HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=15)
-   -   Trouble with Mail Server (http://www.howtoforge.com/forums/showthread.php?t=2575)

Jcorrea920 17th February 2006 00:43

Trouble with Mail Server
 
I am running Fedora Core 4 Perfect setup since last year.
By default ISPConfig uses Mbox instead of Maildir/ to hold emails. I changed it to Maildir/ so that our email clients could use it better without taking up too much space on server.
Some time on Friday Feb 11 the mail stopped working nobody could receive email from outside our local network(outside world) but smtpd still worked fine sending mail out. So since I haven't updated the software in months I ran an apt-get-install updates, but still no pop mail service. Then I ran
up2date -u and boy did it download and install a lot of updates, but still no dice.
So I discovered that it must be ipop3d that is not working properly since the error message in /var/logs/mail are Error 554 relay-access denied ipop3d[15485] Mailbox Vulnerable /var/spool/mail must have 1777 protection.

Before debugging I backed up the ISPConfig Database and All WebSites on the Server.

Then I discovered that all the Maildir/ directories were somehow converted to Mbox files. I tinkered around with Postfix, but according to the main.cf file I am set up to have Maildir/ but actually don't. Could it be my CyrusIMAP that has gone rogue? If anyone can help me get my mail server back on line and back to the Maildir/ directories, I would greatly appreciate it.;)

falko 17th February 2006 10:16

That's one of the strangest things I've ever heard.
Your server ran Cyrus-IMAP, and now it's running ipop3d?
Cyrus-IMAP uses Maildir format, but ipop3d uses mbox.
I think you should first check your server for rootkits: http://www.howtoforge.com/faq/index....hlight=rootkit

Jcorrea920 17th February 2006 19:47

I ran chkrootkit and rkhunter
 
I don't have and infection after running the scans but there were some interesting results. When scanning hidden files:
Quote:

[Warning!]
========================================
dev/.udevdb /etc/.pwd.lock
========================================
Please inspect /dev/.udevdb directory.
And then a security advisory says that root login through SSH is possible:

Quote:

/etc/ssh/sshd-config:
Root login possible
What I need is to a conversion from mbox to Maildir/ and I need to start up my CyrusIMAP and forget about ipop3d. With ISPConfig all of the email accounts do not have shell accounts so running a generic conversion tool under the specified user's shell account would be pointless. How could I fix the problem? How could I do that with ISPConfig?:confused:

falko 18th February 2006 12:20

Quote:

Originally Posted by Jcorrea920
I don't have and infection after running the scans but there were some interesting results. When scanning hidden files:

I don't think it's something serious, but have a look at /dev/.udevdb anyway:
Code:

ls -la /dev/.udevdb

Quote:

Originally Posted by Jcorrea920
And then a security advisory says that root login through SSH is possible:

This means only that root logins are allowed - this doesn't mean that your server got hackec or that anyone can get in without knowing the root password. A more secure configuration would be to disallow root logins, then you'd have to log in as another user first and then use su to become root.


Quote:

Originally Posted by Jcorrea920
What I need is to a conversion from mbox to Maildir/ and I need to start up my CyrusIMAP and forget about ipop3d. With ISPConfig all of the email accounts do not have shell accounts so running a generic conversion tool under the specified user's shell account would be pointless. How could I fix the problem? How could I do that with ISPConfig?:confused:

If you want to use Maildir, then you must enable Maildir in ISPConfig: Management -> Server -> Settings -> Maildir.
To convert from mbox to Maildir, have a look at mb2md: http://www.howtoforge.com/forums/sho...ighlight=mb2md

Jcorrea920 21st February 2006 18:53

Error 554 with Mail Server "Relay Access Denied"
 
I checked the dev/.udevdb directory and this is what I found:

http://www.correaconsulting.com:82/ls_devudevdb.bmp

Should I be concerned?

I get this error when trying to send mail from Microsoft Outlook. On my email account on Thunderbird I can send mail but mail received gets bounced with the same error 554 "Relay Access Denied"

http://www.correaconsulting.com:82/error554.bmp

How do I fix this?

falko 21st February 2006 20:42

Quote:

Originally Posted by Jcorrea920

Should I be concerned?

I don't think so.

Quote:

Originally Posted by Jcorrea920
I get this error when trying to send mail from Microsoft Outlook. On my email account on Thunderbird I can send mail but mail received gets bounced with the same error 554 "Relay Access Denied"

How do I fix this?

You must enable "Server requires authentication." in Outlook, like here: http://mail.cs.uiuc.edu/relay/outlook-config.html


All times are GMT +2. The time now is 10:23.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.