|
here is my main.cf
[root@mail postfix]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = no command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = example.com myhostname = mail.example.com myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sender_bcc_maps = hash:/etc/postfix/sender_bcc sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = no smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = cyrus smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_received_header = yes smtpd_tls_security_level = none smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 [root@mail postfix]# |
master.cf
# ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd #submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt -o smtpd_reject_unlisted_sender=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o broken_sasl_auth_clients=yes # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - qmqpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # #maildrop unix - n n - - pipe # flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} # # ==================================================================== |
maillog file:
Oct 5 08:59:23 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.92.56.74, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 Oct 5 08:59:23 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.92.56.74, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 Oct 5 08:59:23 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.92.56.74, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 |
Maillog:
Oct 5 08:59:23 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.92.56.74, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 Oct 5 08:59:23 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.92.56.74, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 Oct 5 08:59:23 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.92.56.74, lip=10.0.0.2, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42 |
Quote:
Quote:
You also still seem to have an SSL problem. |
I have BIND which installed same machine
here is my config: $ttl 38400 @ IN SOA mail.example.com. root.mail.example.com. ( 930201302 10801 3600 604800 38400 ) @ IN NS mail.example.com. @ IN MX 11 mail.example.com. mail.example.com. IN A xxx.xxx.xxx.xxx www IN CNAME mail.example.com. thanks |
yesterday i setup new centos 6.4 in other machine
with postfix basic setup postfix is up and dovecot is up but ssl not yet configure still in same network or subnet i can able to connect using thunderbird send and recieved but if im going to connect using other Internet Connection for example broadband still im getting failed i checked on the log maillog Oct 5 11:12:25 ns2 dovecot: imap-login: Aborted login (no auth attempts): rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx settings under thunderbird: Incoming IMAP Server hostname: xxx.xxx.xxx.xxx Port: 143 SSL: none Authentication : Autodetect Outgoing: SMTP Server hostname: xxx.xxx.xxx.xxx Port:25 SSL: none Authentication: No Authentication so meaning i dont have SSL in my centos 6.4 but i still got error thanks |
Hi
i followed this site to enable the logging here is my log: Oct 05 11:29:39 auth: Debug: client out: OK 1 user=rsumook Oct 05 11:29:39 auth: Debug: master in: REQUEST 2933260289 2348 1 09b0344d35547bcdee746a337b3d17e5 Oct 05 11:29:39 auth: Debug: passwd(rsumook,119.92.56.75): lookup Oct 05 11:29:39 auth: Debug: master out: USER 2933260289 rsumook system_groups_user=rsumook uid=500 gid=500 home=/home/rsumook Oct 05 11:29:39 pop3-login: Info: Login: user=<rsumook>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, mpid=2352, secured Oct 05 11:29:39 pop3(rsumook): Debug: Effective uid=500, gid=500, home=/home/rsumook Oct 05 11:29:39 pop3(rsumook): Debug: maildir++: root=/home/rsumook/Maildir, index=, control=, inbox=/home/rsumook/Maildir Oct 05 11:29:39 pop3(rsumook): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 Oct 05 11:32:24 master: Warning: Killed with signal 15 (by pid=2368 uid=0 code=kill) Oct 05 11:32:25 master: Info: Dovecot v2.0.9 starting up (core dumps disabled) Oct 05 11:32:38 auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Oct 05 11:32:38 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Oct 05 11:32:38 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so Oct 05 11:32:38 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Oct 05 11:32:38 auth: Debug: auth client connected (pid=2392) Oct 05 11:32:38 auth: Debug: client in: AUTH 1 PLAIN service=pop3 secured lip=xxx.xxx.xxx.xxx rip=xxx.xxx.xxx.xxx lport=110 rport=52214 resp=AHJzdW1vb2sAc3Vtb29rcg== Oct 05 11:32:38 auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Oct 05 11:32:38 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Oct 05 11:32:38 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so Oct 05 11:32:38 auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libmech_gssapi.so Oct 05 11:32:38 auth: Debug: pam(rsumook,xxx.xxx.xxx.xxx): lookup service=dovecot Oct 05 11:32:38 auth: Debug: pam(rsumook,xxx.xxx.xxx.xxx): #1/1 style=1 msg=Password: Oct 05 11:32:38 auth: Debug: client out: OK 1 user=rsumook Oct 05 11:32:38 auth: Debug: master in: REQUEST 562561025 2392 1 706a93a28533dcfc7c55ce4f0264d18f Oct 05 11:32:38 auth: Debug: passwd(rsumook,xxx.xxx.xxx.xxx): lookup Oct 05 11:32:38 auth: Debug: master out: USER 562561025 rsumook system_groups_user=rsumook uid=500 gid=500 home=/home/rsumook Oct 05 11:32:38 pop3-login: Info: Login: user=<rsumook>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, mpid=2398, secured Oct 05 11:32:38 pop3(rsumook): Debug: Effective uid=500, gid=500, home=/home/rsumook Oct 05 11:32:38 pop3(rsumook): Debug: maildir++: root=/home/rsumook/Maildir, index=, control=, inbox=/home/rsumook/Maildir Oct 05 11:32:38 pop3(rsumook): Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 Oct 05 11:32:51 auth: Debug: auth client connected (pid=2403) Oct 05 11:32:52 imap-login: Info: Aborted login (no auth attempts): rip=xxx.xxx.xxx.xxx1, lip=xxx.xxx.xxx.xxx |
Quote:
and see below for master.cf: Quote:
|
Quote:
i revert it back alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = mail.example.com myhostname = mail.example.com myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sender_bcc_maps = hash:/etc/postfix/sender_bcc sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = cyrus smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 master.cf smtp inet n - n - - smtpd #submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_reject_unlisted_sender=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o broken_sasl_auth_clients=yes # -o milter_macro_daemon_name=ORIGINATING smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes -o smtpd_reject_unlisted_sender=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o broken_sasl_auth_clients=yes # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - qmqpd but i still get error: Oct 5 14:33:20 mail dovecot: imap-login: Disconnected (no auth attempts): rip=112.72.46.74, lip=10.0.0.2 Oct 5 14:37:24 mail dovecot: imap-login: Disconnected (no auth attempts): rip=119.93.123.187, lip=10.0.0.2 thanks |
I still get error (no auth attempts)
im so hopeless ;( |
Quote:
|
Quote:
|
Quote:
http://nl.globalsign.com/en/support/...l+certificate/ check it out it might help. got the idea from this link: http://www.dovecot.org/list/dovecot/...ry/062981.html Cheers!! hope you nail it. Keep us posted. |
Quote:
|
| All times are GMT -5. The time now is 03:26 PM. |