Hello Community and first things First:
dovecot --version
2.2.9
dovecot -n
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-042stab125.5 x86_64 Ubuntu 14.04.5 LTS
auth_mechanisms = plain login
dict {
sqlquota = mysql:/etc/dovecot/dovecot-dict-sql.conf
}
listen = *,[::]
log_timestamp = "%Y-%m-%d %H:%M:%S "
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k
mail_fsync = always
mail_home = /var/vmail/%d/%n
mail_location = maildir:~/
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = quota acl
vmanagesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
namespace {
list = yes
location = maildir:%%h/:INDEXPVT=~/Shared/%%u
prefix = Shared/%%u/
separator = /
subscriptions = yes
type = shared
}
namespace inbox {
inbox = yes
location =
mailbox Archiv {
special_use = \Archive
}
mailbox Archive {
auto = subscribe
special_use = \Archive
}
mailbox Archives {
special_use = \Archive
}
mailbox "Deleted Messages" {
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Entwürfe {
special_use = \Drafts
}
mailbox "Gelöschte Objekte" {
special_use = \Trash
}
mailbox Gesendet {
special_use = \Sent
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Papierkorb {
special_use = \Trash
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
}
passdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
plugin {
acl = vfile
acl_anyone = allow
acl_shared_dict = file:/var/vmail/shared-mailboxes.db
quota = dict:User quota::proxy::sqlquota
quota_rule2 = Trash:storage=+100%%
sieve = /var/vmail/sieve/%u.sieve
sieve_after = /var/vmail/sieve/global.sieve
sieve_max_script_size = 1M
sieve_quota_max_scripts = 0
sieve_quota_max_storage = 0
}
protocols = imap sieve lmtp pop3
service auth {
unix_listener /var/spool/postfix/private/auth_dovecot {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
mode = 0600
user = vmail
}
unix_listener auth-userdb {
mode = 0600
user = vmail
}
user = root
}
service dict {
unix_listener dict {
group = vmail
mode = 0660
user = vmail
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
user = vmail
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
process_min_avail = 2
service_count = 1
vsz_limit = 128 M
}
service managesieve {
process_limit = 256
}
ssl_cert = </etc/ssl/mail/mail.crt
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECD H:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5 :!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128- SHA:AES128-SHA
ssl_dh_parameters_length = 2048
ssl_key = </etc/ssl/mail/mail.key
ssl_protocols = !SSLv3 !SSLv2
userdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
protocol imap {
mail_plugins = quota imap_quota imap_acl acl
}
protocol lmtp {
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota sieve acl
postmaster_address = postmaster#domain1.com
}
protocol sieve {
managesieve_logout_format = bytes=%i/%o
}
remote 127.0.0.1 {
disable_plaintext_auth = no
}
Mail.err
Nov 13 23:59:06 webdev dovecot: auth: Error: PLAIN(account#domain2.com, XXX.XXX.XXX.XXX,<y869CoDETEST4dHk>): Request 29154.1 timed out after 150 secs, state=1
Mail.log
Nov 13 23:27:54 webdev dovecot: auth: Error: LOGIN(account#domain1.com,IP.IP.IP.IP,<oN4ly+TestDZ6dHk>): Request 28118.1 timed out after 150 secs, state=1
Nov 13 23:27:57 webdev dovecot: auth: Error: PLAIN( account#domain2.com,XXX.XXX.XXX.XXX,<FAxKe+JaatES7tHk>): Request 28120.1 timed out after 150 secs, state=1
Nov 13 23:28:24 webdev dovecot: imap-login: Disconnected: Inactivity during authentication (disconnected while authenticating, waited 180 secs): user=<>, method=LOGIN, rip=ClientIP, lip=ServerIP, TLS: Disconnected, TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits)
[...]
Nov 13 23:47:15 webdev dovecot: imap-login: Aborted login (no auth attempts in 0 secs): user=<>, rip=84.119.151.17, lip=62.75.185.32
I did not change anything on my client nor serverside setup and i suddenly could not reach the Mailserver anymore. Obviously I can reach the Server using SSH or HTTP.
I hope I provided all infos you need to help me in this situation. And am grateful for every hint to solve this as I dont even have a clue what to look for.
The error messages are talking about a timeout on the authentication, and the config shows that the authentication is using a MySQL database. For this reason I would check if the MySQL process is still up, or restart the service (if it's running as a service, which is probably the case).
Related
I got error when try to apply my tacacs gui configuration, i try this configuration with different server on localhost and it's working but not on my first server tacacs
/opt/tacacsgui/tac_plus.cfg_test:47: Unrecognized keyword 'host'
Please help me fix this issue, this my tac_plus.cfg :
id = spawnd {
####SPAWND####
listen = { port = 49 }
} ##END OF SPAWND
id = tac_plus { ##START GLOBAL CONFIGURATION
####GENERAL CONFIGURATION####
###MANUAL CONFIGURATION START###
log = accounting_log {
destination = "| /opt/tacacsgui/parser/tacacs_parser.sh accounting"
log separator = "|!|"}
log = authentication_log {
destination = "| /opt/tacacsgui/parser/tacacs_parser.sh authentication"
log separator = "|!|"}
log = authorization_log {
destination = "| /opt/tacacsgui/parser/tacacs_parser.sh authorization"
log separator = "|!|"}
###MANUAL CONFIGURATION END###
accounting log = accounting_log
authentication log = authentication_log
authorization log = authorization_log
connection timeout = 600
context timeout = 3600
password max-attempts = 1
password backoff = 1
separation tag = "*"
skip conflicting groups = yes
skip missing groups = yes
####MAVIS GENERAL SETTINGS####
user backend = mavis
login backend = mavis chpass
pap backend = mavis
mavis module = external {
exec = /opt/tacacsgui/mavis/app.php
} #END OF MAVIS GLOBAL SETTINGS
####LIST OF ACL####
####LIST OF DEVICE GROUPS####
host = defaultGroup {
welcome banner = "Unauthorized access is prohibited!"
motd banner = "Today is a perfect day! Have a nice day!"
failed authentication banner = "Go away! Unauthorized access is prohibited!"
} #END OF defaultGroup
host = datacomm {
key = "telkomcel"
enable = clear telkomcel
default group = datacomm_full
} #END OF datacomm
host = servicesolution {
key = "telkomcel"
enable = clear telkomcel
} #END OF servicesolution
####LIST OF HOSTS####
host = SW-CORE2 {
address = "192.168.101.12/32"
key = "telkomcel"
enable = clear telkomcel
template = datacomm
} #END OF SW-CORE2
host = PE2-INET-AIM {
address = "192.168.101.10/32"
key = "telkomcel"
enable = clear telkomcel
template = servicesolution
} #END OF PE2-INET-AIM
host = SRDLI02 {
address = "192.168.101.14/32"
key = "telkomcel"
enable = clear telkomcel
template = datacomm
} #END OF SRDLI02
####LIST OF USER GROUPS####
group = datacomm_full {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
default service = permit
###Service full START###
service = shell {
set priv-lvl = 15
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service full END###
} #END OF datacomm_full
group = servicesolution_full {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
server = deny SW-CORE2
server = deny SRDLI02
default service = permit
###Service full START###
service = shell {
set priv-lvl = 15
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service full END###
} #END OF servicesolution_full
group = servicesolution_read {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
server = deny SW-CORE2
server = deny SRDLI02
default service = permit
###Service read_only START###
service = shell {
set priv-lvl = 3
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service read_only END###
} #END OF servicesolution_read
group = datacomm_read {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
default service = permit
###Service read_only START###
service = shell {
set priv-lvl = 3
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service read_only END###
} #END OF datacomm_read
####LIST OF USERS####
user = 91007 {
login = mavis # LDAP
member = datacomm_read
pap = login # Clone login
enable = login # Clone login
default service = permit
###Service full START###
service = shell {
set priv-lvl = 15
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service full END###
} #END OF 91007
user = 88014 {
login = mavis # LDAP
member = datacomm_read
pap = login # Clone login
enable = login # Clone login
default service = permit
###Service read_only START###
service = shell {
set priv-lvl = 3
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service read_only END###
} #END OF 88014
user = 82001 {
login = mavis # LDAP
member = servicesolution_full
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 82001
user = 94003 {
login = mavis # LDAP
member = servicesolution_full
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 94003
user = 89014 {
login = mavis # LDAP
member = datacomm_full
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 89014
user = 18001 {
login = mavis # LDAP
member = servicesolution_read
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 18001
}##END GLOBAL CONFIGURATION
please help how can i solve this issue without re-installing tacacs server
I have faced the same issue earlier. This is because of the special character in Name. I replace the special character form name and it's working for me.
How would you send an email using Lua?
The team I'm working with have a mail server, is that of any relevance?
Here is the code I'm using:
function send_email (email_to, email_subject, email_message)
local SMTP_SERVER = "mail.server.com"
local SMTP_AUTH_USER = "mail#domain.com"
local SMTP_AUTH_PW = "password"
local SMTP_PORT = "587"
local USER_SENDING = "mail#domain.com"
local smtp = require("socket.smtp")
local rcpt = {email_to}
local mesgt = {
headers = {
to = email_to,
from = USER_SENDING,
subject = email_subject
},
body = email_message
}
local r, e = smtp.send{
from = USER_SENDING,
rcpt = rcpt,
source = smtp.message(mesgt),
server = SMTP_SERVER,
port = SMTP_PORT,
user = SMTP_AUTH_USER,
password = SMTP_AUTH_PW
}
end
Using the LuaSocket SMTP API.
Your example looks correct, double check the SMTP settings and log the results:
local r, e = smtp.send{
from = USER_SENDING,
rcpt = rcpt,
source = smtp.message(mesgt),
server = SMTP_SERVER,
port = SMTP_PORT,
user = SMTP_AUTH_USER,
password = SMTP_AUTH_PW
}
-- Log SMTP results and potential errors
print(r, e)
Also, ensure that you're properly chaining your SMTP message using the LTN12 module API when it is multipart:
body = ltn12.source.chain(
ltn12.source.file(io.open("image.png", "rb")),
ltn12.filter.chain(
mime.encode("base64"),
mime.wrap()
)
)
Or the Mime module API for the EOL:
body = mime.eol(0, [[
Lines in a message body should always end with CRLF.
The smtp module will *NOT* perform translation. However, the
send function *DOES* perform SMTP stuffing, whereas the message
function does *NOT*.
]])
There is a much more verbose example of this in the LuaSocket SMTP API documentation.
i have installed a kerberos server.
# Configuration snippets may be placed in this directory as well
includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = SNSPRJ.COM
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
# EXAMPLE.COM = {
# kdc = kerberos.example.com
# admin_server = kerberos.example.com
# }
SNSPRJ.COM = {
kdc = kerberos.snsprj.com
admin_server = kerberos.snsprj.com
}
[domain_realm]
# .example.com = EXAMPLE.COM
# example.com = EXAMPLE.COM
.snsprj.com = SNSPRJ.COM
snsprj.com = SNSPRJ.COM
[kdcdefaults]
kdc_ports = 88
kdc_tcp_ports = 88
[realms]
SNSPRJ.COM = {
#master_key_type = aes256-cts
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal
}
~
In the kerberos client ,i use kinit xiaoxiao/admin#SNSPRJ.COM and it's see ok
[root#bogon ~]# kinit xiaoxiao/admin#SNSPRJ.COM
Password for xiaoxiao/admin#SNSPRJ.COM:
[root#bogon ~]# klist
Ticket cache: KEYRING:persistent:0:0
Default principal: xiaoxiao/admin#SNSPRJ.COM
Valid starting Expires Service principal
08/24/2017 13:51:18 08/25/2017 13:51:17 krbtgt/SNSPRJ.COM#SNSPRJ.COM
[root#bogon ~]#
but when i use JAAS to auth kerberos server some error message occur :
java.net.SocketTimeoutException: Receive timed out
i have tey telnet 192.168.1.196 88 it's ok.
bogon:jaas0822 skh$ telnet 192.168.1.196 88
Trying 192.168.1.196...
Connected to bogon.
Escape character is '^]'.
JAAS Authentication:http://docs.oracle.com/javase/1.5.0/docs/guide/security/jgss/tutorials/AcnOnly.html
my code:
import javax.security.auth.login.*;
import com.sun.security.auth.callback.TextCallbackHandler;
/**
* This JaasAcn application attempts to authenticate a user
* and reports whether or not the authentication was successful.
*
* Created by skh on 2017/8/22.
*/
public class JaasAcn {
public static void main(String[] args) {
String path = "/workspace/idea/ssm/src/test/java/com/snsprj/jaas0822/";
System.setProperty("java.security.auth.login.config", path + "jaas.conf");
// System.setProperty("java.security.krb5.conf", path + "krb5.conf");
System.setProperty("java.security.krb5.realm", "SNSPRJ.COM");
System.setProperty("java.security.krb5.kdc", "kerberos.snsprj.com");
System.setProperty("java.security.krb5.debug", "true");
// Obtain a LoginContext, needed for authentication. Tell it
// to use the LoginModule implementation specified by the
// entry named "JaasSample" in the JAAS login configuration
// file and to also use the specified CallbackHandler.
LoginContext lc = null;
try {
lc = new LoginContext("JaasSample", new TextCallbackHandler());
// attempt authentication
try {
lc.login();
} catch (LoginException le) {
le.printStackTrace();
System.err.println("Authentication failed:");
System.err.println(" " + le.getMessage());
System.exit(-1);
}
} catch (LoginException le) {
System.err.println("Cannot create LoginContext. " + le.getMessage());
} catch (SecurityException se) {
System.err.println("Cannot create LoginContext. " + se.getMessage());
System.exit(-1);
}
System.out.println("Authentication succeeded!");
}
}
is something worry? anyone can help me ,think you very much!
Solution :use TCP
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = SNSPRJ.COM
default_ccache_name = KEYRING:persistent:%{uid}
# insert by xiaohb 20170824 start
udp_preference_limit = 1
# insert by xiaohb 20170824 end
I have install suiteCRM on my server.
I have configured the email smtp server on email module and it's work great.
I have put the same configuration informations in "set up email" in the campaign module.
I have add the cron command on my server.
But when i create a campaign the email stay in queue. I have a log error :
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Sun Apr 16 22:53:14 2017 [25545][1][FATAL] SugarPHPMailer encountered an error: Vous n'avez pas configuré le serveur SMTP pour votre compte Mail. Configurer ou choir le serveur SMTP pour le compte Mail.
Sun Apr 16 22:53:14 2017 [25545][1][FATAL] SugarPHPMailer encountered an error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Sun Apr 16 22:53:14 2017 [25545][1][FATAL] Email delivery FAILURE:Array
I have tried to turn off firewall => it doesn't work
I have tried to change php version (5.6=> 5.5) => it doesn't work
Any ideas ?
Thanks.
I have found a very crappy solution, it's work if you can send email from localhost without smtp external account :
Edit the file /modules/EmailMan/EmailManDelivery.php :
Comment email outbound setting from line 220 to 249 :
// if user want to use an other outbound email account to sending...
// if ($current_emailmarketing->outbound_email_id) {
// $outboundEmailAccount = BeanFactory::getBean('OutboundEmailAccounts',
// $current_emailmarketing->outbound_email_id);
//
// if (strtolower($outboundEmailAccount->mail_sendtype) == "smtp") {
// $mail->Mailer = "smtp";
// $mail->Host = $outboundEmailAccount->mail_smtpserver;
// $mail->Port = $outboundEmailAccount->mail_smtpport;
// if ($outboundEmailAccount->mail_smtpssl == 1) {
// $mail->SMTPSecure = 'ssl';
// } elseif ($outboundEmailAccount->mail_smtpssl == 2) {
// $mail->SMTPSecure = 'tls';
// }
// if ($outboundEmailAccount->mail_smtpauth_req) {
// $mail->SMTPAuth = true;
// $mail->Username = $outboundEmailAccount->mail_smtpuser;
// $mail->Password = $outboundEmailAccount->mail_smtppass;
// }
// } else {
// $mail->Mailer = "sendmail";
// }
//
// $mail->oe->mail_smtpauth_req = $outboundEmailAccount->mail_smtpauth_req;
// $mail->oe->mail_smtpuser = $outboundEmailAccount->mail_smtpuser;
// $mail->oe->mail_smtppass = $outboundEmailAccount->mail_smtppass;
// $mail->oe->mail_smtpserver = $outboundEmailAccount->mail_smtpserver;
// $mail->oe->mail_smtpport = $outboundEmailAccount->mail_smtpport;
// $mail->oe->mail_smtpssl = $outboundEmailAccount->mail_smtpssl;
// }
And add this lines :
$mail->Mailer = "sendmail";
$mail->SMTPSecure = 'ssl';
$mail->SMTPAuth = true;
It's work for me.
Looking forward to a better solution
I'm trying to send e-mail via lua+nginx.
Lapis (Lua) code
local smtp = require("socket.smtp")
app:get("/ee", function(self)
local from = "<mail0#mydns.name>"
local rcpt = {
"<mail1#gmail.com>"
}
local mesgt = {
headers = {
to = "PP <mail1#gmail.com>",
cc = '"V.V." <mail2#gmail.com>',
subject = "My first message"
},
body = "I hope this works. If it does, I can send you another 1000 copies."
}
local r, e = smtp.send{
from = from,
rcpt = rcpt,
source = smtp.message(mesgt),
server = "127.0.0.1",
port = 25
}
return "R:" .. tostring(r) .. " E: " .. tostring(e)
end)
gives timeout error (after several seconds passed): "R: nil E: timeout"
Nginx config is:
http{
server{
listen 9000;
location = /cgi-bin/nginxauth.cgi {
add_header Auth-Status OK;
add_header Auth-Server 127.0.0.1; # backend ip
add_header Auth-Port 25; # backend port
return 200;
}
}
}
mail {
auth_http localhost:9000/cgi-bin/nginxauth.cgi;
server {
server_name mydns.name;
listen 25;
protocol smtp;
proxy on;
timeout 5s;
proxy_pass_error_message on;
#smtp_auth login plain;
xclient on;
smtp_auth none;
}
}
I do not understand the core of mail server. How to configure? How to use nginx server? I think timeout error appears due to mail-server just redirect but doesnt process email data, am I right? Or what have I do to fix with error?