maillog error found
Hi
I have postfix in my centos 6.4 testing in same lan ip address i can able to connect thru thunderbird and any mail apps. but when i go home using my laptop i trying to setup my account in thunderbird i got always failed to connect check username and password but i believe it is correct. so what i did is to get the logfile under maillog logfile: set to auto for SSL Oct 4 09:43:47 mail dovecot: imap-login: Aborted login (no auth attempts): rip=180.191.139.31, lip=10.0.0.2 Oct 4 09:43:47 mail dovecot: imap-login: Aborted login (no auth attempts): rip=180.191.139.31, lip=10.0.0.2 logfile: IMAP forcing to port 993, SSL/TLS and authetication Autodetect SMTP forcing to port 25, None and Autodetect Oct 4 10:27:44 mail dovecot: imap-login: Disconnected (no auth attempts): rip=180.191.139.31, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 i was hoping someone can help and fix thanks |
Quote:
|
Quote:
Hi searching in google last 2 weeks ago and till now still not fix. i wish someone can guide me and pinpoint the exact problem of my configuration. thanks |
So you need some pre-requisites;
1. A DNS 'A' record to be set at a minimum. 2. check if you are able to Code:
telnet your_mail_server.com 25 This could be of help. |
hi cheesewizz, what SAbhi is pointing out. It works okay on your Local network.
But to work outside your LAN, you need to configure postfix on these items below: 1. DNS Host Record "A" record (configure on your DNS server or in your ISP) 2. Domain Name 3. If you are behind a firewall, or your server is on DMZ. You will need to do port forwarding. Natted IP to Public IP and of course also Public IP to Natted IP (which is the IP Address of your server) 4. On your server, router or firewall you need to open the ports to the external world such as port 25,port 993, port 465 or check postfix documentation which ports are needed NOTE: don't open all the ports you will get a nasty surprise, just open the ports needed 5. Once you configured to open the ports in your router or firewall and have setup the port forwarding also. You need to check in SELINUX CentOS Firewall if indeed the ports are open. (but I believe its open since it works on your LAN but it doesn't hurt to double check) 6. To check if the ports are open to the external world. You can use dyndns port checker tool. http://dyn.com/support/ (scroll down to Open Port Tool, you will need an account to use the tool) Good luck!!! |
Quote:
Seems to be getting to it OK, but the SSL handshake is failing. Check your SSL setup (presumably it is not used on LAN?). Maybe Tbird is rejecting it for being self-signed or not matching the servername? |
Quote:
My Postfix mail its not behind the firewall my public ip is directly assigned I disable the ipables. the domain name its working fine port 25, 993,465 or 995 are open headeache :( |
Quote:
thanks |
Quote:
Now, check your SSL setup (presumably it is not used on LAN?). Maybe Tbird is rejecting it for being self-signed or not matching the servername? |
Quote:
How do i check my SSL setup? thanks |
from the site that you followed, set the settings below just to isolate whether SASL is causing the issue.
if it doesn't work, revert it back to the original settings. smtpd_sasl_auth_enable = no broken_sasl_auth_clients = no try adding this one as well: smtpd_tls_security_level = none if it works without the tls security then you need to consider looking on the certificate files that you generated http://www.krizna.com/centos/setup-m...r-in-centos-6/ Quote:
|
in dovecot.conf
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> ssl = no |
Aah why there are multiple meanings derived from my post ??
check back to telnet the server to port 25... see how its rejecting the connections .. share what's there in /etc/postfix/master.cf the issue may lies there if connections are rejected by SASL. |
Quote:
Hi Using telnet before it was ok but now [root@mail postfix]# telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'. 220 mail.example.com ESMTP Postfix ehlo localhost 250-mail.example.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: root 250 2.1.0 Ok rcpt to: rtest 554 5.7.1 <localhost[::1]>: Client host rejected: Access denied [root@mail postfix]# telnet mail.example.com 25 Trying xxx.xxx.xxx.xxx Connected to mail.example.com. Escape character is '^]'. 220 mail.example.com ESMTP Postfix ehlo localhost 250-mail.example.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from: root 250 2.1.0 Ok rcpt to: rtest 554 5.7.1 <mail.example.com[xxx.xxx.xxx]>: Client host rejected: Access denied 554 5.5.1 Error: no valid recipients thanks ---------- Post added 10-05-13 at 12:52 AM ---------- Quote:
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> #ssl = yes |
Quote:
ok i modified some but stil got failed Oct 5 08:52:46 mail dovecot: imap-login: Aborted login (no auth attempts): rip=180.191.139.31, lip=10.0.0.2 Oct 5 08:52:47 mail dovecot: imap-login: Aborted login (no auth attempts): rip=180.191.139.31, lip=10.0.0.2 |
All times are GMT -5. The time now is 12:56 AM. |