Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] upgrading roundcube to 1.4.1
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Fri Dec 27, 2019 12:48 am    Post subject: [solved] upgrading roundcube to 1.4.1 Reply with quote

I need help on upgrading roundcube from 1.3.8 to 1.4.1

After webapp-config upgrade, I can login, but I can't send mails. Initially I got smtp 250 error.

Does anyone know, which are the correct steps for this upgrade? Apparently webapp-config update is not enough. After complete re-install of roundcube 1.4.1 I can login into the new interface, but trying to send a testmail, I now (after re-install including re-creation of database) get smtp error 451, recipient could not be set 4.3.0, temporary lookup failure. I tried to completely uninstall 1.3.8 version, then installed 1.4.1 with webapp-config and finally re-created database and flushed /path/to/webroot/SQL/mysql.initial.sql. So I am back on working 1.3.8 now and I am hoping any hint can point me to the right direction.

Maybe I need to change something within postfix in the end?

On my mailclients I use mail.mydomain.com port 465 for smtp configuration, while I read that roundcube needing port 587?


Last edited by Elleni on Sat Dec 28, 2019 11:28 pm; edited 1 time in total
Back to top
View user's profile Send private message
Banana
Guru
Guru


Joined: 21 May 2004
Posts: 436
Location: Germany

PostPosted: Sat Dec 28, 2019 7:38 pm    Post subject: Reply with quote

roundcube is a PHP application, right?

Are there any lof files to look at?

Maybe this can be the problem / solution: https://forums.gentoo.org/viewtopic-t-1098880-highlight-.html
_________________
My personal space
Back to top
View user's profile Send private message
freke
Guru
Guru


Joined: 23 Jan 2003
Posts: 588
Location: Somewhere in Denmark

PostPosted: Sat Dec 28, 2019 8:26 pm    Post subject: Reply with quote

While I see my server also listens on port 465 I found this
Quote:
Port 465:
IANA has reassigned a new service to this port, and it should no longer be used for SMTP communications.

However, because it was once recognized by IANA as valid, there may be legacy systems that are only capable of using this connection method. As a result, Mailgun supports SSL connections via port 465. Typically, you will use this port only if your application demands it. A quick Google search, and you'll find many consumer Inbox Service Providers' (ISPs) articles that suggest port 465 as the recommended setup. Hopefully, this ends soon! It is not RFC compliant.
Probably that's the smtps-entry in postfix' master.cf.

I see that the mail is processed by submission (port 587) when i try to send via my Roundcube (1.4.1).

It seems like you can set the port in Roundcube's config.inc.php though -
Code:
$config['smtp_port'] = 465;


EDIT:

TBH I don't really know if port 465 should really be used or not, also found this https://www.linuxbabe.com/mail-server/enable-smtps-port-465-postfix - which seems to say that 465 is encouraged for submission?
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Sat Dec 28, 2019 11:06 pm    Post subject: Reply with quote

Although I have my server listening on port 587 too, I always used 465 on my clients (as it was the only working option). Now I tried to configure a mailclient with port 587 startls for smtp and watched the log, while trying to send a mail, and there is the following error.
Code:
postfix/submission/smtpd[3710]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
postfix/submission/smtpd[3710]: warning: mysql:/etc/postfix/sql_virtual_alias_maps.cf lookup error for "user@mydomain.com"
postfix/submission/smtpd[3710]: NOQUEUE: reject: RCPT from unknown[1.2.3.4]: 451 4.3.0 <user@mydomain.com>: Temporary lookup failure; from=<user@mydomain.com> to=<anemail@adress.com> proto=ESMTP helo=<[4.3.2.1]>
whitch explains why roundcube cannot send via 587 too.

I doublechecked that credentials in /etc/postfix/sql_virtual_alias_maps.cf are correct by issuing:
Code:
mysql -u mymailuser_account_for_sql -p and copy/pasted the password from sql_virtual_alias_maps.cf file which allowed me to login to sql from a ssh session on my mailserver.
The socket file is there:
Code:
ls -l /var/run/mysqld/mysqld.sock
srwxrwxrwx 1 mysql mysql 0 28. Dez 23:27 /var/run/mysqld/mysqld.sock

sql_virtual_alias_maps.cf:
Code:
user = mymailuser_account_for_sql
password = somepassword
hosts = localhost
dbname = mailserver_database_name
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'


And as said, sending mails through smtps port 465 works fine on mailclients (wouldn't the same /etc/postfix/sql_virtual_alias_maps.cf be used for 465?). I will now try if I can enable roundcube 1.4.1 to send via 465, but it would be nice to know, why it is not working with 587..


Last edited by Elleni on Sat Dec 28, 2019 11:30 pm; edited 1 time in total
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Sat Dec 28, 2019 11:24 pm    Post subject: Reply with quote

ok, got it working on port 465 by adding the following in config.inc.php of roundcube:
Code:
$config['smtp_server'] = 'ssl://mailserver.hostname.com';

$config['smtp_port'] = 465;
so I guess, I'll mark this thread as solved and try to find out howto enable 587 for startls too, maybe worth an own thread?

Edit to add, I also tried with temporary disabled firewall to make sure it is not a firewall issue, and it apparently is not.


Last edited by Elleni on Sat Dec 28, 2019 11:56 pm; edited 2 times in total
Back to top
View user's profile Send private message
freke
Guru
Guru


Joined: 23 Jan 2003
Posts: 588
Location: Somewhere in Denmark

PostPosted: Sat Dec 28, 2019 11:42 pm    Post subject: Reply with quote

A submission entry in /etc/postfix/master.cf should make it listen on port 587, ie. my submission andd smtps entries
Code:
submission inet n       -       n       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
  -o smtpd_helo_restrictions=
  -o smtpd_milters=inet:localhost:11332
smtps     inet  n       -       n       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
  -o smtpd_helo_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
  -o smtpd_milters=inet:localhost:11332
I don't really know why they're not enabled with the same options - probably should be, and something I should look into.
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Sat Dec 28, 2019 11:45 pm    Post subject: Reply with quote

My submission entries are
Code:
submission inet n       -       y       -       -       smtpd
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_sasl_type=dovecot
    -o smtpd_sasl_path=private/auth
    -o smtpd_sasl_security_options=noanonymous
    -o milter_macro_daemon_name=ORIGINATING
    -o smtpd_helo_required=no
    -o smtpd_helo_restrictions=
    -o cleanup_service_name=submission-header-cleanup


And smtps
Code:
smtps     inet  n       -       n       -       -       smtpd
     -o syslog_name=postfix/smtps
     -o smtpd_tls_wrappermode=yes
     -o smtpd_sasl_auth_enable=yes
     -o smtpd_reject_unlisted_recipient=no
     -o smtpd_recipient_restrictions=
     -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
     -o milter_macro_daemon_name=ORIGINATING


Last edited by Elleni on Sat Dec 28, 2019 11:53 pm; edited 2 times in total
Back to top
View user's profile Send private message
freke
Guru
Guru


Joined: 23 Jan 2003
Posts: 588
Location: Somewhere in Denmark

PostPosted: Sat Dec 28, 2019 11:52 pm    Post subject: Reply with quote

I'm nowhere qualified to guide you to edit those - I'm pretty sure I've been mostly following guides found to end up with what seems to work for my setup (on which I'm practically the only user)
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Sat Dec 28, 2019 11:54 pm    Post subject: Reply with quote

Dito. And I admit, that I am a bit scared of making changes in my postfix configs as I am afraid, I don't know enough about to understand, how and particularly why it works. I have plenty of commented out entries there too from different tries to get it to work :lol:

But maybe I'll do some try and error eventually :D

Or maybe a more qualified mate will jump in and perhaps see the maybe obvious for him reason, why the sql query is not working for submission port 587 here :twisted:
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Sun Dec 29, 2019 12:39 am    Post subject: Reply with quote

One final question on elastic skin. I can't find an option to have the same layout as in larry skin where mails are displayed under the mails list, and not right of the list as its the default. I guess that is not possible in new skin?
Back to top
View user's profile Send private message
freke
Guru
Guru


Joined: 23 Jan 2003
Posts: 588
Location: Somewhere in Denmark

PostPosted: Sun Dec 29, 2019 1:41 am    Post subject: Reply with quote

I didn't like the elastic skin layout which is why I ended up with
Code:
$config['skin'] = 'larry';
in config.inc.php ;) - dunno how configurable the layout of each skin is though.
Back to top
View user's profile Send private message
Banana
Guru
Guru


Joined: 21 May 2004
Posts: 436
Location: Germany

PostPosted: Sun Dec 29, 2019 9:25 am    Post subject: Reply with quote

What happends if you use 127.0.0.1 (or even the real IP) instead of localhost in your SQL settings?
_________________
My personal space
Back to top
View user's profile Send private message
Elleni
Veteran
Veteran


Joined: 23 May 2006
Posts: 1073

PostPosted: Mon Dec 30, 2019 12:15 am    Post subject: Reply with quote

For testing I replaced localhost with 127.0.0.1 in /etc/postfix/sql_virtual_alias_maps. That does not work either, its even worse as expected, because sql databases/users are setup related to host: localhost.
Code:
postfix/trivial-rewrite: warning: connect to mysql server 127.0.0.1: Lost connection to MySQL server at 'reading initial communication packet', system error: 2
postfix/trivial-rewrite: warning: virtual_alias_domains: mysql:/etc/postfix/sql_virtual_alias_maps.cf: table lookup problem
postfix/trivial-rewrite: warning: virtual_alias_domains lookup failure
postfix/trivial-rewrite: warning: virtual_alias_domains: mysql:/etc/postfix/sql_virtual_alias_maps.cf: table lookup problem
postfix/trivial-rewrite: warning: virtual_alias_domains lookup failure
postfix/trivial-rewrite: warning: virtual_alias_domains: mysql:/etc/postfix/sql_virtual_alias_maps.cf: table lookup problem
postfix/trivial-rewrite: warning: virtual_alias_domains lookup failure
postfix/submission/smtpd: NOQUEUE: reject: RCPT from unknown[1.2.3.4]: 451 4.3.0 <user@mydomain.com>: Temporary lookup failure; from=<user@mydomain.com> to=<anemailadress@somedomain.com> proto=ESMTP helo=<[4.3.2.1]>
postfix/submission/smtpd: lost connection after RCPT from unknown[1.2.3.4]
postfix/submission/smtpd: disconnect from unknown[1.2.3.4] ehlo=2 starttls=1 auth=1 mail=1 rcpt=0/1 commands=5/6

I think, it could work with submission settings from freke, and I will try and test them as soon as I find some time, to enable port 587. But for now, I am already happy, it works with port 465. Although it was stated that this port is depricated, I prefer using this one, as that way ssl connection is required. On 587 with startls encryption is optional and not mandatory if I understand startls correctly.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum