Plesk 12.x / Linux :: Dovecot And Postfix - SASL Auth And TLS?
Sep 15, 2014
Ubuntu 14.04 with Plesk 12 (10 Domain License).Using this for mail only... multiple domains.Postfix and Dovecot installed. Trying to figure out how to do:
- SASL Auth (Dovecot)
- TLS
- want above two to be mandatory... no plain text auth and no unencrypted connections.
How do I achieve this with Plesk 12?I have found countless how-to's about doing this with Vanilla (non Plesk) installs with the same server software. However, Postfix main.cf and master.cf both appear to have specific Plesk modificatuons. Same thing for the related Dovecot conf files... also have Plesk specific modifications.
I see no way to enable the desired settings from the Plesk Panel. Can't achieve this within the Panel but also can't modify the conf files without potentially breaking some Plesk-specific functionality? My original hope in purchasing the Plesk license was to make administration of the mail server easier. Unfortunately, I'm struggling to do this now and may have already had this figured out had I not bothered with the Panel.
I've just setup CentOS 6.6 with Plesk at my Hoster OVH. Now when I want to connect to the smtp server I get following message:
Code: SASL LOGIN authentication failed: encryption needed to use mechanism SASL auth is enabled in the main.cf also submission. I connect to tls://smtp.example.com:587 with my email and password.
I have a new Plesk 11.0.9. #34 server with Centos 6.3 64bit.
I made a few changes in order to be PCI Compliant.
I created a domain and try to send email with no luck.
----------Maillog------------ Jan 24 16:01:28 server7 pop3d-ssl: Connection, ip=[::ffff:X.X.X.X] Jan 24 16:01:34 server7 pop3d-ssl: IMAP connect from @ [::ffff:X.X.X.X]ERR: LOGIN FAILED, ip=[::ffff:X.X.X.X] Jan 24 16:01:34 server7 pop3d-ssl: Unexpected SSL connection shutdown. Jan 24 16:01:48 server7 pop3d-ssl: Connection, ip=[::ffff:X.X.X.X]
[Code] ....
As you can see from the logs, the pop/imap connection is successful. I login to webmail with the username/password successfully. I can't send from Outlook/thunderbird etc.
Tried to rebuild emails with /usr/local/psa/admin/sbin/mchk --with-spam but no luck.
on a fresh debian 7 64bit openvz system we actually have a problem with the new plesk 12 feature of limiting outgoing mails.We migrated about 25 systems to plesk, this is the first that makes problems.If limiting outgoing mails is activated (i double-checked all possible checkboxes in plesk) a fresh mailbox gives us the following error while trying to send via smtp:
Aug 15 13:09:32 2d4 postfix/smtpd[8645]: connect from unknown[XX.XX.XX.XX] Aug 15 13:09:32 2d4 postfix/smtpd[8645]: E9AF61C58851: client=unknown[XX.XX.XX.XX], sasl_method=PLAIN, sasl_username=XX@XXX.XX Aug 15 13:09:32 2d4 greylisting filter[8651]: Starting greylisting filter... Aug 15 13:09:32 2d4 /usr/lib/plesk-9.0/psa-pc-remote[8611]: handlers_stderr: SKIP
[code]....
After deactivating the feature all mail is sent without any problems. We use postfix + dovecot.
I recently moved to virtual dedicated hosting for my website, mainly because I wanted a better mail server to work with to manage a mailing list.
I have a few PHP software scripts for different things: managing affiliates and email marketing.
I want to send mail using both of those via SMTP on my new server. They both have a place to type in the host and username/password.
The problem I am noticing is SASL Authentication. They attempt to connect to the host without any trouble. However, the affiliate software fails SASL Authentication every time I try to send an email or test the email system.
Email marketing software connects when I manually send a campaign. However, users are supposed to immediately receive a confirmation mail upon opting in. In this case, it shows up as an attempt in the mail log, but it fails SASL Authentication. I don't know if it's a problem with the software or not, since it attempts to connect but fails, yet connects successfully in other cases.
My question is this: Is there another way around this? I've contacted my host to double check on the appropriate username/password to pass authentication. I will also be contacting the software developers after I receive an answer.
But if nothing comes of it, is there any way around it? Is there a place where I can have it automatically authenticate if the email is coming from a certain user, or if the attempt is being made from the same server (everything sits on the same server, I use localhost in the software to connect to the mail server). Since I am the only person who has access to the server and uses it, it seems safe to automatically authenticate if the request is being asked by the server itself...
I'm just looking for other alternatives if the software does indeed have a problem and I cannot figure it out.
Keep in mind I am very new to all this server and root access. Just a few days ago I was on a shared hosting plan, so I didn't have any access to anything. With that in mind, I know very little about mail servers, although I've been learning more over the past few days. I only stumbled upon the mail logs on my server recently by browsing files in the control panel (I'm not familiar with SSH, although I do have access to it)
I'm getting the following attempts every few minutes, I'd to put a stop to it with Fail2Ban but so far I've been unsuccessful. I get no IP bans in the Fail2Ban panel in Plesk 12.
My issue started ince a couple of months seemed to increase with update to Plesk 12.0 (though I can't guarantee it).I am using Centos 6.5, all updated. What happens is that postfix usage starts to increase without any apparent reason (during week-ends for example). Then postfix is not responding anymore.
I've been trying to set up Postfix to send email for the past few days. I've managed to get it to ask for a username and password, in order to try and send mail to an external domain
I can receive email fine on the server, but I can't send email out
Postfix in the /etc/postfix/main.cf I added the following configuration parameter recipient_delimiter = + Managed a sieve script in webmail which contains the following: 1: # Sieve Filter 2: # Erzeugt von Ingo (http://www.horde.org/apps/ingo/) (03.02.2015, 02:53:39) 3: require "fileinto"; 4: # Plustest 5: if address :all :comparator "i;ascii-casemap" :contains "To" "+plustest" { 6: fileinto "INBOX.plustest"; 7: stop; 8: }
I created a folder in my INBOX with the name plustest, now I sent me an email from an outside freemail-account to see if it works. In the logfile /var/log/maillog I can see the following entry:
Feb 3 15:06:25 mail postfix-local[18290]: cannot chdir to mailname dir <name>+plustest: No such file or directory Feb 3 15:06:25 mail postfix-local[18290]: Unknown user: <name>+plustest@<dom.tld> Feb 3 15:06:25 mail postfix/pipe[17708]: 0ECAF4C1B3: to=<name+plustest@dom.tld>, orig_to=<aliasname+plustest@dom.tld>, relay=plesk_virtual, delay=0.61, delays=0.52/0/0/0.09, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
I changed my real name to <name> and my domainname to <dom.tld> in this post.
I just upgraded from Plesk 11.x to 12.0.18 and was eager to try the new sieve functions. I used the normal Plesk Updates/Upgrades tool to change the imap server from Courier to Dovecot. However, Dovecot will not start. It gives an error about /etc/dovecot/private/ssl-cert-and-key.pem missing.
i use Plesk on a vserver which was offering it in version 11.x, i upgraded to 12.0.18, then i installed Dovecote on the panel. Everything went fine. Mail server is working.BUT sieve does not allow me to login and create filters.I tried telnet against 4190, and it works:
Connected to mail.xxxxxxxx.xxx. Escape character is '^]'. "IMPLEMENTATION" "Dovecot Pigeonhole" "SIEVE" "fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave imapflags notify" "NOTIFY" "mailto" "SASL" "PLAIN LOGIN DIGEST-MD5 CRAM-MD5" "STARTTLS" "VERSION" "1.0" OK "Dovecot ready."
But when i use my sieve plugin for thunderbird OR access plesk's webmailclient Roundcube opening the filter module, it doesnt work. On Thunderbird i see the loading animation, thats it. On Roundcube it says "Unable to connect to sieve server".
Looks like something is missing. I can definitely access 4190 on my server from anywhere. So no firewall issue. I didnt change anything on configs, since plesk is handling it.Roundcube log doesnt give me anything. I dont even see logs added (to syslog or mail.*) while i try to connect.
if i create a new mailaccount in the power-user panel and i dont log in into the webmailer, so the "subscription" file is not created.
that means there is no way to sent emails with the new created account with external mail clients (Thunderbird), because there is no "sent" or "drafts" folder.
the problem disappears, if i log into the webmailer after creating a new mailaccount.
is there any other way to fix this bug? i want plesk 12 to create the "standard" folders (Trash, Drafts, Sent, Spam) automatically.
Every time i use Dovecot secure IMAP server with Sieve support.I can not receive emails note. Upgraded from 11.5 to 12
Jun 18 08:03:36 CO6302 postfix/qmgr[1523]: 284FAA0E86: from=<my@gmail.com>, size=1943, nrcpt=1 (queue active) Jun 18 08:03:36 CO6302 postfix-local[2036]: postfix-local: from=my@gmail.com, to=the@domain.com, dirname=/var/qmail/mailnames Jun 18 08:03:36 CO6302 postfix/pipe[2035]: 284FAA0E86: to=<the@domain.com>, relay=plesk_virtual, delay=336, delays=335/0.01/0/0.19, dsn=4.3.0, status=deferred (temporary failure. Command output: lda: Error: user the@domain.com: Error reading configuration: Invalid settings: postmaster_address setting not given lda: Fatal: Internal error occurred. Refer to server log for more information. 4.2.1 Message can not be delivered at this time )
I know I'm probably doing something wrong, but I cannot get Android KitKat phones to authenticate via IMAP to my Plesk 12 server (straight out of the box). Not sure if it is an issue with standard dovecot config or Android, but the only way I can get them to connect is via pop3.
I have set up a vacation filter in Horde, but only in once in a while it really returns a vacation message, depending on who is sending an email. In most cases,the message arrives without triggering a response.The messagelog shows two scenarios, one for an successful vacation response and one for emails that fail to trigger a response.Sucessful event:
Oct 9 10:48:24 server dovecot: service=lda, user=xyz@mydomain.com, ip=[]. sieve: msgid=<408-EAS2941777BF41EEBE6640B691D3A00@axy.gbl>: sent vacation response to <guntherk@hotmail.com> and then Oct 9 10:48:24 server qmail: 1412844504.308454 starting delivery 21782: msg 33566019 to remote abc@externaldomain.com then the message is stored into the users inbox.
Unsuccessful event: Oct 9 10:55:39 server dovecot: service=lda, user=xyz@mydomain.com, ip=[]. sieve: msgid=<trinity-90b5e87d-183b-49b8-8e3e-d2f98b96df3e-1412844932925@uvw-com>: discarded vacation reply to <> then the message is stored into the users inbox.
The actual version of Plesk (v12.0.18) on Centos 6.5 with Dovecot & Qmail is beeing used.
I have had Roundcube installed and I went and changed the mail server from Courier to Dovecot. Is the installation of Dovecot supposed to make the 'Filters' tab appear in RoundCube or is there more that is supposed to be done?I tried reinstalling Dovecot & Roundcube and the settings still do not appear.
I use for my client the webmail Roundcube.. How to I set for Auto Deleting The Mails From Trash Folder and Junk with mail server Dovecot after 30 days?
I would like each of my clients who have a dedicated IP address and an SSL certificate to be able to use their own domain name (and own certificate) when sending mail on ports 465 or 587. I have managed to change the default certificate used by Postfix to my own server's certificate, but I want users to use their OWN IP address and SSL certificate when sending, so this is not an option.
I have been able to update Dovecot to use a specific certificate for each IP address, but I can't seem to update Postfix. I was trying to follow these instructions but my postfix master.cf was quite different than the poster's file and I didn't succeed: [URL] ....
I know many people will simply say "it can't be done" or "just get the users to use the shared IP address", but I know there must be some workaround to make this work, even if it means manually updating the config file after every Plesk update. I'm even prepared (if possible) to have Plesk abandon management of Postfix and have me manage it manually, if that's even an option.
Each migration in the last years I'm running into this bug that Postfix wants to run on port 587 even though this is turned OFF in the Plesk Panel.
Sometimes it does this after some update.
Because another process is running on port 587 this means that postfix does not start and I have some downtime until I "repair" this.
"Repairing" means going into Plesk panel and turning ON SMTP-Auth.... Wait a moment for it to apply and then turning it OFF again....
This unwanted behaviour can be easily reproduced by having this option turned off in the Plesk panel and then running /usr/local/psa/admin/sbin/mchk --without-spam
This will end up in a non-running postfix if another process is already running on port 587.
This shouldn't be happening. Especially because I reported this behaviour years ago..
There are several big domains that frequently defer accepting mail from us causing long delays or rejections. Google, AOL, and Yahoo are examples. I'm considering trying the suggestions found in this online posting regarding rate limiting the sending of messages to those domains. In the below URL, please see the section titled "Different policies for different domains"...URL....
Would these changes be safe to make on a CentOS 6.4 server running Plesk 11.0.9 with Postfix 2.8.4? Would any special modifications for Plesk be necessary?
At this moment, all mail (no matter what domain) goes out straight to its destination. We want to send the mail trough a antispam firewall before it enters the internet.
I am unable to switch from qmail to postfix via the control panel. It opens a new window that just hangs and never loads. While waiting for it to load, I see these 2 processes running..
But after waiting 20 minutes, the browser never loaded and the two proceses remain. So I killed both processes and removed /tmp/psa-installer.lock and started again. The same thing happened.
Is there a way to fix this? If not, is there an easy way to switch MTAs from the command line?
I just upgraded my Plesk 11.5 on Plesk version: 12.0.18 Update #9 , and after the upgrade the Postfix stop working. And forwarding, receiving is not working at all and I am getting message bellow.
after reinstalling the mta / postfix / smtp (because I couldn't send mails) my plesk is crashed.
I wanted to log in as admin but it doesn't accept my PW. Now with root and then it wants me to accept the license.
Now I copy all my /var/www/vhosts/ maybe when I do the setup steps in plesk it will overwrite all my website content... I hope not all plesk settings are away.
Why I pay every month money for a license? The trouble and work I have with Plesk..
