Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #101  
Old 29th January 2012, 23:43
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 368
Thanks: 25
Thanked 47 Times in 42 Posts
Default

Quote:
Originally Posted by m.xander View Post
Hi again...

for some reason the email isn't working again..?
It was working fine - I haven't touched the configuration since you guys got the thing running...?

Evolution is authenticating fine but when sending/receiving, email addresses from@mydomain.com are just stalling indefinitely..?
Is my test account still active? If so, I can't login either.

If you look back through the posts in this thread, and you check the relevant logs, does anything obvious turn-up? In particular, look at /var/log/mail.log and /var/log/auth.log. Do you see failures logged for me?
Reply With Quote
Sponsored Links
  #102  
Old 30th January 2012, 03:18
m.xander m.xander is offline
Member
 
Join Date: Dec 2011
Posts: 81
Thanks: 5
Thanked 2 Times in 2 Posts
Default Also...

as a side note...

I started to have a look at Falko's tutorial Securing Your ISPConfig 3 Installation With A Free Class1 SSL Certificate From StartSSL the other day... I'll get back to that too shortly...

and I'll have to get roundcube going after this too...
Reply With Quote
  #103  
Old 31st January 2012, 05:33
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 368
Thanks: 25
Thanked 47 Times in 42 Posts
Default

Let's focus on figuring out why things "broke" seemingly all-of-a-sudden, and then we can focus on the rest .

Attached is what Thunderbird displays while attempting to connect to IMAP (and POP) with the legit email account.

This is a new message throughout this massive thread. There has to be something in the log that tells us more.
Attached Images
 
Reply With Quote
  #104  
Old 31st January 2012, 08:27
m.xander m.xander is offline
Member
 
Join Date: Dec 2011
Posts: 81
Thanks: 5
Thanked 2 Times in 2 Posts
Default

from /var/log/mail.log
Code:
Jan 31 15:40:02 25612-21212 amavis[8118]: (08118-20) Passed CLEAN, <smmsp@xanderit.com> -> <root@xanderit.com>, Message-ID: <20120131044001.7F47FC748380@25612-21212.vps.digitalpacific.com.au>, mail_id: iMtx2LobGP6N, Hits: -0.001, size: 729, queued_as: B87EFC74836C, 1217 ms
Jan 31 15:40:02 25612-21212 postfix/smtp[11992]: 7F47FC748380: to=<root@xanderit.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.4, delays=0.13/0.01/0.01/1.2, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=08118-20, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as B87EFC74836C)
Jan 31 15:40:02 25612-21212 postfix/qmgr[3182]: 7F47FC748380: removed
Jan 31 15:40:02 25612-21212 postfix/pipe[12008]: B87EFC74836C: to=<root@xanderit.com>, relay=dovecot, delay=0.04, delays=0.02/0.01/0/0.01, dsn=5.1.1, status=bounced (user unknown)
Jan 31 15:40:02 25612-21212 postfix/cleanup[11985]: C12C1C748DB7: message-id=<20120131044002.C12C1C748DB7@25612-21212.vps.digitalpacific.com.au>
Jan 31 15:40:02 25612-21212 postfix/qmgr[3182]: C12C1C748DB7: from=<>, size=3238, nrcpt=1 (queue active)
Jan 31 15:40:02 25612-21212 postfix/bounce[12010]: B87EFC74836C: sender non-delivery notification: C12C1C748DB7
Jan 31 15:40:02 25612-21212 postfix/qmgr[3182]: B87EFC74836C: removed
Jan 31 15:40:02 25612-21212 postfix/pipe[12008]: C12C1C748DB7: to=<smmsp@xanderit.com>, relay=dovecot, delay=0.05, delays=0.05/0/0/0.01, dsn=5.1.1, status=bounced (user unknown)
Jan 31 15:40:02 25612-21212 postfix/qmgr[3182]: C12C1C748DB7: removed
Jan 31 15:45:01 25612-21212 dovecot: pop3-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Jan 31 15:45:01 25612-21212 dovecot: imap-login: Disconnected (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Jan 31 15:45:01 25612-21212 postfix/smtpd[12084]: connect from localhost.localdomain[127.0.0.1]
Jan 31 15:45:01 25612-21212 postfix/smtpd[12084]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jan 31 15:45:01 25612-21212 postfix/smtpd[12084]: disconnect from localhost.localdomain[127.0.0.1]
Jan 31 15:46:51 25612-21212 postfix/qmgr[3182]: 5934DC7483C7: from=<root@xanderit.com>, size=1219, nrcpt=1 (queue active)
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): chdir(/var/vmail/xanderit.com/cbj4074) failed: Permission denied
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): sieve: stat(/var/vmail/xanderit.com/cbj4074/.sieve) failed: Permission denied (using global script path in stead)
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): stat(/var/vmail/xanderit.com/cbj4074/Maildir) failed: Permission denied
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): stat(/var/vmail/xanderit.com/cbj4074/Maildir/tmp) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +x perm: /var/vmail/xanderit.com)
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): msgid=<20120130015002.0A6FDC7483CC@25612-21212.vps.digitalpacific.com.au>: save failed to INBOX: Internal error occurred. Refer to server log for more information. [2012-01-31 15:46:51]
Jan 31 15:46:51 25612-21212 postfix/pipe[12119]: 5934DC7483C7: to=<cbj4074@xanderit.com>, relay=dovecot, delay=97010, delays=97010/0.02/0/0.01, dsn=4.3.0, status=deferred (temporary failure)
Jan 31 15:48:24 25612-21212 dovecot: dovecot: Fatal: chdir(/var/vmail/xanderit.com/admin/) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +x perm: /var/vmail/xanderit.com)
Reply With Quote
  #105  
Old 31st January 2012, 10:02
m.xander m.xander is offline
Member
 
Join Date: Dec 2011
Posts: 81
Thanks: 5
Thanked 2 Times in 2 Posts
Default

from /var/log/auth.log
Code:
Jan 31 16:21:01 25612-21212 CRON[13941]: pam_unix(cron:session): session closed for user root
Jan 31 16:22:01 25612-21212 CRON[13950]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 31 16:22:01 25612-21212 CRON[13950]: pam_unix(cron:session): session closed for user root
Jan 31 16:23:01 25612-21212 CRON[13958]: pam_unix(cron:session)Jan 31 17:31:01 25612-21212 CRON[17542]: pam_unix(cron:session): session closed for user root
Jan 31 17:32:01 25612-21212 CRON[17573]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 31 17:32:01 25612-21212 CRON[17573]: pam_unix(cron:session): session closed for user root
Jan 31 17:32:28 25612-21212 sshd[17579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=node16.seo-host.com  user=root
Jan 31 17:32:30 25612-21212 sshd[17579]: Failed password for root from 66.154.45.220 port 19386 ssh2
Jan 31 17:32:32 25612-21212 sshd[17581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=node16.seo-host.com  user=root
Jan 31 17:32:34 25612-21212 sshd[17581]: Failed password for root from 66.154.45.220 port 21192 ssh2
Jan 31 17:32:36 25612-21212 sshd[17583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=node16.seo-host.com  user=root
Jan 31 17:32:37 25612-21212 sshd[17583]: Failed password for root from 66.154.45.220 port 22952 ssh2
Jan 31 17:32:39 25612-21212 sshd[17585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=node16.seo-host.com  user=root
Jan 31 17:32:41 25612-21212 sshd[17585]: Failed password for root from 66.154.45.220 port 24575 ssh2
Jan 31 17:32:43 25612-21212 sshd[17587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=node16.seo-host.com  user=root
Jan 31 17:32:44 25612-21212 sshd[17587]: Failed password for root from 66.154.45.220 port 26199 ssh2
Jan 31 17:32:49 25612-21212 sshd[17589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=node16.seo-host.com  user=root: session opened for user root by (uid=0)
Jan 31 16:23:01 25612-21212 CRON[13958]: pam_unix(cron:session): session closed for user root
Jan 31 16:24:01 25612-21212 CRON[13964]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 31 16:24:01 25612-21212 CRON[13964]: pam_unix(cron:session): session closed for user root
Jan 31 16:25:01 25612-21212 CRON[13988]: pam_unix(cron:session): session opened for user getmail by (uid=0)
Jan 31 16:25:01 25612-21212 CRON[13990]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 31 16:25:01 25612-21212 CRON[13988]: pam_unix(cron:session): session closed for user getmail
Reply With Quote
  #106  
Old 31st January 2012, 17:09
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 368
Thanks: 25
Thanked 47 Times in 42 Posts
Default

Well, that was easy.

So, it's a permissions problem. The relevant bits:

Code:
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): chdir(/var/vmail/xanderit.com/cbj4074) failed: Permission denied
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): sieve: stat(/var/vmail/xanderit.com/cbj4074/.sieve) failed: Permission denied (using global script path in stead)
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): stat(/var/vmail/xanderit.com/cbj4074/Maildir) failed: Permission denied
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): stat(/var/vmail/xanderit.com/cbj4074/Maildir/tmp) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +x perm: /var/vmail/xanderit.com)
Jan 31 15:46:51 25612-21212 dovecot: deliver(cbj4074@xanderit.com): msgid=<20120130015002.0A6FDC7483CC@25612-21212.vps.digitalpacific.com.au>: save failed to INBOX: Internal error occurred. Refer to server log for more information. [2012-01-31 15:46:51]
Jan 31 15:46:51 25612-21212 postfix/pipe[12119]: 5934DC7483C7: to=<cbj4074@xanderit.com>, relay=dovecot, delay=97010, delays=97010/0.02/0/0.01, dsn=4.3.0, status=deferred (temporary failure)
Jan 31 15:48:24 25612-21212 dovecot: dovecot: Fatal: chdir(/var/vmail/xanderit.com/admin/) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +x perm: /var/vmail/xanderit.com)
(Note that the /var/log/auth.log excerpt doesn't contain anything relevant; those root login failures are unrelated and most likely someone is attempting to brute-force his way into your box [which is inevitable]).

Recall that the permissions on /var/vmail were set incorrectly on your system at some point in the past (we covered that in a previous post in this thread). Please look back over that discussion and ensure that the permissions are correct.

Obviously, it these permissions keep being changed "for no reason", we need to isolate the cause.
Reply With Quote
The Following User Says Thank You to cbj4074 For This Useful Post:
m.xander (1st February 2012)
  #107  
Old 1st February 2012, 02:59
m.xander m.xander is offline
Member
 
Join Date: Dec 2011
Posts: 81
Thanks: 5
Thanked 2 Times in 2 Posts
Default

OK.. that's fixed it...

note after we got it running the first time re-installing ISPConfig with Dovecot I went back to working on the website and was unable to connect using FileZilla, and had to change permissions for /var/www/clients/client2/web3/ to get FTP access.

So after a new domain is added will I have to change vmail permissions for newdomain.com folder and /var/www/clients/client*/web*/ - I assumed that ISPConfig sets permissions when creating domains, mailbox's, FTP-user's, sites etc. so that the client has the relevant permissions..?
Reply With Quote
  #108  
Old 1st February 2012, 16:28
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 368
Thanks: 25
Thanked 47 Times in 42 Posts
Default

Quote:
Originally Posted by m.xander View Post
So after a new domain is added will I have to change vmail permissions for newdomain.com folder and /var/www/clients/client*/web*/ - I assumed that ISPConfig sets permissions when creating domains, mailbox's, FTP-user's, sites etc. so that the client has the relevant permissions..?
No, you should not have to change permissions on anything. ISPConfig may not set its own permissions, but at a minimum, files and directories that it creates will inherit the permissions of the parent directory. As long as the permissions for the relevant Web, FTP, and mail directories are configured properly from the beginning, they should never have to be changed.

That said, if the software is changed (e.g., replaced, reinstalled, or reconfigured), there's no guarantee that the permissions will continue to be correct.

Well, keep an eye on those logs if any problems arise and holler if this type of thing persists.

As a final point of note, I would remove Postfix and Maildrop altogether, to ensure that they aren't messing with your permissions. If you remove the software, there is the risk of removing packages on which other software depends, so use caution. As long as all of your software was installed using your Linux distributions' packages, the dependencies should be handled automatically.
Reply With Quote
The Following User Says Thank You to cbj4074 For This Useful Post:
m.xander (2nd February 2012)
  #109  
Old 1st February 2012, 16:38
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

Quote:
So after a new domain is added will I have to change vmail permissions for newdomain.com folder and /var/www/clients/client*/web*/ - I assumed that ISPConfig sets permissions when creating domains, mailbox's, FTP-user's, sites etc. so that the client has the relevant permissions..?
ISPConfig sets all permissions, so there should be need to adjust them manually. There was a bug in ISPConfig 3.0.4.1 which has been fixed in 3.0.4.2, so if the site was created with 3.0.4.1 or you dont run 2.0.4.2 already, then it might be that some permissions were not corect. You should update your server to the latest available ISPconfig version.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
m.xander (2nd February 2012)
  #110  
Old 3rd February 2012, 00:15
m.xander m.xander is offline
Member
 
Join Date: Dec 2011
Posts: 81
Thanks: 5
Thanked 2 Times in 2 Posts
 
Default

I don't quite understand it at this stage but I think I know what caused the permissions thing. Because I mucked around with a previous ISPConfig installation setting up 3 clients' domains, emails and ftp users... after re-installing ISPConfig the original database records for clients 1 2 and 3 didn't have identical usernames and passwords to clients' 1 2 and 3 when I tried again after re-install...
I haven't tried yet but I bet from client4 on there won't be any issues.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Version 1.3 of the ISPConfig 3 Manual is finally available! falko General 44 2nd December 2011 12:04
SquirrelMail login not working glenneh Installation/Configuration 13 9th April 2011 20:01
dovecot: lda: Fatal: Unknown user dpicella Installation/Configuration 1 22nd August 2010 02:59
ERROR: Connection dropped by IMAP server. [Centos 5.4, courier imap,squirrel, etc] darevil HOWTO-Related Questions 7 9th June 2010 14:49
just the last step...and it works. Postfix...need help config. ubuntusr Installation/Configuration 1 5th January 2009 09:50


All times are GMT +2. The time now is 16:54.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.