Problems with webmail logins and POP3

[Spaetzle]

Hi

I just installed ISPConfig on a Debian 3.1 System. I followed the "perfect setup". A single point I did not follow the HowTo is that I used mysql4.1.

Now the following problems occure:

After I have created a customer, a website for this customer and a user for the website I tried to log into the webmail System (I have installed the UebiMiau Webmail package with the update manager).
I used a URL like this: https://<domain>:81/mailuser, a login web[ID]_username and the password as set.
Login is not possible. I get the following Error:

Code:

Fehler: User error: Unknown AUTHORIZATION state command

When I try to get the Email with Thunderbird I get an error too:

Code:

... User error: Unknown AUTHORIZATION state command

If I change my settings in Thunderbird to SSL authentication it works.


Does anybody have an idea how to get this working?

[falko]

Quote:

Originally Posted by Spaetzle

After I have created a customer, a website for this customer and a user for the website I tried to log into the webmail System (I have installed the UebiMiau Webmail package with the update manager).
I used a URL like this: https://<domain>:81/mailuser, a login web[ID]_username and the password as set.

The URL for the Uebimiau webamil application is https://<domain>:81/webmail, not https://<domain>:81/mailuser.

Quote:

Originally Posted by Spaetzle

When I try to get the Email with Thunderbird I get an error too:

Code:

... User error: Unknown AUTHORIZATION state command

If I change my settings in Thunderbird to SSL authentication it works.

What's in your mail log? What's the output of

Code:

netstat -tap

?

[Spaetzle]

Hi

I can`t test this right now, as I exchanged ipopd-ssl and uw-imapd-ssl for dovecot. If I find the time I will reinstall ipopd-ssl and uw-imapd-ssl (approximately on Tuesday) and post the output.
With dovecot installed all the logins work well (webmail, mailuser, pop3 and pop3s).

But I tried ipopd-ssl and uw-imapd-ssl on another server (no ISPconfig) . I have the same problems there. Netstat output is quite long (as the server is running LDAP, samba, hylafax etc.). Non SSL pop3 calls are not working on this server, either.

Can I find a log for pop3 somewhere (except mail.log)?
Funny thing is that I can put nonsense (lines like bliblablub 0) into /etc/c-client.cf and do not find any error in any log. So it seems to me that /etc/c-client is not being read on my systems.

[falko]

Quote:

Originally Posted by Spaetzle

But I tried ipopd-ssl and uw-imapd-ssl on another server (no ISPconfig) . I have the same problems there. Netstat output is quite long (as the server is running LDAP, samba, hylafax etc.). Non SSL pop3 calls are not working on this server, either.

What's the output of

Code:

netstat -tap

?

[Spaetzle]

Hi

I'm back :-)

I just set up the server from scratch using the perfect setup for Sarge (except mysql. I installed 4.1). I think I have found some error in the setup. Should I send the list to someone?

The Problems aren't gone. So here is an updated list:

1. Accessing https://<domain>:81/mailuser using web[ID]_<username> gives the follwong error:

Code:

Fehler: User error: Unknown AUTHORIZATION state command

2. Trying to get Email with POP3 (non SSL) using Thunderbird with user web[ID]_<username> gives the following error:

Code:

Fehler beim senden des Benutzernamens. Der Mail-Server: <domain> antwortete:
Unknown AUTHORIZATION state command

3. Sending a mail with Thunderbird (SMTP with SSL): quit long error in german. Abstract: Message could not be sent. SMTP is not reachable or does not accept connections. Check your settings or conntact server administrator.
4. Login to webmail (uebimiau) is not working (user: Emailadress):

Quote:

You cannot login with the username and password entered.

Please check your username and password and try again.

Back

netstat -tap (IPs and FQDN removed):

Code:

Aktive Internetverbindungen (Server und stehende Verbindungen)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
PID/Program name
tcp        0      0 *:imaps                 *:*                     LISTEN     4
363/inetd
tcp        0      0 *:pop3s                 *:*                     LISTEN     4
363/inetd
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN     6
556/mysqld
tcp        0      0 *:pop3                  *:*                     LISTEN     4
363/inetd
tcp        0      0 *:imap2                 *:*                     LISTEN     4
363/inetd
tcp        0      0 *:81                    *:*                     LISTEN     2
8879/ispconfig_htt
tcp        0      0 *:ftp                   *:*                     LISTEN     2
9506/proftpd: (acc
tcp        0      0 <FQDN> *:*                     LISTEN     2
9036/named
tcp        0      0 localhost.locald:domain *:*                     LISTEN     2
9036/named
tcp        0      0 *:smtp                  *:*                     LISTEN     2
9859/master
tcp        0      0 localhost.localdoma:953 *:*                     LISTEN     2
9036/named
tcp        0      0 <FQDN>:32829  212.162.12.159:www      VERBUNDEN  2
9054/freshclam
tcp6       0      0 *:www                   *:*                     LISTEN     2
8910/apache2
tcp6       0      0 *:ssh                   *:*                     LISTEN     1
828/sshd
tcp6       0      0 *:smtp                  *:*                     LISTEN     2
9859/master
tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     2
9036/named
tcp6       0      0 *:https                 *:*                     LISTEN     2
8910/apache2
tcp6       0     52 <ip>:ssh p54A5730A.dip.t-di:2829 VERBUNDEN  1
940/0

When trying to login at https://<domain>:81/mailuser /var/log/mail.info shows:

Code:

Nov 21 15:10:26 <NAME> ipop3d[30297]: Command stream end of file while reading line user=??? host=localhost.localdomain [127.0.0.1]

Maillog when trying to get Email with non SSL connection (server name removed):

Code:

Nov 21 15:00:28 <NAME> ipop3d[30150]: pop3 service init from 84.165.115.10
Nov 21 15:00:28 <NAME> ipop3d[30150]: AUTHENTICATE LOGIN failure host=p54A5730A.dip.t-dialin.net [84.165.115.10]
Nov 21 15:00:30 <NAME> ipop3d[30150]: Command stream end of file while reading line user=??? host=p54A5730A.dip.t-dialin.net [84.165.115.10]

Nothing in auth.log.
mail.info:

Code:

Nov 21 15:12:03 <NAME> ipop3d[30318]: AUTHENTICATE LOGIN failure host=p54A5730A.dip.t-dialin.net [84.165.115.10]

There is no log when trying to send mail with SSL SMTP.

ps -aux | grep sasl:

Code:

root      4350  0.0  0.1  6556 1580 ?        Ss   14:01   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root      4351  0.0  0.2  6664 1928 ?        S    14:01   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root      4352  0.0  0.1  6556 1580 ?        S    14:01   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root      4353  0.0  0.1  6556 1580 ?        S    14:01   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root      4354  0.0  0.1  6556 1580 ?        S    14:01   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
root     30212  0.0  0.0  1880  668 pts/0    R+   15:05   0:00 grep sasl

Any sugestions?
More Questions?

[Spaetzle]

Hi a second time.


One problem I have solved by myself.

Sending emails to POP3s now works.
I had to edit /etc/postfix/master.cf.
The following lines need to be commented in (no "#" at start of lines):

Code:

tlsmgr    fifo  -       -       n       300     1       tlsmgr
smtps     inet  n       -       n       -       -       smtpd -o smtpd_tls_wrap\
permode=yes -o smtpd_sasl_auth_enable=yes
587       inet  n       -       n       -       -       smtpd -o smtpd_enforce_\
tls=yes -o smtpd_sasl_auth_enable=yes

(lines 122 - 124 in my config)

[falko]

I think you should consider switching to Courier and Maildir (although I never had those problems).

[Spaetzle]

Hi

This is quite strange. Meanwhile I have installed this stuff 5 times an 3 different mashines and have the same problems anytime.

I think I will switch from ipopds and uw-imap to dovecat.

But I have found something else which might give a hint.
Yesterday I stated that smtp with SSL is working. Today I gave it another try and got an error:

Code:

Nov 22 17:40:48 nm1 postfix/smtpd[20404]: setting up TLS connection from p54A57D85.dip.t-dialin.net[84.165.125.133]
Nov 22 17:40:53 nm1 postfix/smtpd[20404]: TLS connection established from p54A57D85.dip.t-dialin.net[84.165.125.133]: SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Nov 22 17:40:53 nm1 postfix/smtpd[20404]: connect from p54A57D85.dip.t-dialin.net[84.165.125.133]
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: SASL authentication failure: Password verification failed
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: p54A57D85.dip.t-dialin.net[84.165.125.133]: SASL PLAIN authentication failed
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: p54A57D85.dip.t-dialin.net[84.165.125.133]: SASL LOGIN authentication failed
Nov 22 17:41:03 nm1 postfix/smtpd[20404]: lost connection after AUTH from p54A57D85.dip.t-dialin.net[84.165.125.133]
Nov 22 17:41:03 nm1 postfix/smtpd[20404]: disconnect from p54A57D85.dip.t-dialin.net[84.165.125.133]

Nothing was changed since yesterday. It might be possible that I didn't check smtp wit ssl correct ...

Maybe this gives a hint for the other problems?

Bernd

[Spaetzle]

Hi

This is quite strange. Meanwhile I have installed this stuff 5 times on 3 different mashines and have the same problems anytime.

I think I will switch from ipopds and uw-imap to dovecat.

But I have found something else which might give a hint.
Yesterday I stated that smtp with SSL is working. Today I gave it another try and got an error:

Code:

Nov 22 17:40:48 nm1 postfix/smtpd[20404]: setting up TLS connection from p54A57D85.dip.t-dialin.net[84.165.125.133]
Nov 22 17:40:53 nm1 postfix/smtpd[20404]: TLS connection established from p54A57D85.dip.t-dialin.net[84.165.125.133]: SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Nov 22 17:40:53 nm1 postfix/smtpd[20404]: connect from p54A57D85.dip.t-dialin.net[84.165.125.133]
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: SASL authentication failure: Password verification failed
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: p54A57D85.dip.t-dialin.net[84.165.125.133]: SASL PLAIN authentication failed
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 22 17:41:00 nm1 postfix/smtpd[20404]: warning: p54A57D85.dip.t-dialin.net[84.165.125.133]: SASL LOGIN authentication failed
Nov 22 17:41:03 nm1 postfix/smtpd[20404]: lost connection after AUTH from p54A57D85.dip.t-dialin.net[84.165.125.133]
Nov 22 17:41:03 nm1 postfix/smtpd[20404]: disconnect from p54A57D85.dip.t-dialin.net[84.165.125.133]

Nothing was changed since yesterday. It might be possible that I didn't check smtp with ssl correct ...

I found a solution for this. If I edit /etc/postfix/master.cf and change the line

Code:

smtps     inet  n       -       n       -       -       smtpd -o smtpd_tls_wrap\
permode=yes -o smtpd_sasl_auth_enable=yes

to

Code:

smtps     inet  n       -       -       -       -       smtpd -o smtpd_tls_wrap\
permode=yes -o smtpd_sasl_auth_enable=yes

it works. This changs makes smtpd run chgrooted.

Maybe this gives a hint for the other problems? What do you think

I have tried out using IMAP with and without SSL. This seems to work perfect.

So the only problems occure when using POP without SSL and logging to mailuser and webmail ...

Bernd

[falko]

Quote:

Originally Posted by Spaetzle

I think I will switch from ipopds and uw-imap to dovecat.

There'S no dovecot package for Debian Sarge, only Courier.