Ubuntu-fr

vincent-avct

[RÉSOLU] serveur de mail ubuntu 16.04

bonjour,

pour commencer je suis totalement novice dans le domaine. celui des serveurs de mail
après avoir consulté plusieurs documentations, je me suis arrêté sur une configuration de type :
postfix, dovecot, roundcube, postfixeadmin

le tout est installé,
les mails partent correctement, mais je ne peux pas me connecter à roundcube
message d'erreur

erreur de connexion au serveur de stockage

réponse à la commande

telnet localhost imap2

Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.

si il y a quelques conseils, je suis preneur

merci

Dernière modification par vincent-avct (Le 25/05/2016, à 18:31)

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

retour de la commande

systemctl status dovecot.socket

● dovecot.socket - Dovecot IMAP/POP3 email server activation socket
   Loaded: loaded (/lib/systemd/system/dovecot.socket; disabled; vendor preset: enabled)
   Active: inactive (dead)
   Listen: 0.0.0.0:143 (Stream)
           [::]:143 (Stream)
           0.0.0.0:993 (Stream)
           [::]:993 (Stream)

mai 18 20:25:17 mail-00000 systemd[1]: dovecot.socket: Socket service dovecot.service already active, refusing.
mai 18 20:25:17 mail-00000 systemd[1]: Failed to listen on Dovecot IMAP/POP3 email server activation socket.

Dernière modification par vincent-avct (Le 18/05/2016, à 21:24)

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

log mail.err

May 19 02:27:18 mail-91643 dovecot: imap-login: Fatal: Can't load ssl_cert: There is no valid PEM certificate. (You probably forgot '<' from ssl_cert=<)
May 19 02:27:18 mail-91643 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

j'ai ajouté les ssl_cert et ssl_key

telnet localhost imap2

Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

ça avance non ?

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

log syslog

May 19 04:19:18 mail-91643 kernel: [188227.252293] Firewall: *UDP6IN Blocked* IN=ens160 OUT= MAC=33:33:00:00:00:01:0c:c4:7a:57:5a:fa:86:dd SRC=fe80:0000:0000:0000:0ec4:7aff:fe57:5afa DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=170 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=5678 DPT=5678 LEN=130

Dernière modification par vincent-avct (Le 19/05/2016, à 04:25)

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

bonjour,

ce sujet ne provoque aucune réaction, dommage
malgré ça je continue mes recherches... est ce que le paquet mail-stack-delivery facilite vraiment la mise en oeuvre/configuration d'un serveur de mail avec postfix et dovecot
à dire vrai je ne m'en sors pas vraiment pour le moment,
des petites avancées, mais je n'ai pas la vision d'ensemble nécessaire pour savoir ce que je fais  : /  ce qu'apporte/implique mes modifications/corrections

bonne soirée

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

bonjour,

ce sujet ne provoque aucune réaction, dommage
bonne soirée

C'est parceque tu n'as pas indiqué le contexte (qui fait quoi), ni donné la procédure d'installation, ni les fichiers de configuration..

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

bonjour,
ok désolé...
j'ai un serveur avec 6 VMs 1 backup 4 web (ubuntu 16.04) et je voudrais en avoir 1 mail.
aujourd'hui j'ai installé postfix sur chacune d'elles. elles sont toutes redirigées en local vers mail qui s'occupe de l'envoi des messages.
je crois que c'est la formule de base avec smtp (j'ai pourtant eu récemment des soucis de spam)

je voudrais installer une server de mail complet avec postfix dovecot et roundcube.
après consultation de doc. j'ai installé postfixadmin pour la gestion des domaines/mails virtuels.

j'essaie de suivre les conseils prodigués ici même ne pas "trop" se fier aux tuto. mais si il y en a un que vous validez je suis preneur.

par ailleurs j'ai peut-être laissé des informations compromettantes, merci de me le signaler svp.

configuration de postfix :

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = mail-91643.unanunjour.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, unanunjour.tld, mail-91643.unanunjour.tld, localhost.unanunjour.tld, localhost
relayhost = 
mynetworks = 192.168.255.0/24 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 5368709120
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/

configuration dovecot dovecot.conf

## Dovecot configuration file

# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration

# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.

# '#' character and everything after it is treated as comments. Extra spaces
# and tabs are ignored. If you want to use either of these explicitly, put the
# value inside quotes, eg.: key = "# char and trailing whitespace  "

# Most (but not all) settings can be overridden by different protocols and/or
# source/destination IPs by placing the settings inside sections, for example:
# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }

# Default values are shown for each setting, it's not required to uncomment
# those. These are exceptions to this though: No sections (e.g. namespace {})
# or plugin settings are added by default, they're listed only as examples.
# Paths are also just examples with the real defaults being based on configure
# options. The paths listed here are for configure --prefix=/usr
# --sysconfdir=/etc --localstatedir=/var

# Enable installed protocols
!include_try /usr/share/dovecot/protocols.d/*.protocol

# A comma separated list of IPs or hosts where to listen in for connections. 
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::

# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/

# Name of this instance. In multi-instance setup doveadm and other commands
# can use -i <instance_name> to select which instance is used (an alternative
# to -c <config_path>). The instance name is also added to Dovecot processes
# in ps output.
#instance_name = dovecot

# Greeting message for clients.
#login_greeting = Dovecot ready.

# Space separated list of trusted network ranges. Connections from these
# IPs are allowed to override their IP addresses and ports (for logging and
# for authentication checks). disable_plaintext_auth is also ignored for
# these networks. Typically you'd specify your IMAP proxy servers here.
#login_trusted_networks =

# Space separated list of login access check sockets (e.g. tcpwrap)
#login_access_sockets = 

# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do
# proxying. This isn't necessary normally, but may be useful if the destination
# IP is e.g. a load balancer's IP.
#auth_proxy_self =

# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no

# Should all processes be killed when Dovecot master process shuts down.
# Setting this to "no" means that Dovecot can be upgraded without
# forcing existing client connections to close (although that could also be
# a problem if the upgrade is e.g. because of a security fix).
#shutdown_clients = yes

# If non-zero, run mail commands via this many connections to doveadm server,
# instead of running them directly in the same process.
#doveadm_worker_count = 0
# UNIX socket or host:port used for connecting to doveadm server
#doveadm_socket_path = doveadm-server

# Space separated list of environment variables that are preserved on Dovecot
# startup and passed down to all of its child processes. You can also give
# key=value pairs to always set specific settings.
#import_environment = TZ

##
## Dictionary server settings
##

# Dictionary can be used to store key=value lists. This is used by several
# plugins. The dictionary can be accessed either directly or though a
# dictionary server. The following dict block maps dictionary names to URIs
# when the server is used. These can then be referenced using URIs in format
# "proxy::<name>".

dict {
  #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
  #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}

# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf

# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf

log_path = /var/log/dovecot.log
protocols = imap pop3
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
maildir_very_dirty_syncs = yes

dovecot 10-master.conf

#default_process_limit = 100
#default_client_limit = 1000

# Default VSZ (virtual memory size) limit for service processes. This is mainly
# intended to catch and kill processes that leak memory before they eat up
# everything.
#default_vsz_limit = 256M

# Login user is internally used by login processes. This is the most untrusted
# user in Dovecot system. It shouldn't have access to anything at all.
#default_login_user = dovenull

# Internal user is used by unprivileged processes. It should be separate from
# login user, so that login processes can't disturb other processes.
#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    #port = 993
    #ssl = yes
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = $default_vsz_limit
}

service pop3-login {
  inet_listener pop3 {
    #port = 110
  }
  inet_listener pop3s {
    #port = 995
    #ssl = yes
  }
}

service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }

  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port = 
  #}
}

service imap {
  # Most of the memory goes to mmap()ing files. You may need to increase this
  # limit if you have huge mailboxes.
  #vsz_limit = $default_vsz_limit

  # Max. number of IMAP processes (connections)
  #process_limit = 1024
}

service pop3 {
  # Max. number of POP3 processes (connections)
  #process_limit = 1024
}

service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
  # full permissions to this socket are able to get a list of all usernames and
  # get the results of everyone's userdb lookups.
  #
  # The default 0666 mode allows anyone to connect to the socket, but the
  # userdb lookups will succeed only if the userdb returns an "uid" field that
  # matches the caller process's UID. Also if caller's uid or gid matches the
  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
  #
  # To give the caller full permissions to lookup all users, set the mode to
  # something else than 0666 and Dovecot lets the kernel enforce the
  # permissions (e.g. 0777 allows everyone full permissions).
  unix_listener auth-userdb {
    #mode = 0666
    #user = 
    #group = 
  }

  # Postfix smtp-auth
  #unix_listener /var/spool/postfix/private/auth {
  #  mode = 0666
  #}

  # Auth process is run as this user.
  #user = $default_internal_user
}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  #user = root
}

service dict {
  # If dict proxy is used, mail processes should have access to its socket.
  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
  unix_listener dict {
    #mode = 0600
    #user = 
    #group = 
  }
}

postfixadmin

<?php
/** 
 * Postfix Admin 
 * 
 * LICENSE 
 * This source file is subject to the GPL license that is bundled with  
 * this package in the file LICENSE.TXT. 
 * 
 * Further details on the project are available at : 
 *     http://www.postfixadmin.com or http://postfixadmin.sf.net 
 * 
 * @version $Id: config.inc.php 935 2011-01-02 21:33:13Z christian_boltz $ 
 * @license GNU GPL v2 or later. 
 * 
 * File: config.inc.php
 * Contains configuration options.
 */

// This loads the automatic generated DB credentials from /etc/postfixadmin/dbconfig.inc.php
require_once('dbconfig.inc.php');
if (!isset($dbserver) || empty($dbserver))
        $dbserver='localhost';

/*****************************************************************
 *  !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
 * You have to set $CONF['configured'] = true; before the
 * application will run!
 * Doing this implies you have changed this file as required.
 * i.e. configuring database etc; specifying setup.php password etc.
 */
$CONF['configured'] = true;

// In order to setup Postfixadmin, you MUST specify a hashed password here.
// To create the hash, visit setup.php in a browser and type a password into the field,
// on submission it will be echoed out to you as a hashed value.
$CONF['setup_password'] = 'motdepasse';

// Postfix Admin Path
// Set the location of your Postfix Admin installation here.
// YOU MUST ENTER THE COMPLETE URL e.g. http://domain.tld/postfixadmin
$CONF['postfix_admin_url'] = '/postfixadmin';

// shouldn't need changing.
$CONF['postfix_admin_path'] = dirname(__FILE__);

// Language config
// Language files are located in './languages', change as required..
$CONF['default_language'] = 'fr';

// Database Config
// mysql = MySQL 3.23 and 4.0, 4.1 or 5
// mysqli = MySQL 4.1+ 
// pgsql = PostgreSQL
$CONF['database_type'] = 'mysqli';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'motdepasse';
$CONF['database_name'] = 'postfix';
// If you need to specify a different port for a MYSQL database connection, use e.g.
//   $CONF['database_host'] = '172.30.33.66:3308';
// If you need to specify a different port for POSTGRESQL database connection
//   uncomment and change the following
// $CONF['database_port'] = '5432';


// Here, if you need, you can customize table names.
$CONF['database_prefix'] = '';
$CONF['database_tables'] = array (
    'admin' => 'admin',
    'alias' => 'alias',
    'alias_domain' => 'alias_domain',
    'config' => 'config',
    'domain' => 'domain',
    'domain_admins' => 'domain_admins',
    'fetchmail' => 'fetchmail',
    'log' => 'log',
    'mailbox' => 'mailbox',
    'vacation' => 'vacation',
    'vacation_notification' => 'vacation_notification',
    'quota' => 'quota',
    'quota2' => 'quota2',
);

// Site Admin
// Define the Site Admins email address below.
// This will be used to send emails from to create mailboxes.
$CONF['admin_email'] = 'postmaster@unanunjour.tld';

// Mail Server
// Hostname (FQDN) of your mail server.
// This is used to send email to Postfix in order to create mailboxes.
$CONF['smtp_server'] = 'localhost';
$CONF['smtp_port'] = '25';

// Encrypt
// In what way do you want the passwords to be crypted?
// md5crypt = internal postfix admin md5
// md5 = md5 sum of the password
// system = whatever you have set as your PHP system default
// cleartext = clear text passwords (ouch!)
// mysql_encrypt = useful for PAM integration
// authlib = support for courier-authlib style passwords
// dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5
$CONF['encrypt'] = 'md5crypt';

// In what flavor should courier-authlib style passwords be enrypted?
// md5 = {md5} + base64 encoded md5 hash
// md5raw = {md5raw} + plain encoded md5 hash
// SHA = {SHA} + base64-encoded sha1 hash
// crypt = {crypt} + Standard UNIX DES-enrypted with 2-character salt
$CONF['authlib_default_flavor'] = 'md5raw';

// If you use the dovecot encryption method: where is the dovecotpw binary located?
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";

// Minimum length required for passwords. Postfixadmin will not
// allow users to set passwords which are shorter than this value.
$CONF['min_password_length'] = 5;

// Generate Password
// Generate a random password for a mailbox or admin and display it.
// If you want to automagically generate paswords set this to 'YES'.
$CONF['generate_password'] = 'NO';

// Show Password
// Always show password after adding a mailbox or admin.
// If you want to always see what password was set set this to 'YES'.
$CONF['show_password'] = 'NO';

// Page Size
// Set the number of entries that you would like to see
// in one page.
$CONF['page_size'] = '10';

// Default Aliases
// The default aliases that need to be created for all domains.
$CONF['default_aliases'] = array (
    'abuse' => 'abuse@unanunjour.tld',
    'hostmaster' => 'hostmaster@unanunjour.tld',
    'postmaster' => 'postmaster@change-this-to-your.domain.tld',
    'webmaster' => 'webmaster@change-this-to-your.domain.tld'
);

// Mailboxes
// If you want to store the mailboxes per domain set this to 'YES'.
// Examples:
//   YES: /usr/local/virtual/domain.tld/username@domain.tld
//   NO:  /usr/local/virtual/username@domain.tld
$CONF['domain_path'] = 'YES';
// If you don't want to have the domain in your mailbox set this to 'NO'.
// Examples: 
//   YES: /usr/local/virtual/domain.tld/username@domain.tld
//   NO:  /usr/local/virtual/domain.tld/username
// Note: If $CONF['domain_path'] is set to NO, this setting will be forced to YES.
$CONF['domain_in_mailbox'] = 'NO';
// If you want to define your own function to generate a maildir path set this to the name of the function.
// Notes: 
//   - this configuration directive will override both domain_path and domain_in_mailbox
//   - the maildir_name_hook() function example is present below, commented out
//   - if the function does not exist the program will default to the above domain_path and domain_in_mailbox settings
$CONF['maildir_name_hook'] = 'NO';

/*
    maildir_name_hook example function
 
    Called by create-mailbox.php if $CONF['maildir_name_hook'] == '<name_of_the_function>'
    - allows for customized maildir paths determined by a custom function
    - the example below will prepend a single-character directory to the
      beginning of the maildir, splitting domains more or less evenly over
      36 directories for improved filesystem performance with large numbers
      of domains.

    Returns: maildir path
    ie. I/example.com/user/
*/
/*
function maildir_name_hook($domain, $user) {
    $chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";

    $dir_index = hexdec(substr(md5($domain), 28)) % strlen($chars);
    $dir = substr($chars, $dir_index, 1);
    return sprintf("%s/%s/%s/", $dir, $domain, $user);
}
*/


// Default Domain Values
// Specify your default values below. Quota in MB.
$CONF['aliases'] = '10';
$CONF['mailboxes'] = '10';
$CONF['maxquota'] = '10';

// Quota
// When you want to enforce quota for your mailbox users set this to 'YES'.
$CONF['quota'] = 'YES';
// You can either use '1024000' or '1048576'
$CONF['quota_multiplier'] = '1024000';

// Transport
// If you want to define additional transport options for a domain set this to 'YES'.
// Read the transport file of the Postfix documentation.
$CONF['transport'] = 'NO';
// Transport options
// If you want to define additional transport options put them in array below.
$CONF['transport_options'] = array (
    'virtual',  // for virtual accounts
    'local',    // for system accounts
    'relay'     // for backup mx
);
// Transport default
// You should define default transport. It must be in array above.
$CONF['transport_default'] = 'virtual';

// Virtual Vacation
// If you want to use virtual vacation for you mailbox users set this to 'YES'.
// NOTE: Make sure that you install the vacation module. (See VIRTUAL-VACATION/)
$CONF['vacation'] = 'NO';
// This is the autoreply domain that you will need to set in your Postfix
// transport maps to handle virtual vacations. It does not need to be a
// real domain (i.e. you don't need to setup DNS for it).
$CONF['vacation_domain'] = 'autoreply.unanunjour.tld';

// Vacation Control
// If you want users to take control of vacation set this to 'YES'.
$CONF['vacation_control'] ='YES';

// Vacation Control for admins
// Set to 'YES' if your domain admins should be able to edit user vacation.
$CONF['vacation_control_admin'] = 'YES';

// Alias Control
// Postfix Admin inserts an alias in the alias table for every mailbox it creates.
// The reason for this is that when you want catch-all and normal mailboxes
// to work you need to have the mailbox replicated in the alias table.
// If you want to take control of these aliases as well set this to 'YES'.

// Alias control for superadmins
$CONF['alias_control'] = 'NO';

// Alias Control for domain admins
$CONF['alias_control_admin'] = 'NO';

// Special Alias Control
// Set to 'NO' if your domain admins shouldn't be able to edit the default aliases
// as defined in $CONF['default_aliases']
$CONF['special_alias_control'] = 'NO';

// Alias Goto Field Limit
// Set the max number of entries that you would like to see
// in one 'goto' field in overview, the rest will be hidden and "[and X more...]" will be added.
// '0' means no limits.
$CONF['alias_goto_limit'] = '0';

// Alias Domains
// Alias domains allow to "mirror" aliases and mailboxes to another domain. This makes 
// configuration easier if you need the same set of aliases on multiple domains, but
// also requires postfix to do more database queries.
// Note: If you update from 2.2.x or earlier, you will have to update your postfix configuration.
// Set to 'NO' to disable alias domains.
$CONF['alias_domain'] = 'YES';

// Backup
// If you don't want backup tab set this to 'NO';
$CONF['backup'] = 'YES';

// Send Mail
// If you don't want sendmail tab set this to 'NO';
$CONF['sendmail'] = 'YES';

// Logging
// If you don't want logging set this to 'NO';
$CONF['logging'] = 'YES';

// Fetchmail
// If you don't want fetchmail tab set this to 'NO';
$CONF['fetchmail'] = 'YES';

// fetchmail_extra_options allows users to specify any fetchmail options and any MDA
// (it will even accept 'rm -rf /' as MDA!)
// This should be set to NO, except if you *really* trust *all* your users.
$CONF['fetchmail_extra_options'] = 'NO';

// Header
$CONF['show_header_text'] = 'NO';
$CONF['header_text'] = ':: Postfix Admin ::';

// link to display under 'Main' menu when logged in as a user.
$CONF['user_footer_link'] = "http://change-this-to-your.domain.tld/main";

// Footer
// Below information will be on all pages.
// If you don't want the footer information to appear set this to 'NO'.
$CONF['show_footer_text'] = 'YES';
$CONF['footer_text'] = 'Return to change-this-to-your.domain.tld';
$CONF['footer_link'] = 'http://change-this-to-your.domain.tld';

// Welcome Message
// This message is send to every newly created mailbox.
// Change the text between EOM.
$CONF['welcome_text'] = <<<EOM
Hi,

Welcome to your new account.
EOM;

// When creating mailboxes or aliases, check that the domain-part of the
// address is legal by performing a name server look-up.
$CONF['emailcheck_resolve_domain']='YES';


// Optional:
// Analyze alias gotos and display a colored block in the first column
// indicating if an alias or mailbox appears to deliver to a non-existent
// account.  Also, display indications, for POP/IMAP mailboxes and
// for custom destinations (such as mailboxes that forward to a UNIX shell
// account or mail that is sent to a MS exchange server, or any other
// domain or subdomain you use)
// See http://www.w3schools.com/html/html_colornames.asp for a list of
// color names available on most browsers

//set to YES to enable this feature
$CONF['show_status']='NO';
//display a guide to what these colors mean
$CONF['show_status_key']='NO';
// 'show_status_text' will be displayed with the background colors
// associated with each status, you can customize it here
$CONF['show_status_text']='&nbsp;&nbsp;';
// show_undeliverable is useful if most accounts are delivered to this
// postfix system.  If many aliases and mailboxes are forwarded
// elsewhere, you will probably want to disable this.
$CONF['show_undeliverable']='NO';
$CONF['show_undeliverable_color']='tomato';
// mails to these domains will never be flagged as undeliverable
$CONF['show_undeliverable_exceptions']=array("unixmail.domain.ext","exchangeserver.domain.ext","gmail.com");
$CONF['show_popimap']='NO';
$CONF['show_popimap_color']='darkgrey';
// you can assign special colors to some domains. To do this,
// - add the domain to show_custom_domains
// - add the corresponding color to show_custom_colors
$CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext");
$CONF['show_custom_colors']=array("lightgreen","lightblue");
// If you use a recipient_delimiter in your postfix config, you can also honor it when aliases are checked.
// Example: $CONF['recipient_delimiter'] = "+";
// Set to "" to disable this check.
$CONF['recipient_delimiter'] = "";


// Optional:
// Script to run after creation of mailboxes.
// Note that this may fail if PHP is run in "safe mode", or if
// operating system features (such as SELinux) or limitations
// prevent the web-server from executing external scripts.
// Parameters: (1) username (2) domain (3) maildir (4) quota
// $CONF['mailbox_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postcreation.sh';

// Optional:
// Script to run after alteration of mailboxes.
// Note that this may fail if PHP is run in "safe mode", or if
// operating system features (such as SELinux) or limitations
// prevent the web-server from executing external scripts.
// Parameters: (1) username (2) domain (3) maildir (4) quota
// $CONF['mailbox_postedit_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postedit.sh';

// Optional:
// Script to run after deletion of mailboxes.
// Note that this may fail if PHP is run in "safe mode", or if
// operating system features (such as SELinux) or limitations
// prevent the web-server from executing external scripts.
// Parameters: (1) username (2) domain
// $CONF['mailbox_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-mailbox-postdeletion.sh';

// Optional:
// Script to run after creation of domains.
// Note that this may fail if PHP is run in "safe mode", or if
// operating system features (such as SELinux) or limitations
// prevent the web-server from executing external scripts.
// Parameters: (1) domain
//$CONF['domain_postcreation_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postcreation.sh';

// Optional:
// Script to run after deletion of domains.
// Note that this may fail if PHP is run in "safe mode", or if
// operating system features (such as SELinux) or limitations
// prevent the web-server from executing external scripts.
// Parameters: (1) domain
// $CONF['domain_postdeletion_script']='sudo -u courier /usr/local/bin/postfixadmin-domain-postdeletion.sh';

// Optional:
// Sub-folders which should automatically be created for new users.
// The sub-folders will also be subscribed to automatically.
// Will only work with IMAP server which implement sub-folders.
// Will not work with POP3.
// If you define create_mailbox_subdirs, then the
// create_mailbox_subdirs_host must also be defined.
//
// $CONF['create_mailbox_subdirs']=array('Spam');
// $CONF['create_mailbox_subdirs_host']='localhost';
//
// Specify '' for Dovecot and 'INBOX.' for Courier.
$CONF['create_mailbox_subdirs_prefix']='INBOX.';

// Optional:
// Show used quotas from Dovecot dictionary backend in virtual
// mailbox listing.
// See: DOCUMENTATION/DOVECOT.txt
//      http://wiki.dovecot.org/Quota/Dict
//
$CONF['used_quotas'] = 'NO';

// if you use dovecot >= 1.2, set this to yes.
// Note about dovecot config: table "quota" is for 1.0 & 1.1, table "quota2" is for dovecot 1.2 and newer
$CONF['new_quota_table'] = 'NO';

//
// Normally, the TCP port number does not have to be specified.
// $CONF['create_mailbox_subdirs_hostport']=143;
//
// If you have trouble connecting to the IMAP-server, then specify
// a value for $CONF['create_mailbox_subdirs_hostoptions']. These
// are some examples to experiment with:
// $CONF['create_mailbox_subdirs_hostoptions']=array('notls');
// $CONF['create_mailbox_subdirs_hostoptions']=array('novalidate-cert','norsh');
// See also the "Optional flags for names" table at
// http://www.php.net/manual/en/function.imap-open.php


// Theme Config
// Specify your own logo and CSS file
$CONF['theme_logo'] = 'images/logo-default.png';
$CONF['theme_css'] = 'css/default.css';

// XMLRPC Interface.
// This should be only of use if you wish to use e.g the 
// Postfixadmin-Squirrelmail package
//  change to boolean true to enable xmlrpc
$CONF['xmlrpc_enabled'] = false;


// If you want to keep most settings at default values and/or want to ensure 
// that future updates work without problems, you can use a separate config 
// file (config.local.php) instead of editing this file and override some
// settings there.
if (file_exists(dirname(__FILE__) . '/config.local.php')) {
    include(dirname(__FILE__) . '/config.local.php');
}

//
// END OF CONFIG FILE
//
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

roundcube

<?php

/* Local configuration for Roundcube Webmail */

// ----------------------------------
// SQL DATABASE
// ----------------------------------
// Database connection string (DSN) for read+write operations
// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
// NOTE: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
//       or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
$config['db_dsnw'] = 'mysql://roundcubeadmin:motdepasse@localhost/roundcube';

// ----------------------------------
// IMAP
// ----------------------------------
// The mail host chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %s - domain name after the '@' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
// WARNING: After hostname change update of mail_host column in users table is
//          required to match old user data records with the new host.
$config['default_host'] = 'localhost';

// provide an URL where a user can get support for this Roundcube installation
// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
$config['support_url'] = '';

// This key is used for encrypting purposes, like storing of imap password
// in the session. For historical reasons it's called DES_key, but it's used
// with any configured cipher_method (see below).
$config['des_key'] = 'key';

// ----------------------------------
// PLUGINS
// ----------------------------------
// List of active plugins (in plugins/ directory)
$config['plugins'] = array();

// Set the spell checking engine. Possible values:
// - 'googie'  - the default (also used for connecting to Nox Spell Server, see 'spellcheck_uri' setting)
// - 'pspell'  - requires the PHP Pspell module and aspell installed
// - 'enchant' - requires the PHP Enchant module
// - 'atd'     - install your own After the Deadline server or check with the people at http://www.afterthedeadline.com before using their API
// Since Google shut down their public spell checking service, the default settings
// connect to http://spell.roundcube.net which is a hosted service provided by Roundcube.
// You can connect to any other googie-compliant service by setting 'spellcheck_uri' accordingly.
$config['spellcheck_engine'] = 'pspell';

j'ai modifié l'emplacement du dossier roudcube comme vous le verrez ci-dessous par soucis de backup et de restauraion (peut-être imaginaire)
message d'erreur àla tentive de log

[19-May-2016 08:27:12 +0100]: <k3rd7d0k> IMAP Error: Login failed for contact from 82.231.30.189. AUTHENTICATE PLAIN: Authentication failed. in /opt/webmail/program/lib/Roundcube/rcube_imap.php on line 193 (POST /webmail/?_task=login&_action=login)

avez-vous besoin d'autres choses ? dovecot imap, pop...

merci

Dernière modification par vincent-avct (Le 21/05/2016, à 17:47)

LeoMajor

Re : [RÉSOLU] serveur de mail ubuntu 16.04

bonjour,

les mails partent correctement, mais je ne peux pas me connecter à roundcube

Avant d'installer roundcube, tu dois t'assurer que ta solution de messagerie fonctionne normalement. (envoi, réception, authentification.)

selon #8,
à l'envoi, tu as seulement permit_mynetworks qui valide la session smtp,
à la réception, dns mx valide, permit_auth_destination valide, RCPT TO correspond à un récipient valide, et Postfix est la destination finale.

a/ problème dns mx
L'enregistrement dns mx est invalide, et devrait pointer sur ta machine, là où est installé ton MTA, ton postfix.

 host -t mx unanunjour.net
unanunjour.net mail is handled by 50 fb.mail.gandi.net.
unanunjour.net mail is handled by 10 spool.mail.gandi.net.

Lorsque le MX est absent, les autres MTA appliquent la résolution A, pour livrer, mais personnellement, je déconseille de ne pas déclarer de MX.

b/ problème d'authentification
Pas de SASL
permit_sasl_authenticated incompatible avec  smtpd_sasl_auth_enable=no   (paramètre par défaut)
smtpd SASL type dovecot indéfini

c/ agent de transport local:
Postfix est lui-même l'agent de livraison par local (home_mailbox = Maildir/), paramètre minimal non surchargé).

The  precedence  of  local(8)  delivery  methods  from  high to low is:
       aliases,  .forward  files,  mailbox_transport_maps,  mailbox_transport,
       mailbox_command_maps,  mailbox_command, home_mailbox, mail_spool_direc-
       tory, fallback_transport_maps, fallback_transport, and luser_relay.

Mais, Dovecot n'est pas défini pour la livraison (mailbox_transport si LMTP-dovecot ou  mailbox_command si LDA-dovecot). Le master.cf n'est pas renseigné normalement lorsque l'approche est non virtual.

Ta configuration est suffisante pour vérifier si l'envoi, la réception, fonctionnent, une fois résolu, le problème du DNS MX, mais pas assez pour utiliser dovecot.

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

salut LeoMajor, je regarde ça en détail ce soir

pour la partie a/ MX :
? pour le domaine unanunjour.net je dois avoir sur ma zone dns chez gandi ?

imap 10800 IN CNAME mail-91643.unanunjour.net.
pop 10800 IN CNAME mail-91643.unanunjour.net.
smtp 10800 IN CNAME mail-91643.unanunjour.net.
webmail 10800 IN CNAME mail-91643.unanunjour.net.
@ 10800 IN MX 50 mail-91643.unanunjour.net.
@ 10800 IN MX 10 mail-91643.unanunjour.net.

si je veux également gérer unanunjour.com ou un autre domaine c'est la même chose ?

merci !!

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

pour b/ problème d'authentification ?

Postfix main.cf

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

et dovecot conf.d/10-master.conf

# Postfix smtp-auth
  unix_listener /var/spool/postfix/private/auth {
    mode = 0666
    # Assuming the default Postfix user and group
    user = postfix
    group = postfix       
  }

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

bonjour,

déjà et avant toute chose, peux tu faire cette commande en remplaçant par ton utilisateur

echo "test d envoi" | mail -s test ton_utilisateur@localhost

et donner de suite  tail -f /var/log/mail.log

ensuite si postfix est ok, tester ton imaps 

openssl s_client -connect localhost:imap -crlf -starttls imap 

a login ton_utilisateur  [mot de passe]
b select inbox

Dernière modification par Compte anonymisé (Le 23/05/2016, à 20:06)

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

log suite à tail -f /var/log/mail.log

May 23 20:37:53 mail-91643 postfix/pickup[101325]: 587117007F9: uid=0 from=<root>
May 23 20:37:53 mail-91643 postfix/cleanup[101627]: 587117007F9: message-id=<20160523183753.587117007F9@mail-91643.unanunjour.net>
May 23 20:37:53 mail-91643 postfix/qmgr[108580]: 587117007F9: from=<root@unanunjour.tld>, size=321, nrcpt=1 (queue active)
May 23 20:37:53 mail-91643 postfix/local[101629]: 587117007F9: to=<root@localhost>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
May 23 20:37:53 mail-91643 postfix/qmgr[108580]: 587117007F9: removed

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

log suite à tail -f /var/log/mail.log

May 23 20:37:53 mail-91643 postfix/pickup[101325]: 587117007F9: uid=0 from=<root>
May 23 20:37:53 mail-91643 postfix/cleanup[101627]: 587117007F9: message-id=<20160523183753.587117007F9@mail-91643.unanunjour.net>
May 23 20:37:53 mail-91643 postfix/qmgr[108580]: 587117007F9: from=<root@unanunjour.tld>, size=321, nrcpt=1 (queue active)
May 23 20:37:53 mail-91643 postfix/local[101629]: 587117007F9: to=<root@localhost>, relay=local, delay=0, delays=0/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
May 23 20:37:53 mail-91643 postfix/qmgr[108580]: 587117007F9: removed

d'accord postfix est ok, maintenant test ton imaps aussi, après tu verra l'authentification du sasl

openssl s_client -connect localhost:imap -crlf -starttls imap 

a login ton_utilisateur  [mot de passe]
b select inbox

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

retour suite à openssl s_client -connect localhost:imap -crlf -starttls imap 

CONNECTED(00000003)
depth=0 C = FR, ST = France, L = Montpelier, O = unanunjour, OU = IMAP server, CN = imap.unanunjour.net, emailAddress = postmaster@unanunjour.net
verify error:num=18:self signed certificate
verify return:1
depth=0 C = FR, ST = France, L = Montpelier, O = unanunjour, OU = IMAP server, CN = imap.unanunjour.net, emailAddress = postmaster@unanunjour.net
verify return:1
---
Certificate chain
 0 s:/C=FR/ST=France/L=Montpelier/O=unanunjour/OU=IMAP server/CN=imap.unanunjour.net/emailAddress=postmaster@unanunjour.net
   i:/C=FR/ST=France/L=Montpelier/O=unanunjour/OU=IMAP server/CN=imap.unanunjour.net/emailAddress=postmaster@unanunjour.net
---
Server certificate
-----BEGIN CERTIFICATE-----
########################
-----END CERTIFICATE-----
subject=/C=FR/ST=France/L=Montpelier/O=unanunjour/OU=IMAP server/CN=imap.unanunjour.net/emailAddress=postmaster@unanunjour.net
issuer=/C=FR/ST=France/L=Montpelier/O=unanunjour/OU=IMAP server/CN=imap.unanunjour.net/emailAddress=postmaster@unanunjour.net
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1581 bytes and written 457 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: A4BE956445BA1DA76B2333C54576E15B479EB99C8CC611B546CB4B52BE447AAD
    Session-ID-ctx: 
    Master-Key: EB18FCF3496080E925A863290E5B000000000000000000BF07600BA94F0B079267600000000000000000000000000
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - ec 74 3e 9f 40 6d 11 7e-c3 58 f3 d4 0c f9 16 ad   .t>.@m.~.X......
    0010 - 5f 69 48 db c5 27 4a e0-fe bf 68 78 36 06 da ab   _iH..'J...hx6...
    0020 - 89 4a b9 1b 01 ce d3 a5-d4 1e 78 97 88 c1 bf a8   .J........x.....
    0030 - 88 4b a4 3d 80 55 fa 14-64 e7 e7 65 c4 c0 74 0c   .K.=.U..d..e..t.
    0040 - a9 d8 a7 6e df 0f 18 ba-18 07 70 9e 0f 88 84 59   ...n......p....Y
    0050 - 9d 90 39 f8 54 45 74 4b-e8 a0 59 f7 29 2e 3e 0d   ..9.TEtK..Y.).>.
    0060 - 5e a6 9b 80 b7 77 b8 14-cd 99 79 cd 5b c0 5b ab   ^....w....y.[.[.
    0070 - 3c da d8 e0 ba be 98 72-79 7f 1d f3 5b 01 ac c5   <......ry...[...
    0080 - 5c ac 6c 0e 87 ce 47 ad-a4 88 06 c9 f2 f9 a7 5a   \.l...G........Z
    0090 - 80 93 2a ef 9f 13 83 86-4d 3b 38 fd c8 2a 4b b0   ..*.....M;8..*K.

    Start Time: 1464029079
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
. OK Pre-login capabilities listed, post-login capabilities have more.

ensuite retour après a login root password

a BAD Invalid characters in atom

puis se déconnecte

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

si c'est    a login utilisateur    validation puis mot de passe j'ai en retour

BAD Error in IMAP command received by server.

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

si c'est    a login utilisateur    validation puis mot de passe j'ai en retour

BAD Error in IMAP command received by server.

tu dois mettre à la suite en une seule commande tu as essayé ainsi ?  (avec telnet aussi)
a login utilisateur "ton mot de passe"

refais le test imap et tail -f /var/log/dovecot.log

Dernière modification par Compte anonymisé (Le 23/05/2016, à 21:32)

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

retour telnet localhost imap2

Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

retour telnet localhost imap2

Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

d'accord là c'est bon, mais je voudrais que tu fasses ensuite

a login utilisateur motdepasse
b select inbox

et regardes ensuite dans  /var/log/dovecot.log

edit: comme c'est chiffré telnet ne passera pas (ou faut faire la conversion) il faut faire alors le login avec la commande openssl

Dernière modification par Compte anonymisé (Le 23/05/2016, à 22:02)

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

j'ai finalement tilisé un autre user après avoir modifié le mot de passe pour qu'il réponde au PLAIN tel que décrit dovecot.org/VirtualUsers

retour commande a login user pass

* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SPECIAL-USE
a OK Logged in

retour b select inbox

* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 1 EXISTS
* 1 RECENT
* OK [UNSEEN 1] First unseen.
* OK [UIDVALIDITY 1464065605] UIDs valid
* OK [UIDNEXT 2] Predicted next UID
* OK [HIGHESTMODSEQ 1] Highest
b OK [READ-WRITE] Select completed (0.000 + 0.000 secs).

et retour de tail -f /var/log/dovecot.log

May 24 06:14:56 pop3-login: Info: Disconnected (auth failed, 1 attempts in 5 secs): user=<admin@unanunjour.net>, method=PLAIN, rip=219.138.222.226, lip=212.129.34.221, session=<opRnzI4zeujbit7i>
May 24 06:15:10 pop3-login: Info: Disconnected (auth failed, 1 attempts in 9 secs): user=<admin@unanunjour.net>, method=PLAIN, rip=219.138.222.226, lip=212.129.34.221, session=<JxcJzY4zmo3bit7i>
May 24 06:15:25 pop3-login: Info: Disconnected (auth failed, 1 attempts in 14 secs): user=<admin@unanunjour.net>, method=PLAIN, rip=219.138.222.226, lip=212.129.34.221, session=<cdGjzY4zWa/bit7i>
May 24 06:15:47 pop3-login: Info: Disconnected (auth failed, 1 attempts in 20 secs): user=<test@unanunjour.net>, method=PLAIN, rip=219.138.222.226, lip=212.129.34.221, session=<07+Tzo4z+NTbit7i>
May 24 06:52:52 imap-login: Info: Login: user=<vincent>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=121281, TLS, session=<iD5kVI8zENN/AAAB>
May 24 06:55:42 imap(vincent): Info: Connection closed in=46 out=76]

Dernière modification par vincent-avct (Le 24/05/2016, à 07:02)

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

postfix et imaps sont ok, alors maintenant je te conseille  d'utiliser dovecot pour l'authentification sasl puisqu'il est déjà installé.

https://feub.net/2011/08/postfix-sasl-avec-dovecot/

après ces tests locaux il faudra ensuite vérifier que ton nom de domaine pointe bien sur l'ip de ton serveur
et je te conseille déjà thunderbird avant de re-plancher sur roundcube.

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

merci encore localhost
j'ai suivi ton conseil et configuré l'authentification sasl
les reload se sont bien passés
quand au test telnet avec la commande

telnet mail-91643.unanunjour.net 25

retour

Trying 212.129.34.221...
Connected to mail-91643.unanunjour.net.
Escape character is '^]'.
Connection closed by foreign host.

et voici les logs syslog

May 24 09:19:32 mail-91643 kernel: [638234.727820] Firewall: *UDP6IN Blocked* IN=ens160 OUT= MAC=33:33:00:00:00:01:0c:c4:7a:57:5a:fa:86:dd SRC=fe80:0000:0000:0000:0ec4:7aff:fe57:5afa DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=170 TC=0 HOPLIMIT=1 FLOWLBL=0 PROTO=UDP SPT=5678 DPT=5678 LEN=130 
May 24 09:19:56 mail-91643 systemd[1]: Started Session 642 of user root.
May 24 09:19:59 mail-91643 postfix/pickup[123484]: 4E1707006C8: uid=0 from=<root>
May 24 09:19:59 mail-91643 postfix/cleanup[123606]: 4E1707006C8: message-id=<20160524071959.4E1707006C8@mail-91643.unanunjour.net>
May 24 09:19:59 mail-91643 postfix/qmgr[123483]: 4E1707006C8: from=<root@unanunjour.tld>, size=580, nrcpt=1 (queue active)
May 24 09:19:59 mail-91643 postfix/local[123608]: 4E1707006C8: to=<root@unanunjour.tld>, orig_to=<root>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
May 24 09:19:59 mail-91643 postfix/qmgr[123483]: 4E1707006C8: removed
May 24 09:20:17 mail-91643 postfix/anvil[123520]: statistics: max connection rate 1/60s for (smtp:212.129.34.221) at May 24 09:18:36
May 24 09:20:17 mail-91643 postfix/anvil[123520]: statistics: max connection count 1 for (smtp:212.129.34.221) at May 24 09:18:36
May 24 09:20:17 mail-91643 postfix/anvil[123520]: statistics: max cache size 1 at May 24 09:18:36
May 24 09:20:23 mail-91643 kernel: [638285.565072] Firewall: *TCP_IN Blocked* IN=ens160 OUT= MAC=00:50:56:00:dd:88:00:c8:8b:e2:6c:45:08:00 SRC=77.53.61.175 DST=212.129.34.221 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=9524 DF PROTO=TCP SPT=46117 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 
May 24 09:20:26 mail-91643 kernel: [638288.564383] Firewall: *TCP_IN Blocked* IN=ens160 OUT= MAC=00:50:56:00:dd:88:00:c8:8b:e2:6c:45:08:00 SRC=77.53.61.175 DST=212.129.34.221 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=9525 DF PROTO=TCP SPT=46117 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0 

j'utilise csf et csf.allow pour n'autoriser l'accès qu'à quelques ips, cela peut-il être lié ?

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

configuration zone dns actuelle

imap 10800 IN CNAME access.mail.gandi.net.
pop 10800 IN CNAME access.mail.gandi.net.
smtp 10800 IN CNAME relay.mail.gandi.net.
webmail 10800 IN CNAME webmail.gandi.net.
@ 10800 IN MX 50 fb.mail.gandi.net.
@ 10800 IN MX 10 spool.mail.gandi.net.

dois-je modifier

@ 10800 IN MX 50 212.129.34.221
@ 10800 IN MX 10 212.129.34.221

Compte anonymisé

Re : [RÉSOLU] serveur de mail ubuntu 16.04

tu désactive tous les blocages ip,  c'est seulement lorsque tout est opérationnel qu'on peut établir des règles.

il faudra aussi s'assurer que le port 25 n'est pas bloqué chez ton prestataire qui attribue ton nom de domaine,

vincent-avct

Re : [RÉSOLU] serveur de mail ubuntu 16.04

après avoir désactivé les blocages ip et vérifié que le port 25 n'est pas bloqué par gandi

pop/imap
Port : Laissez par défaut (110 pour POP, 143 pour IMAP, 995 pour POP SSL, ou 993 pour IMAP SSL).
Sécurité TLS ou SSL : oui (conseillé).

smtp
Port : 25 par défaut, 587 (STARTTLS) si votre FAI filtre le port 25 (Free, Orange…), ou 465 si vous utilisez SSL. Dans tous les cas, vous pouvez essayer les trois et vous arrêter sur celui qui fonctionne.
Sécurité TLS ou SSL : oui (conseillé). Si les différents ports ne fonctionnent pas, réessayez avec le port 25 (Sans chiffrement) et 587 (STARTTLS).

retour cmd telnet mail-91643.unanunjour.net 25

Trying 212.129.34.221...
Connected to mail-91643.unanunjour.net.
Escape character is '^]'.
Connection closed by foreign host.

log syslog

May 24 09:55:43 mail-91643 postfix/smtpd[124434]: connect from mail-91643.unanunjour.net[212.129.34.221]
May 24 09:55:43 mail-91643 postfix/smtpd[124434]: fatal: unknown xsasl_dovecot_server_create value "noanonymou" in "noanonymou"
May 24 09:55:44 mail-91643 postfix/master[108561]: warning: process /usr/lib/postfix/sbin/smtpd pid 124434 exit status 1
May 24 09:55:44 mail-91643 postfix/master[108561]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling