HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   SASL and TLS problems with Postfix on Ubuntu (http://www.howtoforge.com/forums/showthread.php?t=6000)

fish 4th August 2006 19:09

SASL and TLS problems with Postfix on Ubuntu
 
I am trying to enable user authentication on breezy Ubuntu using Postfix, dovecot, sasl, and tls. I followed the instructions on the "perfect breezy isp" setup howto for postfix, sasl and tls. but when I telnet into port 25, I do not get a complete connection. I get STARTTLS, but I do not get the AUTH line. When I check my logs (/var/log/syslog) I find a line that says it cannot find the smtpd.key file (which is there) and that there is a TLS library problem. I really would like to get this going. I have been working on this for a couple of days, with no success on my own, so I am appealing for help if someone has the time.

falko 5th August 2006 17:31

What's in your mail log? Also make sure you follow the tutorial as close as possible as I know that Postfix SMTP-AUTH and TLS is working afterwards.

fish 5th August 2006 18:23

sasl and tls problems
 
This comes from the mail log (/var/log/mail.log) immediately after one of the other users try to login.
=====
Aug 5 09:22:49 livingsky postfix/anvil[29411]: statistics: max connection rate 1/60s for (smtp:216.40.36.59) at Aug 5 09:19
:25
Aug 5 09:22:49 livingsky postfix/anvil[29411]: statistics: max connection count 1 for (smtp:216.40.36.59) at Aug 5 09:19:25
Aug 5 09:22:49 livingsky postfix/anvil[29411]: statistics: max cache size 1 at Aug 5 09:19:25
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: cannot get private key from file /etc/postifx/ssl/smtpd.key
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: TLS library problem: 29460:error:02001002:system library:fopen:No su
ch file or directory:bss_file.c:278:fopen('/etc/postifx/ssl/smtpd.key','r'):
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: TLS library problem: 29460:error:20074002:BIO routines:FILE_CTRL:sys
tem lib:bss_file.c:280:
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: TLS library problem: 29460:error:140B0002:SSL routines:SSL_CTX_use_P
rivateKey_file:system lib:ssl_rsa.c:693:
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: cannot load RSA certificate and key data
Aug 5 09:22:51 livingsky postfix/smtpd[29460]: connect from c1m31.emaildefenseservice.com[216.40.36.64]
Aug 5 09:22:51 livingsky postfix/smtpd[29460]: warning: support for restriction "check_relay_domains" will be removed from P
ostfix; use "reject_unauth_destination" instead
=====

I checked to make sure that the file that is being referred to (/etc/postfix/ssl/smtpd.key) is there but I don't know what the
'r' refers to in that same reference. (fopen('/etc/postifx/ssl/smtpd.key','r'):)

The permissions on the files in that directory are

-rw-r--r-- 1 root root 1123 2006-08-04 10:18 cacert.pem
-rw-r--r-- 1 root root 963 2006-08-04 10:18 cakey.pem
-rw-r--r-- 1 root root 891 2006-08-04 09:56 smtpd.crt
-rw-r--r-- 1 root root 672 2006-08-04 09:55 smtpd.csr
-rw-r--r-- 1 root root 887 2006-08-04 09:56 smtpd.key
-rw-r--r-- 1 postfix postfix 2201 2006-07-28 09:31 smtpd.pem

and the smtpd.key only includes the private key.

And I followed the steps of the how-to by cutting and pasting to make sure that my fingers didn't slip while I was following the process. I have gone over each step twice.

falko 6th August 2006 18:45

I guess you entered some invalid information when you created the TLS certs and were asked some questions. Please create those certs again and try to accept the default answers.

fish 21st August 2006 18:03

Found error
 
Found it! If you look at the error messages in /var/log/syslog it says that it couldn't find a file in /etc/postifx/.... That would be because there is no file in /etc/postifx, it is in /etc/postfix/... Thanks for your help anyway. :o

fish 2nd October 2006 20:38

postfix/smtp/imap/tls problem - Starting again
 
Hi

Ok, since the last time I posted here, my hard drive failed and I had to re-install my system (backup was not pulled off machine yet). I have Ubuntu, Postfix, Courier (imap and pop3), tls, and would like to install spamassassin and clamav as well, but first have to solve a little problem.

I have users (two of them) who can login to the sytem from an external ip, but they cannot send from there. I can't even get an internal relay going if I use the external server address in their mail client. Again, they can retrieve mail, but cannot send. I thought that I had it all setup the way it was before, I even followed (by cut and paste) the perfect setup for Dapper, so have no idea what is wrong nor how to find it. I have perused days worth of mail and various other sources in my search throughout the internet to try and solve this myself, but find that I have to now come to you and whisper loudly HELP! (please) ;)

falko 3rd October 2006 18:26

Quote:

Originally Posted by fish
Again, they can retrieve mail, but cannot send.

What's in your mail log?

fish 4th October 2006 00:57

smtp-auth problems
 
This is what it says in my /var/log/mail.log

Oct 3 15:47:01 localhost pop3d-ssl: LOGOUT, user=bob, ip=[::ffff:192.168.1.101], top=0, retr=0, time=0
Oct 3 15:51:25 localhost postfix/smtpd[27297]: connect from unknown[142.165.92.129]
Oct 3 15:51:27 localhost postfix/smtpd[27297]: disconnect from unknown[142.165.92.129]
Oct 3 15:51:28 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:31 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:32 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:32 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=1, starttls=1
Oct 3 15:51:33 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:33 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:35 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:35 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=2, starttls=1


This shows two instances, there were four tries with the same messages.

Bob

fish 4th October 2006 00:58

smtp-auth problems
 
Please note that in the above message, the outside address she is trying to send from is 142.165.92.129, internal messages go fine, and are still imap.

falko 4th October 2006 18:31

Quote:

Originally Posted by fish
Oct 3 15:51:28 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:31 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:32 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:32 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=1, starttls=1
Oct 3 15:51:33 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:33 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:35 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:35 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=2, starttls=1


This shows two instances, there were four tries with the same messages.

Bob

This is about fetching emails (IMAP), but you have problems with sending. Please post another log excerpt.


All times are GMT +2. The time now is 02:02.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.