email

Error: posftix: warning: SASL authentication failure: No worthy mechs found

Posted on Updated on

After configuring postfix relay server I found their was some issue with gmail server authentication, it will bounce the emails

Error : 
 postfix/smtp[25857]: 59BF721177: SASL authentication failed; cannot authenticate to server smtp.gmail.com[74.125.25.108]: no mechanism available
 postfix/smtp[25861]: warning: SASL authentication failure: No worthy mechs found

Their must be two solid reasons behind this
1, SASL package is missing for plain module

yum install cyrus-sasl{,-plain}

2, Allow plaintext (which is fine when using STARTTLS): make the connection enrypted

smtp_sasl_security_options = noanonymous

Make Sure you enabled all the below options :

smtp_sasl_auth_enable = yes
smtp_use_tls = yes
smtp_tls_loglevel = 1
smtp_tls_security_level = encrypt
smtp_sasl_mechanism_filter = login

 

Advertisements

HowTo: Authenticated email relay server with Postfix

Posted on Updated on

Setup Postfix as a email relay server which will authenticate with public email server for sending emails. If you want to use a Gmail as a Free SMTP server us, use this as in any of the redhat or ubuntu servers
For Ubuntu

apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules

Replace the ceritficate file in the configuration

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

If you do not have postfix installed before, postfix configuration wizard will ask you some questions. Just select your server as Internet Site and for FQDN use something like mail.example.com , For Centos

yum install postfix email mailx cyrus-sasl cyrus-sasl-lib cyrus-sasl-plain
[root@server ~]# vi /etc/postfix/main.cf
biff = no
append_dot_mydomain = no
readme_directory = no
myhostname = smtpout.innovautelabs.intra
mydomain = innovaturelabs.intra
myorigin = $mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = localhost.localdomain, , localhost
mynetworks = 192.168.1.0/24, 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl-passwords
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.trust.crt 
smtp_use_tls = yes
smtp_tls_loglevel = 1
smtp_tls_security_level = encrypt
smtp_sasl_mechanism_filter = login

Now create a password file which should have a valid email and password; onece hashed the password file postfix can read the data in it after that, you can delete the plaintext passwd file. Alternately, if you’d feel better keeping the file around for whatever reason, you can run chmod 600 passwd and make it only readable by its owner, which should be root

vi /etc/postfix/sasl-passwords
[smtp.gmail.com]:587 username@gmail.com:password
chmod 600 /etc/postfix/sasl-passwords
postmap /etc/postfix/sasl-passwords

Finally, reload postfix config for changes to take effect:

service postfix restart

Howto: Renewing Exim SSL certificate

Posted on Updated on

Exim

Renewing exim SSL certificate without using Cpanel or exim scripts,first we have to create the certificate and replace the file with suitable permissions,  follow the below steps to do.

1, Creating Self signed certificate files using Openssl.

root@server09 [~]# openssl req -x509 -newkey rsa:1024 -keyout /root/server.key -out /root/server.crt -days 365 -nodes
Generating a 1024 bit RSA private key
......................++++++
.............................................++++++
writing new private key to '/root/server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:Karnataka
Locality Name (eg, city) [Newbury]:Banglore
Organization Name (eg, company) [My Company Ltd]:Private Ltd
Organizational Unit Name (eg, section) []:JWH
Common Name (eg, your name or your server's hostname) []:server.domain.com
Email Address []:

2, Verify the existing location and filename and replace the files

root@server09 [~]# ll /etc/exim.key /etc/exim.crt
lrwxrwxrwx 1 root root 31 2月 26 2010 /etc/exim.crt -> /var/cpanel/ssl/exim/myexim.crt
lrwxrwxrwx 1 root root 31 2月 26 2010 /etc/exim.key -> /var/cpanel/ssl/exim/myexim.key
mv /var/cpanel/ssl/exim/myexim.crt /var/cpanel/ssl/exim/myexim.crt_30_5_2013
mv /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.key_30_5_2013
mv /root/server.key /var/cpanel/ssl/exim/myexim.key
mv /root/server.crt /var/cpanel/ssl/exim/myexim.crt
chmod 660 /etc/exim.key /etc/exim.crt /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.crt
chown mailnull.mail /etc/exim.key /etc/exim.crt /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.crt

3, Restart exim

root@server09 [~]# service exim restart

Error: exim logged Undefined subroutine &main::user2uid called. LOG: MAIN

Posted on Updated on

EximMy email server was not delivering any of the email from the domains hosted on my Cpanel server, I was  checked the exim log, it shows some ACL (Access Control List)rules from the exim configuration. This will and also I tried to send email manually but the same error will logged. After googling for a minute I found the solution for this.

It is because for exim  unable to read configuration characters. simple solution to fix this just  rebuild configuration onceagain and copy exim.pl to /etc, now everythings looks fine

Exim error :
LOG: MAIN
cwd=/root 4 args: /usr/sbin/exim -i -v testemail@gmail.com
LOG: MAIN REJECT
F=<root@darkmatter.dnsprotect.com> rejected by non-SMTP ACL: failed to expand ACL string "${if eq{$originator_uid}{${perl{user2uid}{nobody}}}{1}{0}}": Undefined subroutine &main::user2uid called. LOG: MAIN
cwd=/var/spool/exim 8 args: /usr/sbin/exim -v -t -oem -oi -f <> -E1UY3r2-000

Rebuilding exim configuration:

root@server-web [~]# /scripts/buildeximconf
Configuration file passes test! New configuration file was installed.
/etc/exim.pl.local.build syntax OK
Enabled system filter options: attachments|spam_rewrite
..........
...
........
/etc/exim.pl.local installed!
razor2 is not installed, disabling it in SpamAssassin to save memory
pyzor is not installed, disabling it in SpamAssassin to save memory
SPF is disabled in exim or unavailable, enabling SPF for SpamAssassin
Refreshing SMTP Mail protection.

Some it is necessary to copy the exim.pl to /etc, because the script will remove the file while rebuilding. check the file availability before executing this step.

root@server-web [~]# cp -rpf /etc/exim.pl.local /etc/exim.pl

Verify  before restarting exim,

root@server-web [~]# mail -s "Testemail please ignore" "testemail@gmail.com" -- -f "testemail@example.com"
Test email please ignore
.
Cc:

Hope this will help you.

Error: Roundcube file db.inc.php and main.inc.php not found

Posted on

In my cpanel server I was try tying to asscess email over Hord but I am getting error file db.inc.php and main.inc.php not found. I found some fixes to make it work again. It is because of file permission  issue. I followed the below steps.

Login to server over ssh make sure that you are in root privileged user.

root@server [/usr/local/cpanel/base/3rdparty/roundcube/config]# ll
total 7
drwxr-xr-x 2 root wheel 4096 Apr 9 23:18 ./
drwxrwxr-x 11 root wheel 4096 Sep 16 2009 ../
-rw-r—– 1 cpanelroundcube cpanelroundcube 2347 Apr 9 23:18 db.inc.php
-rw-r–r– 1 root wheel 2304 Apr 9 23:18 db.inc.php.dist
-rw-r–r– 1 root wheel 31 Sep 25 2005 .htaccess
-rw-r—– 1 cpanelroundcube cpanelroundcube 18898 Apr 9 23:18 main.inc.php
-rw-r–r– 1 root wheel 18912 Apr 9 23:18 main.inc.php.dist
-rw-r–r– 1 root wheel 2392 Aug 7 2009 mimetypes.php

If file are present and you still see the error, then check file permission and ownership. Permission on db.inc.php and main.inc.php should be 640 and ownership should be cpanelroundcube.cpanelroundcube as mentioed above.

If you still face problem, Then try upgrading roundcube.

root@Server[~]#/usr/local/cpanel/bin/update-roundcube –force

Now everything works fine.

 

Error: Horde unable to login after the first installation

Posted on

If you are not able to login Horde and you are getting an Error that “Your Internet Address has changed since the beginning of your Mail session. To protect your security, you must login again.” follow the below steps to fix this error:-

1) First login to Horde and then turn off the ‘checkip’ feature.

2) Through root SSH login to Plesk control panel and edit the /usr/share/psa-horde/config/conf.php file in your text editor. Also Change the below lines:

$conf['auth']['checkip'] = true;

to

$conf['auth']['checkip'] = false;