View previous topic :: View next topic |
Author |
Message |
Proteus Guru
Joined: 14 Jul 2002 Posts: 346 Location: Hamburg, Germany
|
Posted: Mon Jul 07, 2003 5:08 pm Post subject: |
|
|
Here is my output when I telnet into the server and EHLO it:
Quote: | telnet 192.168.0.10 25
Trying 192.168.0.10...
Connected to 192.168.0.10.
Escape character is '^]'.
220 helios.liquid.net ESMTP Postfix
EHLO helios.liquid.net
250-helios.liquid.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-XVERP
250 8BITMIME
|
I don't see a difference though... _________________ Greetings,
Proteus |
|
Back to top |
|
|
tekM n00b
Joined: 25 Jun 2003 Posts: 29 Location: Tucson, AZ
|
Posted: Mon Jul 07, 2003 5:33 pm Post subject: sasl woes |
|
|
Ok, here is where Im at now. Ive disabled TLS altogther for the moment to work my sasl problems. From a remote site with Kmail config'd to use smtp auth, Ive got encryption set to none and plain. Here is what I get:
Sending failed:
One of the recipients was not accepted.
The server responded: "<my@email.com>: Recipient address rejected: Relay access denied "
Here is my current main.cf:
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
inet_interfaces = $myhostname, localhost
mydestination = $myhostname, localhost.$mydomain, $mydomain
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
home_mailbox = .maildir/
relay_domains = $mydestination
mynetworks = 192.168.2.0/24,127.0.0.0/8
#smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
#smtpd_tls_key_file = /etc/postfix/ssl/newreq.pem
#smtpd_tls_cert_file = /etc/postfix/ssl/newcert.pem
#smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
#smtpd_tls_loglevel = 3
#smtpd_tls_received_header = yes
#smtpd_tls_session_cache_timeout = 3600s
#tls_random_source = dev:/dev/urandom
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,check_relay_domains _________________ >tek< |
|
Back to top |
|
|
Proteus Guru
Joined: 14 Jul 2002 Posts: 346 Location: Hamburg, Germany
|
Posted: Mon Jul 07, 2003 6:03 pm Post subject: |
|
|
This is my main.cf: Quote: |
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
mail_owner = postfix
inet_interfaces = $myhostname, localhost
mydestination = $myhostname, localhost.$mydomain
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.0.0/24,127.0.0.1/8
relay_domains = $mydestination
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
home_mailbox = .maildir/
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 10
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /etc/postfix/sample
readme_directory = /usr/share/doc/postfix-2.0.9
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
smtp_sasl_security_options =
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains
smtpd_use_tls=yes
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom |
_________________ Greetings,
Proteus |
|
Back to top |
|
|
Bangz Tux's lil' helper
Joined: 23 Jan 2003 Posts: 148 Location: Brisbane/Austrralia
|
Posted: Mon Jul 14, 2003 4:08 am Post subject: |
|
|
edit.
Last edited by Bangz on Mon Jul 14, 2003 11:31 am; edited 1 time in total |
|
Back to top |
|
|
Bangz Tux's lil' helper
Joined: 23 Jan 2003 Posts: 148 Location: Brisbane/Austrralia
|
Posted: Mon Jul 14, 2003 4:33 am Post subject: |
|
|
edit.
Last edited by Bangz on Mon Jul 14, 2003 11:31 am; edited 1 time in total |
|
Back to top |
|
|
Bangz Tux's lil' helper
Joined: 23 Jan 2003 Posts: 148 Location: Brisbane/Austrralia
|
Posted: Mon Jul 14, 2003 11:30 am Post subject: |
|
|
Is it possible to extend the current guide (or tell me how) to actually make the server a fully fledged mail server?
It's working awesome at the moment, the local server is d'l the messages without a problem, the workstations d'l the email from the local server and they also send through the local server, which then forwards it to my ISP.
How can I extend this to make my local server an actually mail server which can by itself accept emails for the local box? |
|
Back to top |
|
|
Proteus Guru
Joined: 14 Jul 2002 Posts: 346 Location: Hamburg, Germany
|
Posted: Tue Jul 15, 2003 4:06 pm Post subject: |
|
|
I would assume (someone has previously stated such behaviour in this thread) that the server is already capable of receiving mail by itself. All you need is a valid MX-DNS-record. Some dyn-ip services offer it, I believe.
I am not sure how one can change the server's behaviour to not use you isp's smtp server, however.
I, too, would like to know a lot more about postfix as a full-fledged mail server. But tutorials/docu for that stuff is either hard to find or hard to understand or both... _________________ Greetings,
Proteus |
|
Back to top |
|
|
Bangz Tux's lil' helper
Joined: 23 Jan 2003 Posts: 148 Location: Brisbane/Austrralia
|
Posted: Thu Jul 17, 2003 7:29 am Post subject: |
|
|
I got it working as a "fully fledged Mail server".
Today I spent time configuring my DNS and getting it going. Setup my MX record and everything in BIND, then I tried to send an email to myself (bangers@mail.home.threeten.com) and it was rejected. "recipient is myself" error.
So I added mail.home.threeten.com into mydestination variable in main.cf, and it has worked fine!
Cheers |
|
Back to top |
|
|
Proteus Guru
Joined: 14 Jul 2002 Posts: 346 Location: Hamburg, Germany
|
Posted: Thu Jul 17, 2003 9:42 am Post subject: |
|
|
Great that you made it working! _________________ Greetings,
Proteus |
|
Back to top |
|
|
DanWSB n00b
Joined: 15 Jul 2002 Posts: 24
|
Posted: Fri Jul 25, 2003 4:35 am Post subject: |
|
|
This is almost working perfectly for me, bravo! My only problem comes when I try to access my IMAP server via Outlook Express. I get the following error:
"PLAIN authentication failed. None of the authentication methods supported by your IMAP server (if any) are supported on this computer." -- yet Thunderbird under Win works fine.
So I'm unsure as to where I'm going wrong. Could someone point me in the right directoin? |
|
Back to top |
|
|
glamdringlfo n00b
Joined: 30 Jul 2003 Posts: 15 Location: Grand Rapids, MI
|
Posted: Fri Aug 01, 2003 6:43 pm Post subject: |
|
|
Dudes, excellent guides, one and all.
Beowulf:
The main guide was very helpful. It took me several tries to get things goin, and I'm still trying to make sure that fetchmail and procmail are doing what I want. But the squirrelmail part went up without a hitch, as did the courier-imap part, and the postfix (I had tried several times in the past to get postfix going, to no avail).
Chris:
I have high hopes for the bogomail thing...it looks like it works, I just haven't received any spam to check it with yet!
Proteus:
Same to you. Everything appears to be working fine, it's just a matter of time before I train all the spamfilters (and I get tons of SPAM, so that shouldn't take too long.
-----
A few suggestions:
It might be worth while to spend some time constructing different examples for the main guide. I found myself scratching my head several times to figure out which username I should use for which setting (since mine are all different, and yours are all the same), but eventually I think I got it figured out.
I had one or two more, but my brain is mush, so I'll post them later if I think of them.
Still, it is an excellent guide, and following it very carefully, works fine for me (like I said, I think I broke procmail and fetchmail, but I can't think too hard right now so I'll have at it again later, and post the results).
I'm still trying to get mail sending to work, but I'm in a somewhat different situation.
My workstation connects to the net through a router box running slackware (my goal is to replicate this setup on that box as soon as I can figure out how), so I naturally did everything on my gentoo box, but that made some things weird, what with the hostname config and all. I think I've got that ironed out, once I made sure to forward the appropriate ports through the firewall to my box.
The only flaw in my setup now is that I have to use Windows XP several times a week to work with high-powered (and high cost) audio apps for which I haven't found Linux equivalents. I want to be careful that I don't get important mail stranded between OSes, so if I can get the imap thing w/ fetchmail going on the router box (so I can access it in either linux or windows, or from any outside host (eg at work)) I will be a *VERY* happy camper.
But this guide will be indispensible in that venture, I think, because of the excellent configuration file walk throughs.
Once again, thank you.
Skal!
Glamdringlfo |
|
Back to top |
|
|
glamdringlfo n00b
Joined: 30 Jul 2003 Posts: 15 Location: Grand Rapids, MI
|
Posted: Fri Aug 01, 2003 8:05 pm Post subject: |
|
|
OK, so I feel pretty dumb.
The reason that procmail/fetchmail wasn't working was that I had a type on my .procmailrc.
Oh yeah, and I forgot to turn on cron.
Anyway, the receiving seems to be going good now, and I'm training the filters, so they should start kicking in (they add their tags to the message headers, they just don't know about spam yet) soon.
Now it's just the outgoing mail (and hopefully, after that, receiving mail locally from outside). Hopefully it'll be as simple and stupid as the above, but not likely. We'll see.
Good luck.
Skal!
Glamdringlfo |
|
Back to top |
|
|
puddpunk l33t
Joined: 20 Jul 2002 Posts: 681 Location: New Zealand
|
Posted: Tue Sep 02, 2003 11:57 am Post subject: |
|
|
Hey man,
Thanks for posting here, and those suggestions I'm sure won't have fallen on deaf ears *pokes beowulf*.
Personally, I've used this guide to install 4 actual mailservers (i.e. central servers) for households with 4 and greater people. Great work! |
|
Back to top |
|
|
-leliel- Apprentice
Joined: 03 May 2003 Posts: 294 Location: Germany
|
Posted: Fri Sep 05, 2003 2:48 pm Post subject: |
|
|
Hi,
all works fine since a lot of time working on the mailserver ... instead of sending mails.
Mails will be send fine, but not bounced through my internet smtp server.
This is a spamassassin-header from my own mails sent to myself:
Quote: | X-Spam-Status: No, hits=2.7 required=7.5
tests=AWL,RCVD_IN_NJABL,RCVD_IN_OSIRUSOFT_COM,
USER_AGENT_ENTOURAGE,X_OSIRU_OPEN_RELAY
version=2.55 |
X_OSIRU_OPEN_RELAY (2.9 points) RBL: DNSBL: sender is Confirmed Open Relay
RCVD_IN_NJABL (0.9 points) RBL: Received via a relay in dnsbl.njabl.org
[RBL check: found 14.203.224.217.dnsbl.njabl.org., type: 127.0.0.3]
RCVD_IN_OSIRUSOFT_COM (0.6 points) RBL: Received via a relay in relays.osirusoft.com
[RBL check: found 102.168.160.217.relays.osirusoft.com.]
My internet smtp server is a trusted mailserver, not an openrelay, so the openrelay must be my own local mailserver. What's wrong??
this is very urgent, 'cause some companys don't accept my mails.
thanks a lot |
|
Back to top |
|
|
dr_strange Guru
Joined: 16 Apr 2002 Posts: 480 Location: Cambridge, UK
|
Posted: Sat Sep 13, 2003 5:19 pm Post subject: |
|
|
Help me please, all of a sudden my IMAP server does not recognize my system username and/or password. AFAIK I have not changed any conf files or anything. I have tried to restart courier-imap-ssl and authdaemond, to no avail. What can I do? |
|
Back to top |
|
|
Weejoker n00b
Joined: 11 Sep 2002 Posts: 69 Location: Scotsman in England
|
Posted: Sat Sep 20, 2003 4:44 pm Post subject: |
|
|
Hi,
I'm having a few problems with stage 3.3:
Code: | weejoker root # echo "pwcheck_method: sasldb" > /usr/lib/sasl2/smtpd.conf
weejoker root # cat /usr/lib/sasl2/smtpd.conf
pwcheck_method: sasldb
weejoker root # rm /etc/sasl2/sasldb2
weejoker root # saslpasswd2 -c -u localnet -a smtpauth weejoker
Password:
Again (for verification):
weejoker root # /usr/sbin/sasldblistusers2
weejoker@localnet: userPassword |
As you can see I'm missing the first line when compared to beowulfs guide:
Code: | root@server # /usr/sbin/sasldblistusers
beowulf@beowulf.bounceme.net: cmusaslsecretOTP
beowulf@beowulf.bounceme.net: userPassword |
Can anyone point me in the correct direction as how to solve this problem?
Cheers,
John |
|
Back to top |
|
|
peje Tux's lil' helper
Joined: 11 Jan 2003 Posts: 100
|
Posted: Sat Sep 20, 2003 7:19 pm Post subject: troubles with bogotrainer |
|
|
First tanx for this howto. I can't get bogofilter to work.
When I want to run bogotrainer I just get:
bash-2.05b# su peje
bash-2.05b$ ~/bin/bogotrainer
File "/home/peje/bin/bogotrainer", line 15
if dir[len(maildir):len(maildir) + 5] == ".Spam":
^
IndentationError: expected an indented block
bash-2.05b$
Any hints? |
|
Back to top |
|
|
jhboricua Tux's lil' helper
Joined: 07 May 2002 Posts: 113
|
Posted: Sun Sep 21, 2003 5:16 pm Post subject: |
|
|
Guys, I'm not perfectly clear on this after reading all the thread so I'll ask.
I have my own domain and I don't want to relay to my ISP's smtp server but to send it directly from my box. I still want to be able to authenticate from outside my network. How does that affects steps 3.2, 3.3 and 3.4? |
|
Back to top |
|
|
EugeneTSWong n00b
Joined: 18 Sep 2003 Posts: 45
|
Posted: Mon Sep 22, 2003 8:18 pm Post subject: Thanks. |
|
|
Thanks for the documentation. I must admit, that I haven't tried it yet, & I did find much of this very confusing, but we'll have to see how it works.
I suggest that some people go through the entire thread, & edit out any redundant material. I find that it is very difficult to read through 7 pages. |
|
Back to top |
|
|
numerodix l33t
Joined: 18 Jul 2002 Posts: 743 Location: nl.eu
|
Posted: Mon Sep 22, 2003 9:19 pm Post subject: |
|
|
Brilliant guide!!
I managed to get some basic functionality working, I can connect to imaps, I can send mail through postfix unencrypted. But I can't get the TLS to work. At first the logs indicated there was something wrong with my certificates, I made sure all the entries were present (country, location etc), now that messages doesn't come up anymore. Instead I get this:
Code: | Sep 22 22:56:12 [postfix/smtpd] starting TLS engine
Sep 22 22:56:12 [postfix/smtpd] connect from unknown[10.0.0.9]
Sep 22 22:56:12 [postfix/smtpd] disconnect from unknown[10.0.0.9]
|
It's a home network and I'm doing this throught the root account on the server. I've never tried ssl with smtp before so I assumed all I had to do was check for "use ssl" in Outlook Express and send. I also have Norton running, which I tried turning off, but I keep getting this message:
Code: | The connection to the server has failed. Account: 'account-name', Server: '10.x.x.x', Protocol: SMTP, Port: 25, Secure(SSL): Yes, Socket Error: 10061, Error Number: 0x800CCC0E |
[EDIT: ] { Still no luck with Outlook Express and Evolution but I did get smtp with ssl working in Kmail. In the account prefs, I click for "check what server supports" and I get tls and digest-md5 checked in the box. With those settings I can send mail. Evidently something does work afterall, I just wonder what I need to get it working in other mail clients. Incidentally, I don't like kmail.. }
[EDIT 2: ] {Wohoo, using "check for supported types" in Evolution, I managed to get it working, with ssl and digest-md5, as above. The only problem is that sending a message takes half an hour, while in kmail it takes an instant.}
Another thing is that the mail sent never goes through my ISP, I assume it should show in the mail header and it's not there. I'm unsure if there's an MX entry on the domain, which is dyndns.org supplied. I did define an ISP smpt as instructed.
Q. How do I get mail sent to be stored in the sent folder? Here it just seems to disappear. _________________ undvd - ripping dvds should be as simple as unzip
Last edited by numerodix on Tue Sep 23, 2003 11:56 am; edited 4 times in total |
|
Back to top |
|
|
dagarath n00b
Joined: 23 Sep 2003 Posts: 2
|
Posted: Tue Sep 23, 2003 5:53 am Post subject: use fetchmail to split a multidrop box |
|
|
puddpunk wrote: | Just one thing, I pull mail from a mailbox on my ISP (I'll have some examples later), the mailbox has 4 alias's pointing to it, so I want to split what i download from that mailbox into 4 different accounts (all have accounts on the linux server).
i.e. I have 4 linux users (with home dirs etc...) chris, russell, sue and steve. I have a main account, e.g. mainmail@isp.com. But my ISP has set it up so chris.rs@isp.com, russell.rs@isp.com, sue.rs@isp.com, steve.rs@isp.com gets dumped into mainmail@isp.com which I can download over POP3.
How can I configure procmail to split those 4 email addresses into 4 different mailboxes on the linux server?
|
It's much easier to use fetchmail to split this multidrop box out to the seperate users. You should read the fetchmail man page on multidrop boxes.
Code: |
set postmaster chris
poll isp.com:
user mainmail with pass 123456 to 'steve.rs'='steve' 'chris.rs'='chris' 'sue.rs'='sue' 'russell.rs'='russell' here
|
You should be cautious with this setup in general because some messages may not have the appropriate headers to determine the recepient address. Read the fetchmail man, it explains the dangers. Usually bcc: mail will be difficult to split. These messages will default to the postmaster user you have defined... that user can then setup procmail rules to redirect email to the correct person
Code: |
:0
* ^Delivered to: steve.rs@isp.com
! steve |
|
|
Back to top |
|
|
dagarath n00b
Joined: 23 Sep 2003 Posts: 2
|
Posted: Tue Sep 23, 2003 6:29 am Post subject: matching local user names with isp email names |
|
|
The tip that seems to be missing from this configuration guide for a home email server is how to sync your local system names with the email address your isp provides. There are many occasions where you may want to use a different account name on your local server than the email name your isp uses. You can configure this in the email client settings... but that may require configuring several user applications. There's a simple config change you can make to postfix.
http://www.postfix.org/rewrite.html
Reference the Canonical address mapping
an entry like
localuser@localdomain luser@isp.com
for each of your home users, will automatically rewrite the outgoing addresses. Other MTA's like sendmail and exim also support this feature, although the setup is different. |
|
Back to top |
|
|
dstutz97 Tux's lil' helper
Joined: 14 Apr 2003 Posts: 80
|
Posted: Fri Sep 26, 2003 11:31 pm Post subject: |
|
|
I have the same problem as Weejoker:
in my postfix logs:
Code: | Sep 26 18:20:08 erma postfix/smtpd[2706]: warning: SASL authentication failure: no secret in database |
Here's me adding user to sasldb:
Code: | erma root # rm /etc/sasl2/sasldb2
erma root # saslpasswd2 -c -u dstutz.com -a smtpauth dstutz
Password:
Again (for verification):
erma root # /usr/sbin/sasldblistusers2
dstutz@dstutz.com: userPassword |
Which...is missing the "secret" entry from Beowulf's example:
Code: | root@server # /usr/sbin/sasldblistusers
beowulf@beowulf.bounceme.net: cmusaslsecretOTP
beowulf@beowulf.bounceme.net: userPassword |
How do I get a that cmusaslsecretOTP entry???
Thanks
Dave |
|
Back to top |
|
|
daha n00b
Joined: 23 Aug 2003 Posts: 62 Location: Helsinki/EU
|
Posted: Sat Sep 27, 2003 12:55 am Post subject: |
|
|
great doc, thanks |
|
Back to top |
|
|
dstutz97 Tux's lil' helper
Joined: 14 Apr 2003 Posts: 80
|
Posted: Sat Sep 27, 2003 5:14 am Post subject: |
|
|
Well...it's been a long day. I got sasl to work, but it was completely by accident. The guide here wasn't getting me completely up and running so I went googling and found this more detailed guide http://postfix.state-of-mind.de/patrick.koetter/smtpauth/index.html. I left all the stuff installed like beowulf instructed, but basically started following the instructions for configs from this other howto. I stopped getting "no secret in database" errors and progressed on to getting Code: | Sep 27 00:49:21 erma postfix/smtpd[2519]: warning: SASL authentication problem: unknown password verifier
| I was getting the same message using saslauthd or sasldb. I then kinda gave up and on a whim changed my sasl auth method to PAM: Code: | erma root # cat /etc/sasl2/smtpd.conf
pwcheck_method: PAM
|
Magically it started working for me. (I knew it was working because I removed my local lan from the relay config). I logged into the work vpn for the hell of it and tried it from there and it worked as well. My other roomate uses outlook 2002 and I wouldn't mind getting it working for him (outlook doesn't support CRAM-MD5 auth method like mozilla does). If anyone has any suggestions for fixing the "unknown password identifier" I would appreiciate it.
Dave |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|