Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st December 2012, 10:01
suntribe suntribe is offline
Junior Member
 
Join Date: Dec 2012
Location: Zagreb
Posts: 14
Thanks: 2
Thanked 1 Time in 1 Post
Cool Cannot access my virtualhosts from roundcube

As I'm new here let me say EHLO howtoforge.com

So, couple of days ago I purchased an unmanaged root server and since then I'm trying to make emails work. I have followed couple of different tutorials but none of them took me to the final destination. I'm starting to believe that now, maybe whats blocking me is some old settings from some tutorial I followed but I simply have no clue what to look for and where to look for the answer.

So, first let me give you some info what I have done (maybe this matters). Immidiatelly after i got my root credetials, I created a new user and gave him the sudo rights. Created cuple of new groups (neither of them interferre with those used in mail tutorials), and installed php, apache and mysql. I set up one website in apache and the last thing I did was changing the host name... That's about everything. Then i started with mail tutorials.

Last mail tutorial I followed (http://flurdy.com/docs/postfix/) gave me partial success. I can telnet to port 25 of the localhost, can send email, receivers receive email (no matter do I send the mail from localhost or from gmail!) so I guess that postfix + courier + virtual hosts saved in mysql work ok. I can see folders and files in /var/spool/mail/virtual/virtual_user_dir...

Then I tryed to install roundcube, and set it up, but when I try to enter my virtual user credentials, roundcube alerts me with error Connection to IMAP server failed.

I checked the logs: /var/log/auth.log and /var/log/mail.err give no error for this, but in /var/log/mail.log i found this: sunzone imapd-ssl: couriertls: /etc/ssl/certs/905b837e.0: No such file or directory.

I tryed to see does /etc/ssl/certs/905b837e.0 exists and i found a symlink to a real file (lrwxrwxrwx 1 root root 33 Dec 19 14:00 905b837e.0 -> /etc/mail/tls/sendmail-server.crt) but the real file doesn't exist! Even more in /etc/mail i have no /tls/ dir! I tryed to delete the symlink but, UBUNTU 12.04 is recreating it again with a new symlink name and the same destination.

I remember that in on tutorial i followed before the last one, I did create certificates name sendmail-server... but honestly, i can't remember wich one was it... I strongly believe that IMAP error that Roundcube gives me is related to this certfile error, but again, I'm not sure...

Please help me with this one - I'm rellay tired and sleepless for past three days trying to set this email up
Reply With Quote
Sponsored Links
  #2  
Old 21st December 2012, 14:57
suntribe suntribe is offline
Junior Member
 
Join Date: Dec 2012
Location: Zagreb
Posts: 14
Thanks: 2
Thanked 1 Time in 1 Post
Default

anybody?
Reply With Quote
  #3  
Old 21st December 2012, 19:35
suntribe suntribe is offline
Junior Member
 
Join Date: Dec 2012
Location: Zagreb
Posts: 14
Thanks: 2
Thanked 1 Time in 1 Post
Default

Update:

I turned off TLS and tried to connect via SquirrelMail, and I had success. I also, managed to configure the Outlook to access mailbox via POP protocol. It seems that port 25 is not accessible outside of the localhost (i have to figure out how to turn it on).

Also, IMAP is working on localhost but not visible on the outside. Once I manage to turn these porst on, I'll try to turn back to TLS step by step...
Reply With Quote
  #4  
Old 22nd December 2012, 14:53
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Can you post the outputs of
Code:
netstat -tap
and
Code:
iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 22nd December 2012, 20:13
suntribe suntribe is offline
Junior Member
 
Join Date: Dec 2012
Location: Zagreb
Posts: 14
Thanks: 2
Thanked 1 Time in 1 Post
Default

Hi Falko, thanks for trying to help,


netstat -tap:
------------------------------------
Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 localhost:imap2         *:*                     LISTEN      2086/couriertcpd
tcp        0      0 localhost:spamd         *:*                     LISTEN      1534/spamd.pid
tcp        0      0 *:sunrpc                *:*                     LISTEN      604/rpcbind
tcp        0      0 *:webmin                *:*                     LISTEN      2347/perl
tcp        0      0 localhost:720           *:*                     LISTEN      2240/famd
tcp        0      0 *:ssmtp                 *:*                     LISTEN      2212/master
tcp        0      0 sunzone.server.c:domain *:*                     LISTEN      1368/named
tcp        0      0 localhost:domain        *:*                     LISTEN      1368/named
tcp        0      0 *:smtp                  *:*                     LISTEN      2212/master
tcp        0      0 localhost:953           *:*                     LISTEN      1368/named
tcp        0      0 *:XXX                   *:*                     LISTEN      841/sshd
tcp        0      0 localhost:10023         *:*                     LISTEN      1518/postgrey.pid -
tcp        0      0 localhost:10024         *:*                     LISTEN      1411/amavisd (maste
tcp        0      0 localhost:10025         *:*                     LISTEN      2212/master
tcp        0      0 localhost:mysql         *:*                     LISTEN      1303/mysqld
tcp        0      0 *:submission            *:*                     LISTEN      2212/master
tcp        0      0 sunzone.server.co:XXX   xx.xxx.xxx.xx-dsl:54900 TIME_WAIT   -
tcp       55      0 localhost:59403         localhost:10025         CLOSE_WAIT  1532/amavisd (ch1-a
tcp        0    248 sunzone.server.co:XXX   xx.xxx.xxx.x-dsl:54921 ESTABLISHED 13275/sshd: user [p
tcp       55      0 localhost:59400         localhost:10025         CLOSE_WAIT  1531/amavisd (ch1-a
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      2108/couriertcpd
tcp6       0      0 [::]:sunrpc             [::]:*                  LISTEN      604/rpcbind
tcp6       0      0 [::]:http               [::]:*                  LISTEN      2312/apache2
tcp6       0      0 [::]:ssmtp              [::]:*                  LISTEN      2212/master
tcp6       0      0 [::]:domain             [::]:*                  LISTEN      1368/named
tcp6       0      0 [::]:smtp               [::]:*                  LISTEN      2212/master
tcp6       0      0 ip6-localhost:953       [::]:*                  LISTEN      1368/named
tcp6       0      0 [::]:XXX                [::]:*                  LISTEN      841/sshd
tcp6       0      0 [::]:submission         [::]:*                  LISTEN      2212/master
iptables -L
---------------------------------
Code:
Chain INPUT (policy DROP)
target     prot opt source               destination
dynamic    all  --  anywhere             anywhere             ctstate INVALID,NEW
net2fw     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
Reject     all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:INPUT:REJECT:"
reject     all  --  anywhere             anywhere            [goto]

Chain FORWARD (policy DROP)
target     prot opt source               destination
Reject     all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:FORWARD:REJECT:"
reject     all  --  anywhere             anywhere            [goto]

Chain OUTPUT (policy DROP)
target     prot opt source               destination
fw2net     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
Reject     all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:OUTPUT:REJECT:"
reject     all  --  anywhere             anywhere            [goto]

Chain Broadcast (2 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             ADDRTYPE match dst-type BROADCAST
DROP       all  --  anywhere             anywhere             ADDRTYPE match dst-type MULTICAST
DROP       all  --  anywhere             anywhere             ADDRTYPE match dst-type ANYCAST
DROP       all  --  anywhere             base-address.mcast.net/4

Chain Drop (1 references)
target     prot opt source               destination
           all  --  anywhere             anywhere
reject     tcp  --  anywhere             anywhere             tcp dpt:auth /* Auth */
Broadcast  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere             icmp fragmentation-needed /* Needed ICMP types */
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded /* Needed ICMP types */
Invalid    all  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere             multiport dports loc-srv,microsoft-ds /* SMB */
DROP       udp  --  anywhere             anywhere             udp dpts:netbios-ns:netbios-ssn /* SMB */
DROP       udp  --  anywhere             anywhere             udp spt:netbios-ns dpts:1024:65535 /* SMB */
DROP       tcp  --  anywhere             anywhere             multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */
DROP       udp  --  anywhere             anywhere             udp dpt:1900 /* UPnP */
NotSyn     tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere             udp spt:domain /* Late DNS Replies */

Chain Invalid (2 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             ctstate INVALID

Chain NotSyn (2 references)
target     prot opt source               destination
DROP       tcp  --  anywhere             anywhere             tcpflags:! FIN,SYN,RST,ACK/SYN

Chain Reject (3 references)
target     prot opt source               destination
           all  --  anywhere             anywhere
reject     tcp  --  anywhere             anywhere             tcp dpt:auth /* Auth */
Broadcast  all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere             icmp fragmentation-needed /* Needed ICMP types */
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded /* Needed ICMP types */
Invalid    all  --  anywhere             anywhere
reject     udp  --  anywhere             anywhere             multiport dports loc-srv,microsoft-ds /* SMB */
reject     udp  --  anywhere             anywhere             udp dpts:netbios-ns:netbios-ssn /* SMB */
reject     udp  --  anywhere             anywhere             udp spt:netbios-ns dpts:1024:65535 /* SMB */
reject     tcp  --  anywhere             anywhere             multiport dports loc-srv,netbios-ssn,microsoft-ds /* SMB */
DROP       udp  --  anywhere             anywhere             udp dpt:1900 /* UPnP */
NotSyn     tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere             udp spt:domain /* Late DNS Replies */

Chain dynamic (3 references)
target     prot opt source               destination

Chain eth0_fwd (0 references)
target     prot opt source               destination
dynamic    all  --  anywhere             anywhere             ctstate INVALID,NEW

Chain fw2net (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere

Chain logdrop (0 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere

Chain logreject (0 references)
target     prot opt source               destination
reject     all  --  anywhere             anywhere

Chain net2fw (1 references)
target     prot opt source               destination
dynamic    all  --  anywhere             anywhere             ctstate INVALID,NEW
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:pop3 /* POP3 */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:smtp /* SMTP */
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request /* Ping */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:webmin /* Webmin */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http /* Web */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https /* Web */
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh /* SSH */
Drop       all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level info prefix "Shorewall:net2fw:DROP:"
DROP       all  --  anywhere             anywhere

Chain reject (10 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             ADDRTYPE match src-type BROADCAST
DROP       all  --  base-address.mcast.net/4  anywhere
DROP       igmp --  anywhere             anywhere
REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere             reject-with icmp-host-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

Chain shorewall (0 references)
target     prot opt source               destination
i configured shorewall to suit my needs and I think haven't locked myself out when I try to telnet to smtp port from outside, i get no response so i guess that no program is actually listening this port...

Last edited by suntribe; 23rd December 2012 at 00:00.
Reply With Quote
  #6  
Old 23rd December 2012, 16:31
suntribe suntribe is offline
Junior Member
 
Join Date: Dec 2012
Location: Zagreb
Posts: 14
Thanks: 2
Thanked 1 Time in 1 Post
Default

Hi falko, last night I followed one of your tutorials but still not able to access the mail via imap (with squirrelmail or even from outside network) or access the smtp from outside... I think that no daemon listens to ports outside of localhost... is that possible? How can I check that?

UPDATE:
-------------
I enabled the firewall port 587 and now I'm able to send emails from Outlook also

Another thing I did, was adding inet_interfaces = all in main.cf and IMAP is working also :P

Last edited by suntribe; 24th December 2012 at 00:23.
Reply With Quote
The Following User Says Thank You to suntribe For This Useful Post:
falko (24th December 2012)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to upgrade Roundcube 0.3 to 0.7 on Ubuntu 10.04 LTS cbj4074 Tips/Tricks/Mods 1 19th January 2012 19:50
MySQL Error Nolan Installation/Configuration 12 16th February 2011 02:15
Webmin upgrade lishaw1968 Installation/Configuration 15 26th August 2010 15:23
Apache2 Errors Web-Sites Won't Load giganet Installation/Configuration 4 1st January 2009 19:00
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26


All times are GMT +2. The time now is 07:56.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.