HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   The Perfect Server - Ubuntu Gutsy Gibbon (Ubuntu 7.10) w/ISPConfig (http://www.howtoforge.com/forums/showthread.php?t=29731)

giganet 24th December 2008 00:48

The Perfect Server - Ubuntu Gutsy Gibbon (Ubuntu 7.10) w/ISPConfig
 
Hello HTF group...:D
I am following the HTF Tutorial beyond the part detailing installation of Ubuntu 7.10: http://www.howtoforge.com/perfect_server_ubuntu7.10
Presently I am having trouble when Sending OR Receiving Email from this server.
I receive the following error from ThunderBird which I configured to use TLS and have setup the SMTP to authenticate using a valid Email User usr & pwd for the mentioned mail server.

When Checking Email (ThunderBird Client)
1)
Code:

Sending of password did not succeed. Mail server mail.my-domain.net responded teporary problem, please try again later.
When Attempting to Send Email (ThunderBird Client)
2)
Code:

ThunderBird continuously prompts for password
When I cancel on password prompt I rececive the following error when trying to send Email.
2 cont.)
Code:

Sending of message failed.  The message could not be sent because the connecting SMTP server mail.my-domain.net failed.  The server may be unavailable or refusing SMTP connections.  Please verify that your SMTP server setting is correct and try again, or else contact your network adminsitrator.
To check SMTP connectivity I ran: 'telnet localhost 25'
I receive the following:

'Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 my-domain.net ESMTP Postfix (Ubuntu)'

Then when I run the following: 'ehlo'

The server returns: '501 Syntax: EHLO hostname'

I have sent Emails from other servers and don't receive any bounce-backs or failure notices.
I have been going back through settings but can't locate an answer yet, where might my errors be?
I have tried recreating the SSL cert following the instructions on this same tutorial 4 times now while still receiving the same error.

Thank you
Regards

falko 24th December 2008 17:08

Any errors in /var/log/mail.log?

You must run
Code:

ehlo localhost
in telnet, not just
Code:

ehlo

giganet 24th December 2008 17:30

Thank you very much Falko

I ran cat /var/log/mail.log and yes it did seem to want to continue printing errors before I finally ran 'ctrl-c', but here is a sampling of the errs from mail.log file:

INFO UPDATE A/1: My error in the post last night, yes I did run 'ehlo localhost' and all was good after running that command.

Code:

Dec 24 07:34:12 my-domain postfix/qmgr[30658]: B8614359631B: from=<www-data@my-domain.net>, size=2240, nrcpt=1 (queue active)
 
Dec 24 07:30:08 my-domain postfix/error[13300]: 2956535958E2: to=<carvalho@construtel.com.br>, relay=none, delay=309052, delays=308996/57/0/0.01, dsn=4.4.3, status=deferred (delivery temporarily suspended: Host or domain name not found. Name service error for name=construtel.com.br type=MX: Host not found, try again)

Quote:

I should have setup this server using TLS initially as one of my hosting clients was running an exploited 'mail.php' and then came the problems.
Anyhow, I just this morning decided that beings I screwed up initially by following the 'Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV)'
That I should start all over but using the tutorial 'The Perfect Server - Ubuntu Gutsy Gibbon (Ubuntu 7.10)'

So when I get to section '11 Quota' I am at a wall when running the following comand(s).

Code:

touch /quota.user
I receive this err: touch: cannot touch `/quota.user': Permission denied

INFO UPDATE A/2: Falko I wanted to let you know that I am running as 'root su' when I receive the errors above while trying to 'touch' quota.
I am betting this has everything to with what ever was changed when folowing the virtual tutorial?
What will I need to do to get past this error?

INFO UPDATE A/3: I have been looking over the first tutorial I attempted using which if I would of red tells me it was intended for deb sarge, should I go back through that tutorial and remove files such as: mysql-virtual_mailbox_limit_maps.cf, virtusertable~, mysql-virtual_domains.cf, mysql-virtual_transports.cf, virtusertable.db, mysql-virtual_email2email.cf, mysql-virtual_forwardings.cf, mysql-virtual_mailboxes.cf

Located in: /etc/postfix

Not to mention other files created that don't pertain to the UBUNTU 7.10 Perect Server tutorial?

Thank you Falko
Regards

Best wishes for everyone

falko 25th December 2008 11:13

Quote:

Originally Posted by giganet (Post 161334)
So when I get to section '11 Quota' I am at a wall when running the following comand(s).

Code:

touch /quota.user
I receive this err: touch: cannot touch `/quota.user': Permission denied

You must be root when you run this command:
Code:

sudo su
touch /quota.user

(or run
Code:

sudo touch /quota.user
)

giganet 25th December 2008 18:26

Thank you Falko

Yes I am logged in as 'root' when receiving the err:confused:.
Code:

root@my-domain:/home/bender# sudo touch /quota.user
touch: cannot touch `/quota.user': Permission denied

Best Regards

falko 26th December 2008 13:21

Did you disable AppArmor?
What's the output of
Code:

ls -la /
?

giganet 26th December 2008 20:12

Thank you Falko

Hmm, I did some extra searching the net last night and found a handy group of commands that pertains to 'quota'.

After running 'quotaoff /' I was able to proceed onto completion of the Ubuntu Gutsy Gibbon (Ubuntu 7.10 w/ISPConfig) tutorial.

At this point this is the condition of functionality:

1) When I try to send Email from this server I am perpetually prompted for the SMTP server password which is for the web_admin email account.
If I cancel the send process TBird returns the err;
Code:

Sending of message failed. The message could not be sent because connecting to SMTP server mail.my-domain.net failed. The server may be unavailable or is refusing SMTP connections. Please verify that your SMPT server setting is correct and try again, or else contact your Network Administrator.
In TBird I have configured the SMTP to use this server mail.my-domain.net using the web_admin usr/pwd for TLS and have enabled 'Use Secure Connection' with the TLS RADIO enabled.
After settings are made I restart TBird but still get same result.

2) Likewise when I attempt to receive Email I am prepetually prompted for the password and what's wierd is I am being prompted by TBird to accept a cert from another one of my servers even though I have double checked my POP settings for the .NET account I am working with presently??

I have deleted ALL SSL certs in TBird and restarted it to be faced with the same event.

3) I can send Email to this Email server from an outside server and recieve no undelivered messages at the outside server yet I am unable to retreive the Email on the .NET server due to the password looping issue defined above.

From the CLI I am able to connect to the SMTP server running:
'telnet localhost 25'
And upon connection I run 'ehlo localhost' and all is well.
After 'quit' I try 'telnet localhost pop3' and receive:

Code:

Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
+OK Hello there.

Then 'quit' all seems good there.

main.cf output:
Code:

# Source: .NET main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
 
# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
#Do not en-able when using with ISPConfig.
#home_mailbox = Maildir/
# Uncomment the next line to generate "delayed mail" warnings
delay_warning_time = 30m
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = my-domain.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = my-domain.net, localhost.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
virtual_maps = hash:/etc/postfix/virtusertable
## mydestination = /etc/postfix/local-host-names
## transport_maps = hash:/etc/postfix/transport
## relay_domains = hash:/etc/postfix/relay-host-names


master.cf output
Code:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#              (yes)  (yes)  (yes)  (never) (100)
# ==========================================================================
smtp      inet  n      -      -      -      -      smtpd
#submission inet n      -      -      -      -      smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps    inet  n      -      -      -      -      smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,rejec
#628      inet  n      -      -      -      -      qmqpd
pickup    fifo  n      -      -      60      1      pickup
cleanup  unix  n      -      -      -      0      cleanup
qmgr      fifo  n      -      n      300    1      qmgr
#qmgr    fifo  n      -      -      300    1      oqmgr
tlsmgr    unix  -      -      -      1000?  1      tlsmgr
rewrite  unix  -      -      -      -      -      trivial-rewrite
bounce    unix  -      -      -      -      0      bounce
defer    unix  -      -      -      -      0      bounce
trace    unix  -      -      -      -      0      bounce
verify    unix  -      -      -      -      1      verify
flush    unix  n      -      -      1000?  0      flush
proxymap  unix  -      -      n      -      -      proxymap
smtp      unix  -      -      -      -      -      smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay    unix  -      -      -      -      -      smtp
        -o smtp_fallback_relay=
#      -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq    unix  n      -      -      -      -      showq
error    unix  -      -      -      -      -      error
retry    unix  -      -      -      -      -      error
discard  unix  -      -      -      -      -      discard
local    unix  -      n      n      -      -      local
virtual  unix  -      n      n      -      -      virtual
lmtp      unix  -      -      -      -      -      lmtp
anvil    unix  -      -      -      -      1      anvil
scache    unix  -      -      -      -      1      scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -      n      n      -      -      pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -      n      n      -      -      pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -      n      n      -      -      pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp    unix  -      n      n      -      -      pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -      n      n      -      2      pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman  unix  -      n      n      -      -      pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

POST EDIT: I fogot to add this finding, last night when I exited PuTTY I received the 'You have new mail in /var/mail/my-server'
Below are the contents of that mail:
Code:

From amavis@my-server.net  Thu Dec 25 21:45:54 2008
Return-Path: <amavis@my-server.net>
X-Original-To: amavis@my-server.net
Delivered-To: amavis@my-server.net
Received: from localhost (localhost.localdomain [127.0.0.1])
        by my-server.net (Postfix) with ESMTP id 03F4835941F7
        for <amavis@my-server.net>; Thu, 25 Dec 2008 03:18:14 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at my-server.net
Received: from my-server.net ([127.0.0.1])
        by localhost (my-server.net [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id TmSayPUCcAtC for <amavis@my-server.net>;
        Thu, 25 Dec 2008 03:18:03 -0800 (PST)
Received: by my-server.net (Postfix, from userid 114)
        id 102F535941F6; Thu, 25 Dec 2008 03:18:02 -0800 (PST)
From: root@my-server.net (Cron Daemon)
To: amavis@my-server.net
Subject: Cron <amavis@my-server> test -e /usr/sbin/amavisd-new-cronjob && /usr/sbin/amavisd-new-cronjob sa-sync
Content-Type: text/plain; charset=UTF-8
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/var/lib/amavis>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=amavis>
Message-Id: <20081225111803.102F535941F6@my-server.net>
Date: Thu, 25 Dec 2008 03:18:02 -0800 (PST)

config: unparseable chars in 'if you are running SA 3.0.0 or higher, you already have antidrug and this file': '3.0.0'


Output from '/var/log/mail.log'
Code:

Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 55F2F1C882A5: removed
Dec 26 07:46:21 my-domain postfix/pickup[9956]: 2AF301C8819B: uid=10073 from=<web44_anzatowndog>
Dec 26 07:46:21 my-domain postfix/cleanup[8059]: 2AF301C8819B: message-id=<20081226154621.2AF301C8819B@my-domain.net>
Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 2AF301C8819B: from=<web44_anzatowndog@my-domain.net>, size=412, nrcpt=1 (queue active)
Dec 26 07:46:21 my-domain postfix/pickup[9956]: 3A89C1C882A5: uid=10058 from=<web44_janeb>
Dec 26 07:46:21 my-domain postfix/cleanup[8067]: 3A89C1C882A5: message-id=<20081226154621.3A89C1C882A5@my-domain.net>
Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 3A89C1C882A5: from=<web44_janeb@my-domain.net>, size=393, nrcpt=1 (queue active)
Dec 26 07:46:21 my-domain postfix/smtp[772]: 2AF301C8819B: to=<admispconfig@localhost.localdomain>, relay=none, delay=0.11, delays=0.03/0/0.08/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=localhost.localdomain type=AAAA: Host not found)
Dec 26 07:46:21 my-domain postfix/cleanup[10780]: 403771C882CE: message-id=<20081226154621.403771C882CE@my-domain.net>
Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 403771C882CE: from=<>, size=2388, nrcpt=1 (queue active)
Dec 26 07:46:21 my-domain postfix/bounce[8403]: 2AF301C8819B: sender non-delivery notification: 403771C882CE
Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 2AF301C8819B: removed
Dec 26 07:46:21 my-domain postfix/smtp[8402]: 3A89C1C882A5: to=<admispconfig@localhost.localdomain>, relay=none, delay=0.09, delays=0.04/0/0.05/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=localhost.localdomain type=AAAA: Host not found)
Dec 26 07:46:21 my-domain postfix/cleanup[8059]: 48F501C8819B: message-id=<20081226154621.48F501C8819B@my-domain.net>
Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 48F501C8819B: from=<>, size=2357, nrcpt=1 (queue active)
Dec 26 07:46:21 my-domain postfix/bounce[6498]: 3A89C1C882A5: sender non-delivery notification: 48F501C8819B
Dec 26 07:46:21 my-domain postfix/qmgr[14646]: 3A89C1C882A5: removed
Dec 26 07:46:23 my-domain postfix/local[16313]: 60B121C882E8: to=<web44_wstrn@my-domain.net>, relay=local, delay=182, delays=0.01/170/0/13, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
Dec 26 07:46:23 my-domain postfix/qmgr[14646]: 60B121C882E8: removed
Dec 26 07:46:23 my-domain postfix/pickup[9956]: ACC571C882A5: uid=10063 from=<web44_wstrn>
Dec 26 07:46:23 my-domain postfix/cleanup[8067]: ACC571C882A5: message-id=<20081226154623.ACC571C882A5@my-domain.net>
Dec 26 07:46:23 my-domain postfix/qmgr[14646]: ACC571C882A5: from=<web44_wstrn@my-domain.net>, size=392, nrcpt=1 (queue active)
Dec 26 07:46:23 my-domain postfix/smtp[8402]: ACC571C882A5: to=<admispconfig@localhost.localdomain>, relay=none, delay=0.1, delays=0.05/0/0.06/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=localhost.localdomain type=AAAA: Host not found)
Dec 26 07:46:23 my-domain postfix/cleanup[10780]: BC5B41C882D7: message-id=<20081226154623.BC5B41C882D7@my-domain.net>
Dec 26 07:46:23 my-domain postfix/qmgr[14646]: BC5B41C882D7: from=<>, size=2356, nrcpt=1 (queue active)
Dec 26 07:46:23 my-domain postfix/bounce[8403]: ACC571C882A5: sender non-delivery notification: BC5B41C882D7
Dec 26 07:46:23 my-domain postfix/qmgr[14646]: ACC571C882A5: removed
Dec 26 07:46:24 my-domain postfix/local[17768]: 396C31C8826E: to=<web44_webmin@my-domain.net>, relay=local, delay=36, delays=0/24/0/12, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
Dec 26 07:46:24 my-domain postfix/qmgr[14646]: 396C31C8826E: removed
Dec 26 07:46:24 my-domain postfix/pickup[9956]: 9A73D1C8826E: uid=10025 from=<web44_webmin>
Dec 26 07:46:24 my-domain postfix/cleanup[8059]: 9A73D1C8826E: message-id=<20081226154624.9A73D1C8826E@my-domain.net>
Dec 26 07:46:24 my-domain postfix/qmgr[14646]: 9A73D1C8826E: from=<web44_webmin@my-domain.net>, size=408, nrcpt=1 (queue active)
Dec 26 07:46:24 my-domain postf


Thanking you in advance for your help and time Falko :-)

Best Regards

falko 27th December 2008 13:13

What's in /etc/hosts?

Does sending and receiving work when you switch off secure connections?

giganet 27th December 2008 19:49

Hello Falko thank you...

MySQL db find : Falko, I logged into my .COM server which is also configured running ISPConfig PostFix, Courier, etc, using TLS authentication.
What I found was that the .COM server when logged into MyPHPAdmin DOES NOT have a Mail db, rather it only has the ISPConfig db and it's Email system works fine.

When logged into my .NET server using MyPHPAdmin I find that in addition to the ISPConfig db the .NET server also has a Mail db
too which I created when I wrongly chose to follow the Debian based Tutorial at first which did not support ISPConfig!

I am not sure but I feel rather confident that this is the chief cause of the issue I have been dealing with??
Would you suggest I delete the Mail db from my .NET server beings this server also runs ISPConfig which should make TLS based POP3 & SMTP authentication function properly then- At least it seams that way to me (my desperation to get my client Email service restored).

The output of '/etc/hosts'
Code:

127.0.0.1      localhost.localdomain localhost
65.197.209.3    giganetwireless.net    Bender
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

I then logged into another server and saw an immediate difference!
on the first line at the end it also defined the FQD for that server so I changed this new server to be as follows now:
Code:

127.0.0.1      localhost.localdomain localhost giganetwireless.net
65.197.209.3    giganetwireless.net    Bender
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

After this I ran '/etc/init.d/networking restart'

TO disable secure I set 'smtpd_use_tls = no'
AND
'smtpd_tls_auth_only = no'
AND
'smtpd_sasl_auth_enable = no'

Then I ran '/etc/init.d/postfix restart'

After making the above changes to the server I reconfigured TBird not to use TLS in both POP & SMTP.
I am still unable to send or receive from this server however...

Thank you Falko

Regards

falko 28th December 2008 13:22

Please change this line:
Code:

::1 ip6-localhost ip6-loopback
so that it looks as follows:
Code:

::1 ip6-localhost ip6-loopback localhost.localdomain


All times are GMT +2. The time now is 05:21.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.