HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   The Perfect Server - Ubuntu 12.04 LTS (Apache2, BIND, Dovecot, ISPConfig 3) (http://www.howtoforge.com/forums/showthread.php?t=60703)

riaanroux 26th February 2013 21:30

The Perfect Server - Ubuntu 12.04 LTS (Apache2, BIND, Dovecot, ISPConfig 3)
 
Hi
I have tried the how to for a second time as I thought that I missed something the first time.
installation went great but now I can not send or receive emails.
Error on sending is :Authentication required
530 5.7.0 Must issue a STARTTLS command first( this is from the wemail)
the mail log is:
Feb 26 22:22:18 server postfix/submission/smtpd[30200]: connect from localhost[127.0.0.1]
Feb 26 22:22:18 server postfix/submission/smtpd[30200]: lost connection after EHLO from localhost[127.0.0.1]
Feb 26 22:22:18 server postfix/submission/smtpd[30200]: disconnect from localhost[127.0.0.1]

then when I try to send to an email address on the server I get the following:
Feb 26 22:23:26 server postfix/submission/smtpd[30200]: connect from mail-oa0-f48.google.com[209.85.219.48]
Feb 26 22:23:28 server postfix/submission/smtpd[30200]: NOQUEUE: reject: RCPT from mail-oa0-f48.google.com[209.85.219.48]: 554 5.7.1 <mail-oa0-f48.google.com[209.85.219.48]>: Client host rejected: Access denied; from=<BLABLA@gmail.com> to=<BLA@newserver.co.za> proto=ESMTP helo=<mail-oa0-f48.google.com>
Feb 26 22:23:28 server postfix/submission/smtpd[30200]: disconnect from mail-oa0-f48.google.com[209.85.219.48]

Here is my main.cf

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = /usr/share/doc/postfix

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = server.#######.co.za
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = server.#######.co.za, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
html_directory = /usr/share/doc/postfix/html
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /var/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
inet_protocols = all
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination
smtpd_tls_security_level = may
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_client_message_rate_limit = 100
maildrop_destination_concurrency_limit = 1
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot
header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
body_checks = regexp:/etc/postfix/body_checks
owner_request_special = no
dovecot_destination_recipient_limit = 1
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings


Any help will be great.
thanks

falko 27th February 2013 15:08

Have you tried an email client like Thunderbird with and without TLS?

riaanroux 1st March 2013 10:21

thanks for the reply that is all working now.

having problem with mailman.

I can access mailman on http://server.domain.com/cgi-bin/mailman/admin/
works fine.
I created a new list bulkmail@anotherdomain.com
once I tried to access it on http://www.anotherdomain.com/cgi-bin/mailman/admin/ is gives me an error 404 NOT FOUND.

then I tried on http://server.domain.com/cgi-bin/mailman/admin/bulkmail
it shows the mailman interface and I can see the mail under "Tend to pending moderator requests"
on that page once I click " Submit All Data"
it does not send the mail and it points my browser to http://anotherdomain.com/cgi-bin/mai...mindb/bulkmail and gives me the error again 404 NOT FOUND.

Please if you could tell me what I am doing wrong here?
thanks

falko 2nd March 2013 10:52

Is the Apache Mailman configuration file included in your Apache configuration?

riaanroux 4th March 2013 07:34

The mailman.conf file is in /etc/apache2/conf.d/
and here is my apache2.conf file.
#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo.log"
# with ServerRoot set to "" will be interpreted by the
# server as "//var/log/apache2/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
#<IfModule !mpm_winnt.c>
#<IfModule !mpm_netware.c>
LockFile /var/lock/apache2/accept.lock
#</IfModule>
#</IfModule>

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

##
## Server-Pool Size Regulation (MPM specific)
##

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

# event MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>

# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#

AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain


#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog /var/log/apache2/error.log

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf

# Include all the user configurations:
Include /etc/apache2/httpd.conf

# Include ports listing
Include /etc/apache2/ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#
# Define an access log for VirtualHosts that don't define their own logfile
CustomLog /var/log/apache2/other_vhosts_access.log vhost_combined


# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
Include /etc/apache2/conf.d/

# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/


also my mailman.conf file
# Sample configuration for Debian mailman with Apache

# We can find mailman here:
ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/
# And the public archives:
Alias /pipermail/ /var/lib/mailman/archives/public/
# Logos:
Alias /images/mailman/ /usr/share/images/mailman/

# Use this if you don't want the "cgi-bin" component in your URL:
# In case you want to access mailman through a shorter URL you should enable
# this:
#ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
# In this case you need to set the DEFAULT_URL_PATTERN in
# /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie
# authentication code to work. Note that you need to change the base
# URL for all the already-created lists as well.

<Directory /usr/lib/cgi-bin/mailman/>
AllowOverride None
Options ExecCGI
AddHandler cgi-script .cgi
Order allow,deny
Allow from all
</Directory>
<Directory /var/lib/mailman/archives/public/>
Options FollowSymlinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /usr/share/images/mailman/>
AllowOverride None
Order allow,deny
Allow from all
</Directory>


## The following describes how to configure mailman on
## a dedicated virtual host, courtesy Marco d'Itri.

# Add these lines in /etc/mailman/mm_cfg.py:
#DEFAULT_EMAIL_HOST = 'lists.example.net'
#DEFAULT_URL_HOST = 'lists.example.net'
#DEFAULT_URL_PATTERN = 'http://%s/'

#<VirtualHost *>
#ServerName lists.example.net
#DocumentRoot /var/www/lists
#ErrorLog /var/log/apache2/lists-error.log
#CustomLog /var/log/apache2/lists-access.log combined
#
#<Directory /var/lib/mailman/archives/>
# Options FollowSymLinks
# AllowOverride None
#</Directory>
#
#Alias /pipermail/ /var/lib/mailman/archives/public/
#Alias /images/mailman/ /usr/share/images/mailman/
#ScriptAlias /admin /usr/lib/cgi-bin/mailman/admin
#ScriptAlias /admindb /usr/lib/cgi-bin/mailman/admindb
#ScriptAlias /confirm /usr/lib/cgi-bin/mailman/confirm
#ScriptAlias /create /usr/lib/cgi-bin/mailman/create
#ScriptAlias /edithtml /usr/lib/cgi-bin/mailman/edithtml
#ScriptAlias /listinfo /usr/lib/cgi-bin/mailman/listinfo
#ScriptAlias /options /usr/lib/cgi-bin/mailman/options
#ScriptAlias /private /usr/lib/cgi-bin/mailman/private
#ScriptAlias /rmlist /usr/lib/cgi-bin/mailman/rmlist
#ScriptAlias /roster /usr/lib/cgi-bin/mailman/roster
#ScriptAlias /subscribe /usr/lib/cgi-bin/mailman/subscribe
#ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
#</VirtualHost>

falko 5th March 2013 13:27

Looks ok.

Quote:

Originally Posted by riaanroux (Post 292969)
once I tried to access it on http://www.anotherdomain.com/cgi-bin/mailman/admin/ is gives me an error 404 NOT FOUND.

Can you post the vhost configuration file?

riaanroux 7th March 2013 07:13

sorry for asking but where will I find the vhost file?

falko 8th March 2013 14:47

In the /etc/apache2/sites-available/ directory.

riaanroux 8th March 2013 15:23

as requested.
<Directory /var/www/domain.com>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

<VirtualHost *:80>
DocumentRoot /var/www/domain.com/web

ServerName domain.com
ServerAlias www.domain.com
ServerAdmin webmaster@domain.com

ErrorLog /var/log/ispconfig/httpd/domain.com/error.log

Alias /error/ "/var/www/domain.com/web/error/"
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 502 /error/502.html
ErrorDocument 503 /error/503.html

<IfModule mod_ssl.c>
</IfModule>

<Directory /var/www/domain.com/web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all

# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</Directory>
<Directory /var/www/clients/client0/web2/web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all

# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</Directory>

<IfModule mod_ruby.c>
<Directory /var/www/domain.com/web>
Options +ExecCGI
</Directory>
RubyRequire apache/ruby-run
#RubySafeLevel 0
AddType text/html .rb
AddType text/html .rbx
<Files *.rb>
SetHandler ruby-object
RubyHandler Apache::RubyRun.instance
</Files>
<Files *.rbx>
SetHandler ruby-object
RubyHandler Apache::RubyRun.instance
</Files>
</IfModule>

<IfModule mod_perl.c>
PerlModule ModPerl::Registry
PerlModule Apache2::Reload
<Directory /var/www/domain.com/web>
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
</Directory>
<Files *.pl>
SetHandler perl-script
</Files>
</IfModule>

<IfModule mod_python.c>
<Directory /var/www/domain.com/web>
AddHandler mod_python .py
PythonHandler mod_python.publisher
PythonDebug On
</Directory>
</IfModule>

# cgi enabled
<Directory /var/www/clients/client0/web2/cgi-bin>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/clients/client0/web2/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
# suexec enabled
<IfModule mod_suexec.c>
SuexecUserGroup web2 client0
</IfModule>
# Clear PHP settings of this website
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
# php as fast-cgi enabled
# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
<IfModule mod_fcgid.c>
IdleTimeout 300
ProcessLifeTime 3600
# MaxProcessCount 1000
DefaultMinClassProcessCount 0
DefaultMaxClassProcessCount 100
IPCConnectTimeout 3
IPCCommTimeout 360
BusyTimeout 300
</IfModule>
<Directory /var/www/domain.com/web>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper /var/www/php-fcgi-scripts/web2/.php-fcgi-starter .php
Options +ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/clients/client0/web2/web>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper /var/www/php-fcgi-scripts/web2/.php-fcgi-starter .php
Options +ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>


# add support for apache mpm_itk
<IfModule mpm_itk_module>
AssignUserId web2 client0
</IfModule>

<IfModule mod_dav_fs.c>
# Do not execute PHP files in webdav directory
<Directory /var/www/clients/client0/web2/webdav>
<ifModule mod_security2.c>
SecRuleRemoveById 960015
SecRuleRemoveById 960032
</ifModule>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
DavLockDB /var/www/clients/client0/web2/tmp/DavLock
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
</IfModule>


</VirtualHost>

falko 9th March 2013 17:37

This is the problem:

Code:

# cgi enabled
<Directory /var/www/clients/client0/web2/cgi-bin>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/clients/client0/web2/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl

Please disable CGI for that website.


All times are GMT +2. The time now is 00:20.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.