
#header_checks = regexp:/etc/postfix/header_checks
#fast_flush_domains = $relay_domains
#smtpd_banner = $myhostname ESMTP $mail_name
#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
#local_destination_concurrency_limit = 2
#default_destination_concurrency_limit = 20
debug_peer_level = 2
#debug_peer_list = 127.0.0.1
#debug_peer_list = some.domain
# debugger_command =
# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen
# -dmS $process_name gdb $daemon_directory/$process_name
# $process_id & sleep 1

debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
unknown_local_recipient_reject_code = 550
inet_interfaces = all
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
#virtual_maps = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = advx.$mydomain
program_directory = /usr/lib/postfix
masquerade_domains =
#mydestination = $myhostname, localhost.$mydomain
defer_transports =
disable_dns_lookups = no
mailbox_command =
mailbox_transport =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_ relay_domains
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtp_use_tls = yes
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
mydomain = xyz.com
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names

any idea?

falko
14th August 2005, 15:45
Is saslauthd running? Try
ps aux|grep saslauthd to find out. If it isn't running, start it: /etc/init.d/saslauthd start

bolinux
14th August 2005, 16:38
Yes

advx:~ # ps aux|grep saslauthd
root 5260 0.0 0.0 4060 1132 ? Ss 13:53 0:00 /usr/sbin/saslauthd -a pam
root 5421 0.0 0.0 4060 1132 ? S 13:53 0:00 /usr/sbin/saslauthd -a pam
root 5422 0.0 0.0 4060 1132 ? S 13:53 0:00 /usr/sbin/saslauthd -a pam
root 5423 0.0 0.0 4060 1132 ? S 13:53 0:00 /usr/sbin/saslauthd -a pam
root 5424 0.0 0.0 4060 1132 ? S 13:53 0:00 /usr/sbin/saslauthd -a pam
root 14982 0.0 0.0 1824 636 pts/1 S+ 15:35 0:00 grep saslauthd

advx:~ # /etc/init.d/saslauthd start
Starting service saslauthd done
advx:~ #

maybe my outlook express config is wrong?

falko
14th August 2005, 17:02
maybe my outlook express config is wrong?

You must activate "Server needs authentication" (or similar) in Outlook Express for the mail account in question.

bolinux
14th August 2005, 17:11
You must activate "Server needs authentication" (or similar) in Outlook Express for the mail account in question.

this option is activ

do you read the logs & confs above, can you find any error?

maybe this problem is from here:

advx:~ # SuSEconfig
Starting SuSEconfig, the SuSE Configuration Tool...
Running in full featured mode.
Reading /etc/sysconfig and updating the system...
Executing /sbin/conf.d/SuSEconfig.automake...
Executing /sbin/conf.d/SuSEconfig.fonts...
Creating cache files for Xft ................
Creating fonts.{scale,dir} files .....
Executing /sbin/conf.d/SuSEconfig.groff...
Executing /sbin/conf.d/SuSEconfig.gtk2...
Executing /sbin/conf.d/SuSEconfig.guile...
Executing /sbin/conf.d/SuSEconfig.libxml2...
Executing /sbin/conf.d/SuSEconfig.news...
Executing /sbin/conf.d/SuSEconfig.pango...
Executing /sbin/conf.d/SuSEconfig.perl...
Executing /sbin/conf.d/SuSEconfig.permissions...
Executing /sbin/conf.d/SuSEconfig.postfix...
*** WARNING ***
Found /etc/postfix/main.cf.SuSEconfig, exiting...
*** WARNING ***
Executing /sbin/conf.d/SuSEconfig.profiles...
Executing /sbin/conf.d/SuSEconfig.scpm...
Executing /sbin/conf.d/SuSEconfig.sortpasswd...
Executing /sbin/conf.d/SuSEconfig.syslog-ng...
Executing /sbin/conf.d/SuSEconfig.xdm...
Executing /sbin/conf.d/SuSEconfig.zmessages...
Finished.
advx:~ #

falko
14th August 2005, 17:21
Maybe you can follow this (German) guide to configure your email account in Outlook Express and try again? http://www.mycyberhood.com/faq_email.php

bolinux
14th August 2005, 17:25
thanks, but i know how to config Outlook, but i have no no experience with
postfix, sasl whit tls.

bolinux
14th August 2005, 17:41
i do like this:

http://www.howtoforge.com/forums/showthread.php?t=167

now i get this error:

There was a problem logging onto your mail server. Your Password was rejected. Account: 'mail.xyz.com', Server: 'xxx.28.199.x', Protocol: POP3, Server Response: '-ERR Maildir: No such file or directory', Port: 110, Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC92

???

till
14th August 2005, 18:46
i do like this:

http://www.howtoforge.com/forums/showthread.php?t=167

now i get this error:

There was a problem logging onto your mail server. Your Password was rejected. Account: 'mail.xyz.com', Server: 'xxx.28.199.x', Protocol: POP3, Server Response: '-ERR Maildir: No such file or directory', Port: 110, Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC92

???

Have you set the correct value (mailbox or maildir) under management > Server > settings on the mail tab in the controlpanel?

Have you send an email to this account? The maildir folder will be created when the first email arrives.

falko
14th August 2005, 21:32
Have a look at this: http://www.howtoforge.com/forums/showpost.php?p=619&postcount=6
http://www.howtoforge.com/forums/showthread.php?t=175

bolinux
20th August 2005, 13:47
now i do a "perfect setup for suse 9.2" and everything is working fine! :)

maybe "perfect setup for suse 9.3" is not perfect at all? :rolleyes:

thank you for a great howto, i love it! :D

falko
20th August 2005, 17:07
maybe "perfect setup for suse 9.3" is not perfect at all? :rolleyes:

It's working for me! :p

bolinux
20th August 2005, 17:12
yes, i know! :)

but not on my machine! :(

i think it´s about apt, one setup i get it work but i do no update / upgrage
per apt! after update / upgrage per apt, some problems there whit ispconfig install! :cool: