HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   postfix + courier pop outlook problem (http://www.howtoforge.com/forums/showthread.php?t=57570)

mediaexpert 7th June 2012 23:19

postfix + courier pop outlook problem
 
I've a Debian mail server with Postfix and courier for pop3 connection,

when I try to connect on a pc outlook fault with error 0x800ccc90
Mac users are ok, and I've already Imap port thath works fine.

I've tried to change iptables rules, postfix conf and courier conf, but the error remain.

I think the problem is on the iptables or on the outlook type of authorization

#postfix conf:
Code:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, proxy:mysql:/etc/postfix/mysql/aliases
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = //usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 1
empty_address_recipient = MAILER-DAEMON
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = .maildir/
inet_interfaces = xxx.xx.xxx.118, 127.0.0.1
local_destination_concurrency_limit = 2
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 25600000
mydestination = localhost $myhostname
mydomain = mydomain.it
myhostname = mx1.mydomain.it
mynetworks = 127.0.0.0/8, xxx.xx.xxx.118, xxx.xx.xxx.168, xxx.xx.xxx.143, xxx.xx.xxx.189, xxx.xx.xxx.99
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps  $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains  $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps  $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks  $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
queue_minfree = 120000000
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/mysql/relay_domains
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_restrictions = permit_mynetworks,    permit_sasl_authenticated,    reject_unknown_client,    reject_rbl_client zen.spamhaus.org
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,    permit_sasl_authenticated,    reject_invalid_helo_hostname,    reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks,    permit_sasl_authenticated,    reject_non_fqdn_hostname,    reject_non_fqdn_sender,    reject_non_fqdn_recipient,    reject_unauth_destination,    reject_unauth_pipelining,    reject_invalid_hostname,    check_policy_service inet:127.0.0.1:10030,    reject_rbl_client zen.spamhaus.org
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_CAfile = /etc/ssl/private/intermediate.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/private/*.mydomain.it.crt
smtpd_tls_key_file = /etc/ssl/private/*.mydomain.it.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps, proxy:mysql:/etc/postfix/mysql/autoreply_domains
unknown_local_recipient_reject_code = 550
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps, proxy:mysql:/etc/postfix/mysql/autoreply_aliases
virtual_gid_maps = static:999
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains
virtual_mailbox_limit = 2097152000
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps, proxy:mysql:/etc/postfix/mysql/virtual_mailbox_exts
virtual_minimum_uid = 999
virtual_uid_maps = static:999

#iptables:
Code:

Chain INPUT (policy DROP 0 packets, 0 bytes)
....
....
10779 1672K ACCEPT    tcp  --  *      *      0.0.0.0/0            xxx.xxx.xxx.xx      tcp spts:1024:65535 dpt:143 state NEW,ESTABLISHED
    0    0 ACCEPT    tcp  --  *      *      0.0.0.0/0            178.79.185.118      tcp spts:1024:65535 dpt:110 state NEW,ESTABLISHED


Chain OUTPUT (policy DROP 3 packets, 313 bytes)
....
20870  75M ACCEPT    tcp  --  *      *      xxx.xxx.xxx.xx      0.0.0.0/0          tcp spt:110 dpts:1024:65535 state ESTABLISHED
12622  14M ACCEPT    tcp  --  *      *      xxx.xxx.xxx.xx      0.0.0.0/0          tcp spt:143 dpts:1024:65535 state ESTABLISHED

....
Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target    prot opt in    out    source              destination       
    0    0 ACCEPT    tcp  --  *      *      xxx.xxx.xxx.xx      0.0.0.0/0          tcp dpt:110


falko 8th June 2012 18:37

Are there any errors in your mail log (in the /var/log/ directory)?

mediaexpert 9th June 2012 12:10

there is no errors on log files,
the log files doesn't have any lines refferred to the outlook connections,
but I see a lot of TIME WAIT in netstat on tcp6.

I think that some version of outlook uses ipv6 connection, and I guess this is the problem, but I don't be able to solve it.

The problem is only in some outlook windows versions,
for the Mac users and other windows users the emails works fine.

falko 10th June 2012 12:15

Can you post the output of
Code:

netstat -tap
?

mediaexpert 10th June 2012 15:37

Falko,
first of all thank you for the replies,

below there is the netstat output, as you can see the TIME WAITS are my connection attempts, but I tried to be connected 2 days ago, but the time wait remains.

Code:

tcp        0      0 localhost:10024        *:*                    LISTEN      -             
tcp        0      0 localhost:10025        *:*                    LISTEN      -             
tcp        0      0 localhost:mysql        *:*                    LISTEN      -             
tcp        0      0 mail.mydoma:submission *:*                    LISTEN      -             
tcp        0      0 localhost:submission    *:*                    LISTEN      -             
tcp        0      0 localhost:10030        *:*                    LISTEN      -             
tcp        0      0 localhost:spamd        *:*                    LISTEN      -             
tcp        0      0 *:webmin                *:*                    LISTEN      -             
tcp        0      0 mail.mydomain.com:ssmtp *:*                    LISTEN      -             
tcp        0      0 localhost:ssmtp        *:*                    LISTEN      -             
tcp        0      0 mail.mydomain.co:domain *:*                    LISTEN      -             
tcp        0      0 localhost:domain        *:*                    LISTEN      -             
tcp        0      0 mail.mydomain.com:smtp  *:*                    LISTEN      -             
tcp        0      0 localhost:smtp          *:*                    LISTEN      -             
tcp        0      0 localhost:953          *:*                    LISTEN      -                         
tcp        0      0 localhost:10030        localhost:53055        ESTABLISHED -             
tcp        0      0 localhost:10025        localhost:55171        ESTABLISHED -             
tcp      53      0 localhost:55167        localhost:10025        CLOSE_WAIT  -             
tcp        0      0 localhost:53055        localhost:10030        ESTABLISHED -             
tcp        0      0 mail.mydomain.com:smtp  ip-202-124-73-42.o:44115 ESTABLISHED -             
tcp        0      0 localhost:55171        localhost:10025        ESTABLISHED -             
tcp        0      0 mail.mydomain.com:smtp  net230-81-245-109.:1240 ESTABLISHED -             
tcp        0    328 mail.mydomain.com:23547 2-230-235-240.ip2:58569 ESTABLISHED -             
tcp6      0      0 [::]:pop3s              [::]:*                  LISTEN      -             
tcp6      0      0 [::]:pop3              [::]:*                  LISTEN      -             
tcp6      0      0 [::]:imap2              [::]:*                  LISTEN      -             
tcp6      0      0 [::]:www                [::]:*                  LISTEN      -             
tcp6      0      0 [::]:https              [::]:*                  LISTEN      -                         
tcp6      0      0 [::]:imaps              [::]:*                  LISTEN      -             
tcp6      0      0 mail.mydomain.com:pop3  200-32-170-75.ip34:57877 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:pop3  200-62-58-3.ip21.f:23400 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:pop3  200-62-58-3.ip21.f:23399 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:pop3  200-62-58-3.ip21.f:23401 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:pop3  217.200.185.19%15:58444 ESTABLISHED -             
tcp6      0      0 mail.mydomain.com:pop3  200-62-58-3.ip21.f:23398 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:pop3  217.200.185.19%15:12767 ESTABLISHED -             
tcp6      0      0 mail.mydomain.com:pop3  200-32-170-75.ip34:32404 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:imap2 151.81.254.215%15:49747 ESTABLISHED -             
tcp6      0      0 mail.mydomain.com:pop3  200-32-170-75.ip34:60672 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:pop3  200-62-58-3.ip21.f:23397 TIME_WAIT  -             
tcp6      0      0 mail.mydomain.com:imap2 2-232-97-171.ip21:56957 ESTABLISHED -             
tcp6      0      0 mail.mydomain.com:pop3  200-32-170-75.ip34:220033 TIME_WAIT  -


falko 11th June 2012 11:17

This looks ok:

Code:

tcp6      0      0 [::]:pop3s              [::]:*                  LISTEN      -             
tcp6      0      0 [::]:pop3              [::]:*                  LISTEN      -             
tcp6      0      0 [::]:imap2              [::]:*                  LISTEN      -                                   
tcp6      0      0 [::]:imaps              [::]:*                  LISTEN      -

I have no idea why it's not working... :(

mediaexpert 11th June 2012 14:48

the problems seem to be in the ssl self certificate,
outlook has problem to accept this automatically.

Some users, have solved this problem by removing and reconfiguring the account.

Really strange things.

But I don't use an ssl for the pop3 connection and I can't download email :-(

falko 13th June 2012 14:09

Have you tried to switch off the firewall for testing purposes?


All times are GMT +2. The time now is 01:10.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.