Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 25th March 2013, 14:36
mashton mashton is offline
Junior Member
 
Join Date: Jan 2012
Location: Toronto
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mashton
Default new install dovecot port465/587 issue

Hi all,

I had to quickly move servers, so did a fresh install of ispconfig2 on a new centos 6.4 box, since I did not have time to learn ispconfig3 and move all 180 sites.

Install went fine, then using this thread http://www.howtoforge.com/forums/sho...config&page=19 we moved the server over.

All went well with the exception of smtp is now only working on port 25, and for the life of me I can not figure out why 465 & 587 are not working.

Now looking into things, yum installed Dovecot 2.0.9 which may be my issue but running
Quote:
yum --showduplicates list dovecot
only shows
Quote:
Installed Packages
dovecot.x86_64 1:2.0.9-5.el6 @base
Available Packages
dovecot.i686 1:2.0.9-5.el6 base
dovecot.x86_64 1:2.0.9-5.el6 base
So not sure if I should revert back, old server was running dovecot 1.0.7 or if there is another work around.

thanks,

Mike
Reply With Quote
Sponsored Links
  #2  
Old 26th March 2013, 15:19
mashton mashton is offline
Junior Member
 
Join Date: Jan 2012
Location: Toronto
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mashton
Default More information

nobody have any ideas? I see over 50 of you have looked......

Here is my postfix and dovecot configs to see if anyone sees anything glaring wrong.

postfix

main.cf ( alter/masked domain and ip )
Code:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = all
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
mynetworks = 127.0.0.0/8,xx.xx.xx.xx/28
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
myhostname = host01.mydomain.com
home_mailbox = Maildir/
mailbox_command =
virtual_maps = hash:/etc/postfix/virtusertable
mydestination = /etc/postfix/local-host-names
master.cf
Code:
smtp      inet  n       -       n       -       -       smtpd
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
        -o smtp_fallback_relay=
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
dovecot.conf
Code:
protocols = imap pop3
dict {
}
!include conf.d/*.conf
I've also included all the dovecot/conf.d files uncommented lines.

Code:
10-auth.conf:disable_plaintext_auth = no
10-auth.conf:auth_mechanisms = plain
10-auth.conf:!include auth-system.conf.ext
10-director.conf:service director {
10-director.conf:  unix_listener login/director {
10-director.conf:  }
10-director.conf:  fifo_listener login/proxy-notify {
10-director.conf:  }
10-director.conf:  unix_listener director-userdb {
10-director.conf:  }
10-director.conf:  inet_listener {
10-director.conf:  }
10-director.conf:}
10-director.conf:service imap-login {
10-director.conf:}
10-director.conf:service pop3-login {
10-director.conf:}
10-director.conf:protocol lmtp {
10-director.conf:}
10-logging.conf:plugin {
10-logging.conf:}
10-mail.conf:mail_location = maildir:~/Maildir
10-mail.conf:mbox_write_locks = fcntl
10-master.conf:service imap-login {
10-master.conf:  inet_listener imap {
10-master.conf:  }
10-master.conf:  inet_listener imaps {
10-master.conf:  }
10-master.conf:}
10-master.conf:service pop3-login {
10-master.conf:  inet_listener pop3 {
10-master.conf:  }
10-master.conf:  inet_listener pop3s {
10-master.conf:  }
10-master.conf:}
10-master.conf:service lmtp {
10-master.conf:  unix_listener lmtp {
10-master.conf:  }
10-master.conf:}
10-master.conf:service imap {
10-master.conf:}
10-master.conf:service pop3 {
10-master.conf:}
10-master.conf:service auth {
10-master.conf:  unix_listener auth-userdb {
10-master.conf:  }
10-master.conf:}
10-master.conf:service auth-worker {
10-master.conf:}
10-master.conf:service dict {
10-master.conf:  unix_listener dict {
10-master.conf:  }
10-master.conf:}
10-ssl.conf:ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
10-ssl.conf:ssl_key = </etc/pki/dovecot/private/dovecot.pem
15-lda.conf:protocol lda {
15-lda.conf:}
20-imap.conf:protocol imap {
20-imap.conf:}
20-lmtp.conf:protocol lmtp {
20-lmtp.conf:}
20-pop3.conf:protocol pop3 {
20-pop3.conf:}
90-acl.conf:plugin {
90-acl.conf:}
90-acl.conf:plugin {
90-acl.conf:}
90-plugin.conf:plugin {
90-plugin.conf:}
90-quota.conf:plugin {
90-quota.conf:}
90-quota.conf:plugin {
90-quota.conf:}
90-quota.conf:plugin {
90-quota.conf:}
90-quota.conf:plugin {
90-quota.conf:}
dovecot-new.conf:disable_plaintext_auth = no
dovecot-new.conf:mail_location = maildir:~/Maildir
dovecot-new.conf:mbox_write_locks = fcntl
dovecot-new.conf:passdb {
dovecot-new.conf:  driver = pam
dovecot-new.conf:}
dovecot-new.conf:protocols = imap pop3
dovecot-new.conf:ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
dovecot-new.conf:ssl_key = </etc/pki/dovecot/private/dovecot.pem
dovecot-new.conf:userdb {
dovecot-new.conf:  driver = passwd
dovecot-new.conf:}
Again, any help would be appreciated.

Mike
Reply With Quote
  #3  
Old 2nd April 2013, 12:51
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Those ports can be configured in /etc/postfix/master.cf. Dovecot has nothing to do with this. Can you post your full master.cf?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 2nd April 2013, 13:47
mashton mashton is offline
Junior Member
 
Join Date: Jan 2012
Location: Toronto
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mashton
Default

Here is my master.cf

Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n       -       n       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o smtpd_sasl_type=dovecot
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# ====================================================================
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
#
#scalemail-backend unix -       n       n       -       2       pipe
#  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
#  ${nexthop} ${user} ${extension}
#
#mailman   unix  -       n       n       -       -       pipe
#  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
#  ${nexthop} ${user}
Thanks
Reply With Quote
  #5  
Old 5th April 2013, 00:07
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Please uncomment the following lines as well and restart Postfix:
Code:
submission inet n       -       n       -       -       smtpd
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o smtpd_sasl_type=dovecot
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 5th April 2013, 02:49
mashton mashton is offline
Junior Member
 
Join Date: Jan 2012
Location: Toronto
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mashton
Default

Hi Falko,

Did the change restarted postfix and no change. I can still connect using port 25 w TLS but not to 465 or 587. Firewall is not blocking them either.

Stumped.
Reply With Quote
  #7  
Old 5th April 2013, 20:34
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

What's the output of
Code:
iptables -L
?

Is SELinux disabled?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 5th April 2013, 20:58
mashton mashton is offline
Junior Member
 
Join Date: Jan 2012
Location: Toronto
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mashton
Default

Falko,

Here is the results:

Code:
iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
DROP       tcp  --  anywhere             loopback/8
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  base-address.mcast.net/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PAROLE (10 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (4 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:http
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:81
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:imap
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ndmp
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (4 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain fail2ban-SSH (0 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
Code:
# selinuxenabled && echo enabled || echo disabled
disabled

# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
Thanks, Mike
Reply With Quote
  #9  
Old 8th April 2013, 19:06
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
 
Default

You must open the ports 465 and 587 in your firewall.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Tags
dovecot centos 6.4

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need be Validate - Extras for Perfect Server Debian / Ubuntu Users Wisdown Installation/Configuration 0 1st September 2012 01:07
Dual server with ISPConfig 3 but with errors alphaman36 Installation/Configuration 8 23rd August 2012 12:59
MySQL Error Nolan Installation/Configuration 12 16th February 2011 02:15
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 16:59
Cannot install dovecot with the urpmi command harbert Installation/Configuration 1 11th June 2009 17:58


All times are GMT +2. The time now is 18:17.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.