PDA

View Full Version : Can't SEND eMails.


DanceNgine
29th August 2005, 15:49
Hi @ all!

I installed ISPConfig on a Suse Linux 9.3 - System, and everything is working fine - but I can't send eMails using Outlook or Outlook Express. :(

When I try to send a eMail using OE, it asks me to enter the username and password over and over again.

This is what I found in the maillog:
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: connect from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: warning: ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]: SASL LOGIN authentication failed
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: lost connection after AUTH from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: disconnect from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]

Receiving mails is working fine. If I send a eMail from a GMX-Account to webmaster@xxl-radio.de, I can receive it using my Oulook.

Any Ideas? :(

Greets
Marcus

till
29th August 2005, 16:09
Hi @ all!

I installed ISPConfig on a Suse Linux 9.3 - System, and everything is working fine - but I can't send eMails using Outlook or Outlook Express. :(

When I try to send a eMail using OE, it asks me to enter the username and password over and over again.

This is what I found in the maillog:
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: connect from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: warning: ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]: SASL LOGIN authentication failed
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: lost connection after AUTH from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]
Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: disconnect from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]

Receiving mails is working fine. If I send a eMail from a GMX-Account to webmaster@xxl-radio.de, I can receive it using my Oulook.

Any Ideas? :(

Greets
Marcus


It seems that SASL is not configured properly on your system. Have you configured your Postfix / SASL accordingly to one of the Howtos on Howtoforge?

DanceNgine
29th August 2005, 16:37
I used this manual :

http://www.howtoforge.com/perfect_setup_suse_9.3

Which steps out of this manual could I reproceed to get my Postfix / SASL working?

Greets
Marcus

PS.: Sorry 4 my bad english. ^^

till
29th August 2005, 16:50
I used this manual :

http://www.howtoforge.com/perfect_setup_suse_9.3

Which steps out of this manual could I reproceed to get my Postfix / SASL working?

Greets
Marcus

PS.: Sorry 4 my bad english. ^^

Postfix With SMTP-AUTH And TLS

apt-get install cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain cyrus-sasl-saslauthd

chkconfig --add saslauthd
/etc/init.d/saslauthd start

mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

postconf -e 'mydomain = example.com'
postconf -e 'myhostname = server1.$mydomain'
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_ relay_domains'
postconf -e 'inet_interfaces = all'
postconf -e 'alias_maps = hash:/etc/aliases'
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'

Now restart Postfix:

/etc/init.d/postfix restart

To see if SMTP-AUTH and TLS work properly now run the following command:

telnet localhost 25

After you have established the connection to your postfix mail server type

ehlo localhost

If you see the lines

250-STARTTLS

and

250-AUTH

everything is fine.

Type

quit

to return to the system's shell.

DanceNgine
29th August 2005, 20:33
Hmm...

I reworked this steps... Now I get the following error, when I try to "telnet localhost 25" :

Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying ::1...
telnet: connect to address ::1: Connection refused


:confused:

Edit:

Okay, i tried telnet localhost 25 again, and now it says "Connected to localhost. Escape character is '^]'.

When I type ehlo localhost and press Enter, absolutely nothing happens. quit or any other command - no response. :(

falko
29th August 2005, 20:35
Hmm...

I reworked this steps... Now I get the following error, when I try to "telnet localhost 25" :

Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
Trying ::1...
telnet: connect to address ::1: Connection refused


:confused:

Restart Postfix:

/etc/init.d/postfix restart

DanceNgine
29th August 2005, 20:42
Hmm... I restarted Postfix once more - same error. What the f.... :-(

till
29th August 2005, 20:49
Did you get errors in mail or syslog?

DanceNgine
29th August 2005, 20:53
I get an error in the mail log :

Aug 29 20:48:50 ds80-237-152-59 postfix/smtpd[7702]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Hmmm... What does it mean?

Greets
Marcus

till
29th August 2005, 21:01
I get an error in the mail log :

Aug 29 20:48:50 ds80-237-152-59 postfix/smtpd[7702]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit

Hmmm... What does it mean?

Greets
Marcus

Do you have this line in your main.cf?
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination

Hint: reject_unauth_destination is one word, without the space. The space is caused by the forum software!
If not, search for the line that begins with "smtpd_recipient_restrictions" and replace it with the above line.

Then restart postfix.

DanceNgine
29th August 2005, 21:11
my main.cf includes this line:
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_ relay_domains

I replaced it with yours, and restarted Postfix.

Now telnet works, here is the log :

220 xxl-radio.de ESMTP Postfix
ehlo localhost
250-xxl-radio.de
250-PIPELINING
250-SIZE 102400000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME

But, if I try to send a Mail from Outlook Express or Outlook the following Error apperars in the mail-log :


Aug 29 21:08:58 ds80-237-152-59 postfix/smtpd[8866]: warning: connect to private/tlsmgr: Connection refused
Aug 29 21:08:58 ds80-237-152-59 postfix/smtpd[8866]: warning: problem talking to server private/tlsmgr: Connection refused
Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: connect to private/tlsmgr: Connection refused
Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: problem talking to server private/tlsmgr: Connection refused
Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: no entropy for TLS key generation: disabling TLS support
Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]: SASL LOGIN authentication failed


:confused:

Any Ideas?

falko
31st August 2005, 22:49
Do you have inet_interfaces = all in /etc/postfix/main.cf?

DanceNgine
2nd September 2005, 20:49
Yes, it is.

Here is the complete content of main.cf:


command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = maildrop
html_directory = /usr/share/doc/packages/postfix/html
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/packages/postfix/samples
readme_directory = /usr/share/doc/packages/postfix/README_FILES
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_maps = hash:/etc/postfix/virtusertable
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
program_directory = /usr/lib/postfix
masquerade_domains =
mydestination = $myhostname, localhost.$mydomain, $mydomain
disable_dns_lookups = no
mailbox_command =
mailbox_transport =
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = yes
smtpd_use_tls = yes
smtp_use_tls = yes
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 102400000
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
home_mailbox = Maildir/
mydomain = xxl-radio.de
myhostname = $mydomain
default_destination_recipient_limit = 500
inet_interfaces = all


Any Ideas? :(

falko
2nd September 2005, 21:02
You should add /etc/postfix/local-host-names to mydestination:
mydestination = $myhostname, localhost.$mydomain, $mydomain, /etc/postfix/local-host-names This is normally done by the ISPConfig installer.
Also try this:
smtpd_use_tls = no
smtp_use_tls = no and restart Postfix: /etc/init.d/postfix restart

DanceNgine
3rd September 2005, 15:39
Hi falko!

I've tried your tips, but i still get the following error in my log-file


Sep 3 15:35:30 ds80-237-152-59 postfix/smtpd[9381]: warning: ip7.163.1211F-CUD12K-04.ish.de[62.143.163.7]: SASL LOGIN authentication failed


Hmmm... :(

DanceNgine
4th September 2005, 23:42
Hmm. Anyone?

falko
6th September 2005, 20:56
Hi falko!

I've tried your tips, but i still get the following error in my log-file


Sep 3 15:35:30 ds80-237-152-59 postfix/smtpd[9381]: warning: ip7.163.1211F-CUD12K-04.ish.de[62.143.163.7]: SASL LOGIN authentication failed


Hmmm... :(

Is saslauthd running?
Try /etc/init.d/saslauthd restart

DanceNgine
6th September 2005, 22:39
saslauthd was running.

I restarted - no errors :


Shutting down service saslauthd done
Starting service saslauthd done

DanceNgine
26th September 2005, 01:21
Anyone? :(

lodac
30th September 2005, 01:28
I am running into the same issues with this sasl server.

falko
2nd October 2005, 22:46
I am running into the same issues with this sasl server.
Do you also use SuSE 9.3?

BenDaDon
6th October 2005, 18:12
I done it!
Test it first:
testsaslauthd -u [username] -p [password]
its ok? well
saslauthd -a shadow

2nd:
check /etc/postfix/master.cf
there must be the following line - without the #:

tlsmgr unix - - n 1000? 1 tlsmgr