Can't SEND eMails.

Discussion in 'Installation/Configuration' started by DanceNgine, Aug 29, 2005.

  1. DanceNgine

    DanceNgine New Member

    Hi @ all!

    I installed ISPConfig on a Suse Linux 9.3 - System, and everything is working fine - but I can't send eMails using Outlook or Outlook Express. :(

    When I try to send a eMail using OE, it asks me to enter the username and password over and over again.

    This is what I found in the maillog:
    Code:
    Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: connect from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60] 
    Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: warning: ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]: SASL LOGIN authentication failed 
    Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: lost connection after AUTH from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60] 
    Aug 20 07:40:22 ds80-237-152-59 postfix/smtpd[3864]: disconnect from ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]
    Receiving mails is working fine. If I send a eMail from a GMX-Account to webmaster@xxl-radio.de, I can receive it using my Oulook.

    Any Ideas? :(

    Greets
    Marcus
     
  2. till

    till Super Moderator


    It seems that SASL is not configured properly on your system. Have you configured your Postfix / SASL accordingly to one of the Howtos on Howtoforge?
     
  3. DanceNgine

    DanceNgine New Member

  4. till

    till Super Moderator

    Postfix With SMTP-AUTH And TLS

    apt-get install cyrus-sasl cyrus-sasl-crammd5 cyrus-sasl-devel cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-otp cyrus-sasl-plain cyrus-sasl-saslauthd

    chkconfig --add saslauthd
    /etc/init.d/saslauthd start

    mkdir /etc/postfix/ssl
    cd /etc/postfix/ssl/
    openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
    chmod 600 smtpd.key
    openssl req -new -key smtpd.key -out smtpd.csr
    openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
    openssl rsa -in smtpd.key -out smtpd.key.unencrypted
    mv -f smtpd.key.unencrypted smtpd.key
    openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

    postconf -e 'mydomain = example.com'
    postconf -e 'myhostname = server1.$mydomain'
    postconf -e 'smtpd_sasl_local_domain ='
    postconf -e 'smtpd_sasl_auth_enable = yes'
    postconf -e 'smtpd_sasl_security_options = noanonymous'
    postconf -e 'broken_sasl_auth_clients = yes'
    postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains'
    postconf -e 'inet_interfaces = all'
    postconf -e 'alias_maps = hash:/etc/aliases'
    postconf -e 'smtpd_tls_auth_only = no'
    postconf -e 'smtp_use_tls = yes'
    postconf -e 'smtpd_use_tls = yes'
    postconf -e 'smtp_tls_note_starttls_offer = yes'
    postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
    postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
    postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
    postconf -e 'smtpd_tls_loglevel = 1'
    postconf -e 'smtpd_tls_received_header = yes'
    postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
    postconf -e 'tls_random_source = dev:/dev/urandom'

    Now restart Postfix:

    /etc/init.d/postfix restart

    To see if SMTP-AUTH and TLS work properly now run the following command:

    telnet localhost 25

    After you have established the connection to your postfix mail server type

    ehlo localhost

    If you see the lines

    250-STARTTLS

    and

    250-AUTH

    everything is fine.

    Type

    quit

    to return to the system's shell.
     
  5. DanceNgine

    DanceNgine New Member

    Hmm...

    I reworked this steps... Now I get the following error, when I try to "telnet localhost 25" :

    Code:
    Trying 127.0.0.1...
    telnet: connect to address 127.0.0.1: Connection refused
    Trying ::1...
    telnet: connect to address ::1: Connection refused
    
    :confused:

    Edit:

    Okay, i tried telnet localhost 25 again, and now it says "Connected to localhost. Escape character is '^]'.

    When I type ehlo localhost and press Enter, absolutely nothing happens. quit or any other command - no response. :(
     
    Last edited: Aug 29, 2005
  6. falko

    falko Super Moderator

    Restart Postfix:
    Code:
    /etc/init.d/postfix restart
     
  7. DanceNgine

    DanceNgine New Member

    Hmm... I restarted Postfix once more - same error. What the f.... :-(
     
  8. till

    till Super Moderator

    Did you get errors in mail or syslog?
     
  9. DanceNgine

    DanceNgine New Member

    I get an error in the mail log :

    Code:
    Aug 29 20:48:50 ds80-237-152-59 postfix/smtpd[7702]: fatal: parameter "smtpd_recipient_restrictions": specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit
    Hmmm... What does it mean?

    Greets
    Marcus
     
  10. till

    till Super Moderator

    Do you have this line in your main.cf?
    Code:
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    Hint: reject_unauth_destination is one word, without the space. The space is caused by the forum software!
    If not, search for the line that begins with "smtpd_recipient_restrictions" and replace it with the above line.

    Then restart postfix.
     
  11. DanceNgine

    DanceNgine New Member

    my main.cf includes this line:
    Code:
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains
    I replaced it with yours, and restarted Postfix.

    Now telnet works, here is the log :

    Code:
    220 xxl-radio.de ESMTP Postfix
    ehlo localhost
    250-xxl-radio.de
    250-PIPELINING
    250-SIZE 102400000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250 8BITMIME
    But, if I try to send a Mail from Outlook Express or Outlook the following Error apperars in the mail-log :

    Code:
    Aug 29 21:08:58 ds80-237-152-59 postfix/smtpd[8866]: warning: connect to private/tlsmgr: Connection refused
    Aug 29 21:08:58 ds80-237-152-59 postfix/smtpd[8866]: warning: problem talking to server private/tlsmgr: Connection refused
    Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: connect to private/tlsmgr: Connection refused
    Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: problem talking to server private/tlsmgr: Connection refused
    Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: no entropy for TLS key generation: disabling TLS support
    Aug 29 21:08:59 ds80-237-152-59 postfix/smtpd[8866]: warning: ip60.163.1211F-CUD12K-04.ish.de[62.143.163.60]: SASL LOGIN authentication failed
    
    :confused:

    Any Ideas?
     
  12. falko

    falko Super Moderator

    Do you have
    Code:
    inet_interfaces = all
    in /etc/postfix/main.cf?
     
  13. DanceNgine

    DanceNgine New Member

    Yes, it is.

    Here is the complete content of main.cf:

    Code:
    command_directory = /usr/sbin
    daemon_directory = /usr/lib/postfix
    unknown_local_recipient_reject_code = 550
    debug_peer_level = 2
    debugger_command =
    	 PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
    	 xxgdb $daemon_directory/$process_name $process_id & sleep 5
    sendmail_path = /usr/sbin/sendmail
    newaliases_path = /usr/bin/newaliases
    mailq_path = /usr/bin/mailq
    setgid_group = maildrop
    html_directory = /usr/share/doc/packages/postfix/html
    manpage_directory = /usr/share/man
    sample_directory = /usr/share/doc/packages/postfix/samples
    readme_directory = /usr/share/doc/packages/postfix/README_FILES
    inet_protocols = all
    biff = no
    mail_spool_directory = /var/mail
    canonical_maps = hash:/etc/postfix/canonical
    virtual_maps = hash:/etc/postfix/virtusertable
    relocated_maps = hash:/etc/postfix/relocated
    transport_maps = hash:/etc/postfix/transport
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    masquerade_exceptions = root
    masquerade_classes = envelope_sender, header_sender, header_recipient
    program_directory = /usr/lib/postfix
    masquerade_domains = 
    mydestination = $myhostname, localhost.$mydomain, $mydomain
    disable_dns_lookups = no
    mailbox_command = 
    mailbox_transport = 
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_client_restrictions = 
    smtpd_helo_required = no
    smtpd_helo_restrictions = 
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = yes
    smtpd_use_tls = yes
    smtp_use_tls = yes
    alias_maps = hash:/etc/aliases
    mailbox_size_limit = 0
    message_size_limit = 102400000
    smtpd_sasl_local_domain = 
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_tls_auth_only = no
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    home_mailbox = Maildir/
    mydomain = xxl-radio.de
    myhostname = $mydomain
    default_destination_recipient_limit = 500
    inet_interfaces = all
    
    Any Ideas? :(
     
  14. falko

    falko Super Moderator

    You should add /etc/postfix/local-host-names to mydestination:
    Code:
    mydestination = $myhostname, localhost.$mydomain, $mydomain, /etc/postfix/local-host-names
    This is normally done by the ISPConfig installer.
    Also try this:
    Code:
    smtpd_use_tls = no
    smtp_use_tls = no
    and restart Postfix:
    Code:
    /etc/init.d/postfix restart
     
  15. DanceNgine

    DanceNgine New Member

    Hi falko!

    I've tried your tips, but i still get the following error in my log-file

    Code:
    Sep  3 15:35:30 ds80-237-152-59 postfix/smtpd[9381]: warning: ip7.163.1211F-CUD12K-04.ish.de[62.143.163.7]: SASL LOGIN authentication failed
    
    Hmmm... :(
     
  16. DanceNgine

    DanceNgine New Member

    Hmm. Anyone?
     
  17. falko

    falko Super Moderator

    Is saslauthd running?
    Try
    Code:
    /etc/init.d/saslauthd restart
     
  18. DanceNgine

    DanceNgine New Member

    saslauthd was running.

    I restarted - no errors :

    Code:
    Shutting down service saslauthd                                      done
    Starting service saslauthd                                           done
    
     
  19. DanceNgine

    DanceNgine New Member

  20. lodac

    lodac New Member

    I am running into the same issues with this sasl server.
     

Share This Page