Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 4th August 2006, 20:09
fish fish is offline
Junior Member
 
Join Date: Aug 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default SASL and TLS problems with Postfix on Ubuntu

I am trying to enable user authentication on breezy Ubuntu using Postfix, dovecot, sasl, and tls. I followed the instructions on the "perfect breezy isp" setup howto for postfix, sasl and tls. but when I telnet into port 25, I do not get a complete connection. I get STARTTLS, but I do not get the AUTH line. When I check my logs (/var/log/syslog) I find a line that says it cannot find the smtpd.key file (which is there) and that there is a TLS library problem. I really would like to get this going. I have been working on this for a couple of days, with no success on my own, so I am appealing for help if someone has the time.
Reply With Quote
Sponsored Links
  #2  
Old 5th August 2006, 18:31
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts
Default

What's in your mail log? Also make sure you follow the tutorial as close as possible as I know that Postfix SMTP-AUTH and TLS is working afterwards.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 5th August 2006, 19:23
fish fish is offline
Junior Member
 
Join Date: Aug 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default sasl and tls problems

This comes from the mail log (/var/log/mail.log) immediately after one of the other users try to login.
=====
Aug 5 09:22:49 livingsky postfix/anvil[29411]: statistics: max connection rate 1/60s for (smtp:216.40.36.59) at Aug 5 09:19
:25
Aug 5 09:22:49 livingsky postfix/anvil[29411]: statistics: max connection count 1 for (smtp:216.40.36.59) at Aug 5 09:19:25
Aug 5 09:22:49 livingsky postfix/anvil[29411]: statistics: max cache size 1 at Aug 5 09:19:25
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: cannot get private key from file /etc/postifx/ssl/smtpd.key
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: TLS library problem: 29460:error:02001002:system library:fopen:No su
ch file or directory:bss_file.c:278:fopen('/etc/postifx/ssl/smtpd.key','r'):
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: TLS library problem: 29460:error:20074002:BIO routines:FILE_CTRL:sys
tem lib:bss_file.c:280:
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: warning: TLS library problem: 29460:error:140B0002:SSL routines:SSL_CTX_use_P
rivateKey_file:system lib:ssl_rsa.c:693:
Aug 5 09:22:50 livingsky postfix/smtpd[29460]: cannot load RSA certificate and key data
Aug 5 09:22:51 livingsky postfix/smtpd[29460]: connect from c1m31.emaildefenseservice.com[216.40.36.64]
Aug 5 09:22:51 livingsky postfix/smtpd[29460]: warning: support for restriction "check_relay_domains" will be removed from P
ostfix; use "reject_unauth_destination" instead
=====

I checked to make sure that the file that is being referred to (/etc/postfix/ssl/smtpd.key) is there but I don't know what the
'r' refers to in that same reference. (fopen('/etc/postifx/ssl/smtpd.key','r')

The permissions on the files in that directory are

-rw-r--r-- 1 root root 1123 2006-08-04 10:18 cacert.pem
-rw-r--r-- 1 root root 963 2006-08-04 10:18 cakey.pem
-rw-r--r-- 1 root root 891 2006-08-04 09:56 smtpd.crt
-rw-r--r-- 1 root root 672 2006-08-04 09:55 smtpd.csr
-rw-r--r-- 1 root root 887 2006-08-04 09:56 smtpd.key
-rw-r--r-- 1 postfix postfix 2201 2006-07-28 09:31 smtpd.pem

and the smtpd.key only includes the private key.

And I followed the steps of the how-to by cutting and pasting to make sure that my fingers didn't slip while I was following the process. I have gone over each step twice.

Last edited by fish; 5th August 2006 at 19:28.
Reply With Quote
  #4  
Old 6th August 2006, 19:45
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts
Default

I guess you entered some invalid information when you created the TLS certs and were asked some questions. Please create those certs again and try to accept the default answers.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 21st August 2006, 19:03
fish fish is offline
Junior Member
 
Join Date: Aug 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default Found error

Found it! If you look at the error messages in /var/log/syslog it says that it couldn't find a file in /etc/postifx/.... That would be because there is no file in /etc/postifx, it is in /etc/postfix/... Thanks for your help anyway.
Reply With Quote
  #6  
Old 2nd October 2006, 21:38
fish fish is offline
Junior Member
 
Join Date: Aug 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default postfix/smtp/imap/tls problem - Starting again

Hi

Ok, since the last time I posted here, my hard drive failed and I had to re-install my system (backup was not pulled off machine yet). I have Ubuntu, Postfix, Courier (imap and pop3), tls, and would like to install spamassassin and clamav as well, but first have to solve a little problem.

I have users (two of them) who can login to the sytem from an external ip, but they cannot send from there. I can't even get an internal relay going if I use the external server address in their mail client. Again, they can retrieve mail, but cannot send. I thought that I had it all setup the way it was before, I even followed (by cut and paste) the perfect setup for Dapper, so have no idea what is wrong nor how to find it. I have perused days worth of mail and various other sources in my search throughout the internet to try and solve this myself, but find that I have to now come to you and whisper loudly HELP! (please)
Reply With Quote
  #7  
Old 3rd October 2006, 19:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts
Default

Quote:
Originally Posted by fish
Again, they can retrieve mail, but cannot send.
What's in your mail log?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 4th October 2006, 01:57
fish fish is offline
Junior Member
 
Join Date: Aug 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default smtp-auth problems

This is what it says in my /var/log/mail.log

Oct 3 15:47:01 localhost pop3d-ssl: LOGOUT, user=bob, ip=[::ffff:192.168.1.101], top=0, retr=0, time=0
Oct 3 15:51:25 localhost postfix/smtpd[27297]: connect from unknown[142.165.92.129]
Oct 3 15:51:27 localhost postfix/smtpd[27297]: disconnect from unknown[142.165.92.129]
Oct 3 15:51:28 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:31 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:32 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:32 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=1, starttls=1
Oct 3 15:51:33 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:33 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:35 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:35 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=2, starttls=1


This shows two instances, there were four tries with the same messages.

Bob
Reply With Quote
  #9  
Old 4th October 2006, 01:58
fish fish is offline
Junior Member
 
Join Date: Aug 2006
Posts: 14
Thanks: 0
Thanked 0 Times in 0 Posts
Default smtp-auth problems

Please note that in the above message, the outside address she is trying to send from is 142.165.92.129, internal messages go fine, and are still imap.
Reply With Quote
  #10  
Old 4th October 2006, 19:31
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,752 Times in 2,582 Posts
Default

Quote:
Originally Posted by fish
Oct 3 15:51:28 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:31 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:32 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:32 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=1, starttls=1
Oct 3 15:51:33 localhost imapd-ssl: Connection, ip=[::ffff:142.165.92.129]
Oct 3 15:51:33 localhost imapd-ssl: LOGIN, user=glydiate, ip=[::ffff:142.165.92.129], protocol=IMAP
Oct 3 15:51:35 localhost imapd-ssl: Unexpected SSL connection shutdown.
Oct 3 15:51:35 localhost imapd-ssl: DISCONNECTED, user=glydiate, ip=[::ffff:142.165.92.129], headers=0, body=0, time=2, starttls=1


This shows two instances, there were four tries with the same messages.

Bob
This is about fetching emails (IMAP), but you have problems with sending. Please post another log excerpt.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 11:38.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.