View previous topic :: View next topic |
Author |
Message |
radulucian Apprentice
Joined: 05 Jan 2004 Posts: 151 Location: Bucharest Romania
|
Posted: Sat Feb 24, 2007 9:19 am Post subject: |
|
|
i remember i've had this problem and used a solution that was reffering to
/var/vpopmail/etc/lib_deps
which now, for me, reads:
Code: |
-L/var/vpopmail/lib -lvpopmail -L/usr/lib/mysql -lmysqlclient -lz -lm -lcrypt
|
see if it's the same for you and if not try to move the deps files somewhere else and recompile vpopmail once more.
and i guess you could also try revdep-rebuild, but if the problem it's related to the above file it's probably not going to help.
-----------------------------------
now i have a new issue
if i enable the plugin i get this in the logs when sending email to the account here:
Quote: |
qmaild
/usr/bin/sudo -u vpopmail /var/qmail/plugins/chkuser_pg/vpopchk.sh service.account somedomain.com
sudo return: 101
Rejected by .qmail-default: service.account@somedomain.com
|
and i get back a delivery failure on the other end.
Quote: |
Delivery to the following recipient failed permanently:
service.account@somedomain.com
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 511 Sorry, no mailbox here by that name (#5.1.1)
|
i guess it's related to the same issue.
what i did to get my mail through (and might be usefull for others for the time being) is disable the plugin altogether . then everything works fine.
any clues? |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Sat Feb 24, 2007 2:04 pm Post subject: |
|
|
radulucian wrote: |
now i have a new issue :)
if i enable the plugin i get this in the logs when sending email to the account here:
Quote: |
qmaild
/usr/bin/sudo -u vpopmail /var/qmail/plugins/chkuser_pg/vpopchk.sh service.account somedomain.com
sudo return: 101
Rejected by .qmail-default: service.account@somedomain.com
|
and i get back a delivery failure on the other end.
Quote: |
Delivery to the following recipient failed permanently:
service.account@somedomain.com
Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 511 Sorry, no mailbox here by that name (#5.1.1)
|
i guess it's related to the same issue.
what i did to get my mail through (and might be usefull for others for the time being) is disable the plugin altogether . then everything works fine.
any clues? |
Sounds like you've set up some open relay or your server has not taken the settings from /etc/tcprules/tcp-smtp.
Refresh the cdb build and restart the smtp service might be all that is required.
Do you run into the same problem both with and without having the client run smtp-auth? |
|
Back to top |
|
|
PabOu Veteran
Joined: 11 Feb 2004 Posts: 1088 Location: Hélécine - Belgium
|
Posted: Mon Feb 26, 2007 10:17 pm Post subject: |
|
|
Nice guide !
However, I've found a problem with chkuser_pg :
I've created only one domain with vadddomain, let's say domain.com. This domain got only one user : postmaster, the default one.
Code: | pabou@chocolat ~ $ telnet smtphost.domain.com 25
Trying xxx.xxx.xxx.xxx...
Connected to smtphost.domain.com.
Escape character is '^]'.
220 smtphost.domain.com ESMTP
HELO paboutest.pabou.com
250 smtphost.domain.com
MAIL FROM: anyuser@anydomain.com
250 ok
RCPT TO: postmaster@domain.com
250 ok |
Result is OK.
another try, new telnet connexion :
Code: | RCPT TO: pabou@domain.com
511 Sorry, no mailbox here by that name (#5.1.1) |
Result is OK, chkuser works great !
another try, new telnet connexion :
Code: | RCPT TO: pabou@pabou.com
511 Sorry, no mailbox here by that name (#5.1.1) |
There is the problem. vpopmail doesn't have the domain pabou.com and I'm not registered with smtp-auth --> I can't use this server as a relay server. The error message should be "553 sorry, that domain isn't in my list of allowed rcpthosts" and not 511 _________________ Mangez du poulet ! |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Tue Feb 27, 2007 10:02 am Post subject: |
|
|
PabOu wrote: |
There is the problem. vpopmail doesn't have the domain pabou.com and I'm not registered with smtp-auth --> I can't use this server as a relay server. The error message should be "553 sorry, that domain isn't in my list of allowed rcpthosts" and not 511 |
Fixed - new version of chkuser_pg out on S.F.
Thanx for pointing this out. |
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Fri Mar 02, 2007 1:34 pm Post subject: |
|
|
My errors :
@4000000045e8274e23ddb97c delivery 17: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/ _________________ http://www.cremantec.com/ |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Sun Mar 04, 2007 4:33 pm Post subject: |
|
|
malty wrote: | My errors :
@4000000045e8274e23ddb97c delivery 17: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/ |
Is that for incomming or outgoing mail?
Try telnet'ing in the same direction from the same host. My first guess is a firewall issue with your ISP. |
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Sun Mar 04, 2007 6:53 pm Post subject: |
|
|
That relates to the outgoing mail (smtp), I tested with telnet it walks.
But with my customer email that does not function.
Code: | cat /var/log/qmail/qmail-send/current |
Code: | @4000000045eb1126259c2e74 delivery 51: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
@4000000045eb1126259c41fc status: local 0/10 remote 0/20
|
I have to carry out the order:
Code: | echo teste | /var/qmail/bin/qmail-inject -a nom@domain.com
|
On the other hand locally that functions _________________ http://www.cremantec.com/ |
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Wed Mar 07, 2007 7:21 pm Post subject: |
|
|
My error :
Code: | sva-01 files # ebuild /usr/local/portage/mail-mta/netqmail/netqmail-1.05-r4.ebuild digest
/usr/local/portage/mail-mta/netqmail/netqmail-1.05-r4.ebuild: line 284: syntax error near unexpected token `fi'
/usr/local/portage/mail-mta/netqmail/netqmail-1.05-r4.ebuild: line 284: ` fi if use ssl; then'
!!! ERROR: mail-mta/netqmail-1.05-r4 failed.
Call stack:
ebuild.sh, line 1511: Called die
!!! error sourcing ebuild
!!! If you need support, post the topmost build error, and the call stack if relevant. |
_________________ http://www.cremantec.com/
Last edited by malty on Thu Mar 08, 2007 6:20 am; edited 1 time in total |
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Wed Mar 07, 2007 8:30 pm Post subject: |
|
|
I found the error :
Code: | Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/ |
One should not add :
Code: | echo ":smtp.ISP.NET" > /var/qmail/control/smtproutes |
And all functions perfectly. _________________ http://www.cremantec.com/ |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Thu Mar 08, 2007 1:23 am Post subject: |
|
|
malty wrote: | I found the error :
Code: | Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/ |
One should not add :
Code: | echo ":smtp.ISP.NET" > /var/qmail/control/smtproutes |
And all functions perfectly. |
So, apparently your ISP is blocking outbound smtp connections to anywhere but their own smtp server. I'll put a note about this in the guide |
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Thu Mar 08, 2007 6:25 am Post subject: |
|
|
Why I have this error when I sendings an email?
Code: | vchkpw-smtp: password fail |
Code: |
Mar 7 22:30:09 sva-01 vpopmail[15299]: vchkpw-smtp: password fail -----------@------------.com:192.168.1.1
Mar 7 22:30:14 sva-01 vpopmail[15301]: vchkpw-smtp: (PLAIN) login success -----------@-----------.com:192.168.1.1 |
_________________ http://www.cremantec.com/ |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Thu Mar 08, 2007 9:17 am Post subject: |
|
|
malty wrote: | Why I have this error when I sendings an email?
Code: | vchkpw-smtp: password fail |
Code: |
Mar 7 22:30:09 sva-01 vpopmail[15299]: vchkpw-smtp: password fail -----------@------------.com:192.168.1.1
Mar 7 22:30:14 sva-01 vpopmail[15301]: vchkpw-smtp: (PLAIN) login success -----------@-----------.com:192.168.1.1 |
|
Set your client to not use cram authentication. It's probably set to auto, then it will try cram first.
The problem is that the server anounces that it supports cram. There should be a way to make it not announce this. I'm not sure how. |
|
Back to top |
|
|
CzesLaW n00b
Joined: 20 Feb 2007 Posts: 13
|
Posted: Thu Mar 08, 2007 5:06 pm Post subject: |
|
|
I have the same problem... it makes sending mails really slow.
Maby USE="noauthcram" when doing emerge netqmail ??
OK I've fix it:
Quote: | Setting up clear passwords for vpopmail after the fact
If you, like me, installed vpopmail without clear passwords and then realized that clear passwords are required for Cram-MD5 encryption for authentication and want to update your database, here is how I did it. Its not automatic, but it works.
Kod:
> echo "net-mail/vpopmail clearpasswd" >> /etc/portage/package.use
> emerge vpopmail qmailadmin
> mysql -u vpopmail -p
vpopmail password is in /etc/vpopmail.conf if you have forgotten it
mysql> use vpopmail;
mysql> ALTER TABLE vpopmail ADD pw_clear_passwd char(16) default NULL AFTER pw_shell;
Query OK, xx rows affected (0.01 sec)
xx denotes the number of rows (users) you have.
mysql> quit
If you have qmailadmin or vqadmin you can change the password and these will update the database with the clear password. Or you can do it the old fashioned way, the command line:
Kod:
> ~vpopmail/bin/vchangepw
Please enter the email address: user@domain.tld
Enter old password: oldPassword
Please enter password for user@domain.tld: newPassword
enter password again: newPassword
Password successfully changed.
Even if you don't update the database, you can still send and receive mail, but until you update it cram-md5 encryption for authenticating with the smtp server won't work (as it was doing before). |
I found it here: https://forums.gentoo.org/viewtopic-t-527246-highlight-vchkpw+crammd5.html |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Mon Mar 12, 2007 11:17 pm Post subject: |
|
|
CzesLaW wrote: |
Quote: | Setting up clear passwords for vpopmail after the fact
If you, like me, installed vpopmail without clear passwords and then realized that clear passwords are required for Cram-MD5 encryption for authentication and want to update your database, here is how I did it. Its not automatic, but it works.
Kod:
> echo "net-mail/vpopmail clearpasswd" >> /etc/portage/package.use
> emerge vpopmail qmailadmin
|
|
That is the way to go to make authcram work. The disadvantage is that passwords are stored in the mysql db in clear text. If there are more users on the server than myself I would not go this way.
The better way is to make the clients not use authcram. Eighter by disabeling the methode in the client config or make the server not announce authcram. The later way would be the better. But I don't know how to do it. |
|
Back to top |
|
|
Wavyx n00b
Joined: 19 Mar 2007 Posts: 5
|
Posted: Mon Mar 19, 2007 1:44 pm Post subject: |
|
|
Just for your interest, I have valias like "firstname.name@domain.tld". The problem is with the vpopchk.sh, such user are not recognised, and outputs a "101" exit code, meaning bounce no-mailbox. This is due to the "." (dot) in the USER parameter.
ex: /var/qmail/plugins/chkuser_pg/vpopchk.sh firstname.name domain.tld
To fix this, just comment the line 46 in /var/qmail/plugins/chkuser_pg/vpopchk.sh
#Change "." to ":" and all to lowercase
#USER=`echo ${USER} | ${TR} . : `
BTW, thanks a lot for the HOWTO |
|
Back to top |
|
|
CzesLaW n00b
Joined: 20 Feb 2007 Posts: 13
|
Posted: Mon Mar 19, 2007 1:52 pm Post subject: |
|
|
I am using also aliases with dot in the name and I don't have any problems...
But I am confused with the case when I want to use more than one domain with ssl encryption. How can I setup one certificate for every domain ?!? |
|
Back to top |
|
|
Wavyx n00b
Joined: 19 Mar 2007 Posts: 5
|
Posted: Mon Mar 19, 2007 10:07 pm Post subject: |
|
|
Hi,
I guess my problem is probably related to the mysql feature. My valias are stored in the base, and I don't "need" to converte "." to ":" for the usual .qmail files.
About your certificate problem, I get your point but:
1) I'm not sure the courier-imapd is able to use multiple ssl certifs according to the requested TLD (on a specific single IP address)
2) As for Apache, my opinion is you can only have a single SSL certificate by IP. I guess you can still use your main "hosting" domain as valid ssl certificate (like mail.hoster.com) for all your customers. Or maybe there is a solution with mapping a specific daemon for each IP you've got and distribute your ssl certificates along your IP's.
Does it make sense? I'm waiting for your advices. |
|
Back to top |
|
|
CzesLaW n00b
Joined: 20 Feb 2007 Posts: 13
|
Posted: Mon Mar 19, 2007 10:40 pm Post subject: |
|
|
OK, I am just using one domain for receiving and sending mails because it's a small server ... but thanks for the reply.
About your problem... am I thinking correctly, You are trying to log in using an alias for one of your mailboxes? If yes.. I think there is no option to do it. |
|
Back to top |
|
|
Wavyx n00b
Joined: 19 Mar 2007 Posts: 5
|
Posted: Tue Mar 20, 2007 10:23 am Post subject: |
|
|
No, I had just some delivering issues with valias containing "." (dots) in the the user part. The real user and simple alias (without dot) works perfectly. But as I said, with mysql valias storage, if you keep the line in vpopchk.sh the "." is replaced by ":" for the check and this never works. So, for eg, every alias with dots like "firstname.name@mydomain.com" would be bounced since vpopchk.sh will not find firstname:name@mydomain.com in the mysql database.
Another "bug" is about the clamav configuration. Since we changed the owner/group of /var/log/clamav to qscand:qscand, we should update the logrotate configuration as well:
Code: |
nano -w /etc/logrotate.d/clamav
/var/log/clamav/clamd.log {
missingok
create 640 qscand qscand
postrotate
/bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true
endscript
}
/var/log/clamav/freshclam.log {
missingok
create 640 qscand qscand
postrotate
/bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true
endscript
}
|
|
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Thu Mar 22, 2007 6:42 am Post subject: |
|
|
My errors :
Code: | Mar 22 02:04:04 sva-01 spamd[5719]: bayes: locker: safe_lock: cannot create lockfile /etc/mail/spamassassin/bayes.mutex: Permission denied |
_________________ http://www.cremantec.com/ |
|
Back to top |
|
|
CzesLaW n00b
Joined: 20 Feb 2007 Posts: 13
|
Posted: Thu Mar 22, 2007 9:34 am Post subject: |
|
|
I'm thinking that my spamassassin is not working at all... but my qmail-scanner installation went all right :/
I don't see any msgs marked with X-Spam header or with changed topic name ... strange :/
How to check if it's ok ?!
Last edited by CzesLaW on Thu Mar 22, 2007 10:30 am; edited 1 time in total |
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
|
Back to top |
|
|
malty n00b
Joined: 25 Aug 2004 Posts: 37 Location: France Nice
|
Posted: Thu Mar 22, 2007 10:30 am Post subject: |
|
|
I have another problem, when I sendings of the emails only on hotmail.fr I have an error:
Code: | @40000000460258f90dbf37ec info msg 311496: bytes 1128 from <postmaster@cremantec.com> qp 10509 uid 201
@40000000460258f90e652094 starting delivery 1: msg 311496 to remote ______@hotmail.fr
@40000000460258f90e653034 status: local 0/10 remote 1/20
@40000000460258fd0d51b8ac delivery 1: success: 205.248.106.64_accepted_message./Remote_host_said:_250_2.6.0_<460258EB.2040002@cremantec.com>_Queued_mail_for_delivery/
@40000000460258fd0d51cc34 status: local 0/10 remote 0/20
|
_________________ http://www.cremantec.com/ |
|
Back to top |
|
|
vklimovs n00b
Joined: 15 Dec 2005 Posts: 20
|
Posted: Mon Mar 26, 2007 3:30 pm Post subject: |
|
|
petterg,great guide. Everything is fine. But, i think there is a slight problem in script:
Code: |
mail chkuser_pg # ./rcptchk-pg.sh ivars.bruveris@domain.lv
E511 Sorry, no mailbox here by that name (#5.1.1)
mail chkuser_pg # vuserinfo ivars.bruveris@domain.lv
name: ivars.bruveris
passwd: $1$5MsKnvuH$slq5Vy4YxzfGs2hpyHyVw.
clear passwd: cpwd
comment/gecos: Ivars Bruveris
uid: 0
gid: 0
flags: 0
gecos: Ivars Bruveris
limits: No user limits set.
dir: /var/vpopmail/domains/domain.lv/0/ivars.bruveris
quota: 524288000S
usage: 0%
last auth: Mon Mar 26 18:23:36 2007
last auth ip: pop3
mail chkuser_pg #
|
As you see, checking does not work for usernames which contain dot. |
|
Back to top |
|
|
petterg Guru
Joined: 25 Mar 2004 Posts: 500 Location: Oslo, Norway
|
Posted: Wed Mar 28, 2007 12:29 am Post subject: |
|
|
I'll look into the valias "dot" check. I think the way to go is to make sure it returns OK for valias before the part when changing . to :
Hopefully i'll find time this weekend.
Regarding mulit-certificates on one IP - it is not posible. The reason is that the hostname that the client is connecting to has to be decrypted using the certificate.
Regarding those permission denied problems - try su to the user the process is runing as, and see if the user actually has access. I've noticed that permission denied errors sometimes occure when using symlinks. |
|
Back to top |
|
|
|