|
Hi
i have good news i installed again my centos 6.4 x86_64 so right now i have basic configuration alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = localhost.$mydomain, localhost, $mydomain mydomain = example.com myhostname = mail.example.com mynetworks = xxx.xxx.xxx.xxx/xx, 192.168.50.0/24, 127.0.0.0/8 mynetworks_style = subnet myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relay_domains = $mydestination sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt smtpd_tls_key_file = /etc/pki/tls/certs/server.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 # OS: Linux 2.6.32-358.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login listen = * log_path = /var/log/dovecot.log login_greeting = Hi everyone Welcome to exmaple!! mail_debug = yes mail_location = maildir:~/Maildir mbox_write_locks = fcntl passdb { driver = pam } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = </etc/pki/tls/certs/server.crt ssl_cipher_list = ALL:!LOW:!SSLv2 ssl_key = </etc/pki/tls/certs/server.key userdb { driver = passwd } verbose_ssl = yes using my broadband here at my house i can able to recieve using port 993 but i still have problem i cannot send file i suspect my port 25 smtp when i checked to my maillog theres no activity or information or hint please help thanks |
sorry for duplicate
|
Quote:
|
Quote:
you can do what @UnSpawn mentioned.. well i recommend @unspawn's suggestion. Also try logging in without using encryption: telnet localhost 143 login "loginname" "password" check the output and logs .. It may be a issue with dovecot, it appears that you are forcing ssl connections which is not suggested untill you know what version end users are running and what are you suppose to do with it... |
Quote:
Ohhh sorry i didnt saw the latest one, please ignore my previous comment. |
I thank you for all your time and suggestions im so happy that i can able to recieved messages using my broadbband in my house.
I wish also my postfix mailserver able to send even my Internet connection are broadband at my house. please i need your help again right now i have no idea why i cannot send or even reply my messages using thunderbird "sending of message failed. The message could not be sent because the connection SMTP mail.example.com timed out. Try again or contact your network administrator" i used ssh to access my centos 6.4, checking logfile no clues appear i believe the information is about dovecot imap log Oct 06 18:38:16 imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [xxx.xxx.xxx.xxx] Oct 06 18:38:16 imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [xxx.xxx.xxx.xxx] Oct 06 18:38:17 auth: Debug: client in: AUTH 1 PLAIN service=imap secured lip=xxx.xxx.xxx.xxx rip=xxx.xxx.xxx.xxx lport=993 rport=48866 resp=AHJzdW1vb2sAc3Vtb29rcg== Oct 06 18:38:17 auth: Debug: pam(rsumook,xxx.xxx.xxx.xxx): lookup service=dovecot Oct 06 18:38:17 auth: Debug: pam(rsumook,xxx.xxx.xxx.xxx): #1/1 style=1 msg=Password: Oct 06 18:38:17 auth: Debug: client out: OK 1 user=rsumook Oct 06 18:38:17 auth: Debug: master in: REQUEST 26214401 13730 1 1a0a5daf8e5e4da3daa6c0f0c5375fb2 Oct 06 18:38:17 auth: Debug: passwd(rsumook,xxx.xxx.xxx.xxx): lookup Oct 06 18:38:17 auth: Debug: master out: USER 26214401 rsumook system_groups_user=rsumook uid=500 gid=500 home=/home/rsumook Oct 06 18:38:17 imap-login: Info: Login: user=<rsumook>, method=PLAIN, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, mpid=13734, TLS Oct 06 18:38:17 imap(rsumook): Debug: Effective uid=500, gid=500, home=/home/rsumook Oct 06 18:38:17 imap(rsumook): Debug: maildir++: root=/home/rsumook/Maildir, index=, control=, inbox=/home/rsumook/Maildir Oct 06 18:38:20 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [xxx.xxx.xxx.xxx] Oct 06 18:38:20 imap(rsumook): Info: Disconnected: Disconnected in IDLE bytes=77/707 Oct 06 18:38:30 imap(rsumook): Info: Disconnected: Logged out bytes=219/2625 Oct 06 18:38:30 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [xxx.xxx.xxx.xxx] Oct 06 18:38:30 imap(rsumook): Info: Disconnected: Logged out bytes=882/44472 Oct 06 18:38:30 imap-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [xxx.xxx.xxx.xxx] thanks in advance. |
Quote:
Before i reformat my HDD and install new Centos6.4 i tried many times manually add exemption typing of location like xxx.xxx.xxx.xxx:143 or 110 or 993 or 995 result: No information available Unable to obtain identification status for the given site. thats why i decided to start from the scratch. now i can able to access my imap using port 993 at my house using thunderbird and broadband internet connection but the problem is about sending checking on log file from the server side, there is no clues if what kind of errors. thanks |
Quote:
|
Quote:
i will post tomorrow my step by step. |
Quote:
here is my steps: Steps on Postfix Setup under Centos 6.4 x86_64 service iptables save service iptables stop chkconfig iptables off 1. yum install postfix -y review and update main.cf ########## BASIC CONFIG ########## myhostname = mail.example.com mydomain = example.com myorigin = $mydomain inet_interfaces = all inet_protocols = all mydestination = localhost.$mydomain, localhost, $mydomain mynetworks_style = subnet mynetworks = 192.168.50.0/24, 127.0.0.0/8 relay_domains = $mydestination home_mailbox = Maildir 2. service stop and start 3. chkconfig postfix on 4. telnet localhost 25 telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'. 220 mail.example.com ESMTP Postfix ehlo localhost 250-mail.example.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:root 250 2.1.0 Ok rcpt to:myaccount 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> this is a test email message part2 . 250 2.0.0 Ok: queued as 4F17840792 quit 221 2.0.0 Bye Connection closed by foreign host. 5. yum install dovecot -y dovecot.conf: protocols = imap pop3 lmtp listen = * login_greeting = Hi everyone Welcome to mail.example.com!! 10-auth.conf: disable_plaintext_auth = no auth_mechanisms = plain login 10-mail.conf: mail_location = mail:~/Maildir 10-master.conf: unix_listener auth-userdb { mode = 0600 user = postfix group = postfix } 6. service dovecot stop/start 7. chkconfig dovecot on 8. telnet localhost 110 Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. +OK Hi everyone Welcome to mail.example.com!! user myaccount +OK pass ...... +OK Logged in. list +OK 4 messages: 1 853 2 853 3 1187 4 1171 . retr 3 +OK 1187 octets Return-Path: <...> X-Original-To: myaccount@mail.example.com Delivered-To: myaccount@mail.example.com Received: from mail.example.com (unknown [x.x.x.x) by mail.example.com (Postfix) with ESMTP id C4063407B4 for <myaccount@tmail.example.com>; Sat, 5 Oct 2013 09:53:48 +0800 (PHT) Received: from mail.example.com (localhost.localdomain [127.0.0.1]) by mail.example.com (8.13.8/8.13.8) with ESMTP id r951rhQx001006 for <mail.example.com>; Sat, 5 Oct 2013 09:53:43 +0800 Received: (from root@localhost) by mail.example.com (8.13.8/8.13.8/Submit) id r951rg2p001000 for mail.example.com; Sat, 5 Oct 2013 09:53:42 +0800 From: mail.example.com To: @mail.example.com Cc: Subject: 224 - test - Saturday Date: Sat, 05 Oct 2013 09:53:40 +0800 (PHT) Message-Id: <1380938020.31152.1@gmail.example.com> testing 9. Installing cyrus-sasl yum -y install cyrus-sasl* Package cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-ntlm-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-devel-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-ldap-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-sql-2.1.23-13.el6_3.1.x86_64 already installed and latest version Package cyrus-sasl-gssapi-2.1.23-13.el6_3.1.x86_64 already installed and latest version rpm -qa | grep cyrus-sasl cyrus-sasl-lib-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-ntlm-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-gssapi-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-ldap-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-plain-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-sql-2.1.23-13.el6_3.1.x86_64 cyrus-sasl-devel-2.1.23-13.el6_3.1.x86_64 10. update smtpd.conf pwcheck_method: saslauthd mech_list: plain login 11. review and update saslauthd from PAM change to SHADOW SOCKETDIR=/var/run/saslauthd MECH=shadow FLAGS= service postfix stop service saslauthd stop service postfix start service saslauthd start [root@ns2 ~]ps -ef | grep sasl root 16589 1 0 08:14 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 16591 16589 0 08:14 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 16592 16589 0 08:14 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 16593 16589 0 08:14 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 16594 16589 0 08:14 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 16948 6899 0 08:37 pts/0 00:00:00 grep sasl [root@ns2 ~]saslauthd -a pam saslauthd[16962] :detach_tty : Cannot start saslauthd saslauthd[16962] :detach_tty : Another instance of saslauthd is currently running [root@ns2 ~]service saslauthd stop [root@ns2 ~]# saslauthd -a pam [root@ns2 ~]# ps -ef | grep sasl root 17006 1 0 08:40 ? 00:00:00 saslauthd -a pam root 17007 17006 0 08:40 ? 00:00:00 saslauthd -a pam root 17008 17006 0 08:40 ? 00:00:00 saslauthd -a pam root 17009 17006 0 08:40 ? 00:00:00 saslauthd -a pam root 17010 17006 0 08:40 ? 00:00:00 saslauthd -a pam root 17013 6899 0 08:40 pts/0 00:00:00 grep sasl [root@ns2 ~]# service saslauthd restart Stopping saslauthd: [ OK ] Starting saslauthd: [ OK ] [root@ns2 ~]# ps -ef | grep sasl root 17041 1 0 08:41 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 17043 17041 0 08:41 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 17044 17041 0 08:41 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 17045 17041 0 08:41 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 17046 17041 0 08:41 ? 00:00:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow root 17049 6899 0 08:41 pts/0 00:00:00 grep sasl [root@ns2 ~]postconf -a cyrus dovecot [root@ns2 ~]postconf -A cyrus 12. update main.cf ##### SASL ##### smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_seurity_options = noanonymous smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination 13. update dovecot/master.cf service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes =========== service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes =========== # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0666 } =========== SASL Testing: saslpasswd2 - myaccount enter password: [root@ns2 ~]# sasl2-sample-server -s rcmd -p 8000 trying 2, 1, 6 trying 10, 1, 6 bind: Address already in use accepted new connection send: {53} PLAIN LOGIN ANONYMOUS NTLM CRAM-MD5 GSSAPI DIGEST-MD5 recv: {5} PLAIN recv: {1} Y recv: {23} myaccount[0]myaccount[0]mypassword successful authentication 'myaccount' closing connection other console: [root@ns2 ~]# sasl2-sample-client -s rcmd -p 8000 -m PLAIN 127.0.0.1 receiving capability list... recv: {53} PLAIN LOGIN ANONYMOUS NTLM CRAM-MD5 GSSAPI DIGEST-MD5 PLAIN LOGIN ANONYMOUS NTLM CRAM-MD5 GSSAPI DIGEST-MD5 please enter an authentication id: myaccount please enter an authorization id: myaccount Password: send: {5} PLAIN send: {1} Y send: {23} myaccount[0]myaccount[0]mypassword successful authentication closing connection [root@ns2 ~]# [root@ns2 ~]# testsaslauthd -u myaccount -p mypassword 0: NO "authentication failed" [root@ns2 ~]# Testing SMTP authentication: perl -MMIME::Base64 -e 'print encode_base64("\000myaccount\000mypassword");' [root@ns2 postfix]# telnet mail.example.com 25 Trying x.x.x.x... Connected to mail.example.com. Escape character is '^]'. 220 mail.example.com ESMTP Postfix ehlo localhost 250-mail.example.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN auth plain AHJzdW1vb2sAc3Vtb29rcg== 235 2.7.0 Authentication successful ================================== sending testing: mail -vs "sasl test" myaccount@mydomain < /etc/passwd Mail Delivery Status Report will be mailed to <root>. ================================== 14. TLS Authentication a. create SSL certificate /etc/pki/tls/certs - make server key openssl rsa -in server.eky -out server.key make server.csr openssl x509 -in server.csr -out server.crt req -signkey server.key -days 365 results: cd /etc/pki/ttls/certs -rw-r--r--. 1 root root 651083 Apr 7 2010 ca-bundle.trust.crt -rw-r--r--. 1 root root 571450 Apr 7 2010 ca-bundle.crt -rw-r--r--. 1 root root 2242 Mar 5 2013 Makefile -rwxr-xr-x. 1 root root 610 Mar 5 2013 make-dummy-cert -rw-------. 1 root root 1679 Oct 5 15:39 server.key -rw-------. 1 root root 1135 Oct 5 15:40 server.csr -rw-r--r--. 1 root root 1468 Oct 5 15:41 server.crt update main.cf ##### TLS Only ##### smtpd_tls_key_file = /etc/pki/tls/certs/server.key smtpd_tls_cert_file = /etc/pki/tls/certs/server.crt smtpd_tls_security_level = may smtpd_tls_loglevel = 1 smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtpd_tls_auth_only = no update dovecot for ssl certification location: 10-ssl.conf ssl = yes ssl_cert = </etc/pki/tls/certs/server.crt ssl_key = </etc/pki/tls/certs/server.key ssl_cipher_list = ALL:!LOW:!SSLv2 service dovecot restart service postfix restart ======================== Client configuration a. Thunderbird IMAP Setting: Server setting: port 993 Security settings: ssl/tls Normal password SMTP Setting: Outgoing server: STARTLS, no authentication ========================= Thanks |
Hi
i dont know if the problem why i cant send outside if im using broadband internet connection i tried to telnet my remote server using my macintosh command: telnet x.x.x.x 25 trying x.x.x.x telnet: connect to address x.x.x.x: connection refused telnet: Unable to connect to remote host thanks |
maybe this is the reason why i cant send email outside
thanks |
may be your machine at home is not able to communicate to your machine with the postfix server configs...
EDIT: with your output from telnet i can say this is the reason but not sure, will review this.. |
Quote:
using my broadband internet connection thanks |
Hi
just want to ask if someone already review and idea if what possible error. thanks |
| All times are GMT -5. The time now is 05:56 PM. |