Author Topic: SMTP OK; SMTPS Fail - reject: RCPT from localhost  (Read 6437 times)

Offline an0n

  • Newbie
  • *
  • Posts: 1
SMTP OK; SMTPS Fail - reject: RCPT from localhost
« on: February 05, 2015, 05:22:41 PM »
Ubuntu 10.04.4 LTS - packages:
mysql-server
mysql-client
libapache2-mod-php5 (PHP 5.3.2)
php5-mysql
php5-imap
dbconfig-common
wwwconfig-common
phpmyadmin
postfix (2.7.0)
postfix-mysql
dovecot-imapd
roundcube (0.3.1-3)
[Alternative test (no dpkg): roundcubemail-1.0.5.tar.gz]

Hello there  :)

Following a (german) -postfix,dovecot,mysql,roundube-guide I managed to setup a IMAPS/SMTPS mail delivery system.
Thunderbird*1 can send SMTPS+SMTP mail via postfix.
Roundcube only works with SMTP*2 ->SMTPS fails*3*4.

Same error in 0.3.1 and  1.0.5  ;D
Do guys have any clue what i am doing wrong?

Good night,
an0n

*1 SMTPS via postfix/Thunderbird - /var/log/mail.info - OK
Code: [Select]
01 Feb  5 19:16:33 lvps5-35-240-221 postfix/smtpd[11856]: connect from 123456789.dip0.t-ipconnect.de[93.XXX.XXX.XXX]
02 Feb  5 19:16:33 lvps5-35-240-221 postfix/smtpd[11856]: setting up TLS connection from 123456789.dip0.t-ipconnect.de[93.XXX.XXX.XXX]
03 Feb  5 19:16:33 lvps5-35-240-221 postfix/smtpd[11856]: Anonymous TLS connection established from 123456789.dip0.t-ipconnect.de[93.XXX.XXX.XXX]: TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)
04 Feb  5 19:16:34 lvps5-35-240-221 postfix/smtpd[11856]: 1B5901B2505B9: client=123456789.dip0.t-ipconnect.de[93.XXX.XXX.XXX], sasl_method=PLAIN, sasl_username=me@mydomain.org
05 Feb  5 19:16:34 lvps5-35-240-221 postfix/cleanup[11841]: 1B5901B2505B9: message-id=<54D3B381.5000802@mydomain.org>
06 Feb  5 19:16:34 lvps5-35-240-221 postfix/qmgr[11777]: 1B5901B2505B9: from=<me@mydomain.org>, size=673, nrcpt=1 (queue active)
07 Feb  5 19:16:34 lvps5-35-240-221 postfix/smtpd[11856]: disconnect from 123456789.dip0.t-ipconnect.de[93.XXX.XXX.XXX]
08 Feb  5 19:16:34 lvps5-35-240-221 postfix/smtp[11844]: 1B5901B2505B9: to=<billgates@gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.67.26]:25, delay=0.78, 09 delays=0.37/0/0.11/0.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1423160194 wj9si7436761wjb.179 - gsmtp)
10 Feb  5 19:16:34 lvps5-35-240-221 postfix/qmgr[11777]: 1B5901B2505B9: removed

*2 SMTP via postfix/Roundcube - /var/log/mail.info - OK
Code: [Select]
Feb  5 23:02:40 lvps5-35-240-221 postfix/pickup[17662]: 468441B2505C1: uid=33 from=<postmaster@mydomain.org>
Feb  5 23:02:40 lvps5-35-240-221 postfix/cleanup[17852]: 468441B2505C1: message-id=<ae9c859ade140480eecefe536dae35e6@mydomain.org>
Feb  5 23:02:40 lvps5-35-240-221 postfix/qmgr[17427]: 468441B2505C1: from=<postmaster@mydomain.org>, size=534, nrcpt=1 (queue active)
Feb  5 23:02:40 lvps5-35-240-221 postfix/smtp[17856]: 468441B2505C1: to=<billgates@gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.78.27]:25, delay=0.61, delays=0.03/0.01/0.11/0.46, dsn=2.0.0, status=sent (250 2.0.0 OK 1423173760 k2si670067wja.117 - gsmtp)
Feb  5 23:02:40 lvps5-35-240-221 postfix/qmgr[17427]: 468441B2505C1: removed

*3 SMTPS via postfix/Roundcube - /var/log/mail.info - FAIL
Code: [Select]
01 Feb  5 22:29:37 lvps5-35-240-221 postfix/smtpd[17771]: connect from localhost.localdomain[127.0.0.1]
02 Feb  5 22:29:37 lvps5-35-240-221 postfix/smtpd[17771]: setting up TLS connection from localhost.localdomain[127.0.0.1]
03 Feb  5 22:29:37 lvps5-35-240-221 postfix/smtpd[17771]: Anonymous TLS connection established from localhost.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
04 Feb  5 22:29:37 lvps5-35-240-221 postfix/smtpd[17771]: [b]NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1][/b]: 554 5.7.1 <localhost.localdomain[127.0.0.1]>: Client host rejected: Access denied; from=<postmaster@mydomain.org> to=<billgates@gmail.com> proto=ESMTP helo=<mydomain.org>
05 Feb  5 22:29:37 lvps5-35-240-221 postfix/smtpd[17771]: disconnect from localhost.localdomain[127.0.0.1]

*4 /var/log/roundcubemail/errors - FAIL
Code: [Select]
[05-Feb-2015 22:49:44 +0100]: SMTP Error: SMTP error: Failed to add recipient 'billgates@gmail.com' in /var/www/roundcubemail/program/lib/Roundcube/rcube.php on line 1505 (POST /roundcubemail/?_task=mail&_unlock=loading1423172983743&_lang=en&_framed=1?_task=mail&_action=send)

*5 config.inc.php
Code: [Select]
<?php
/* Local configuration for Roundcube Webmail */
$config['db_dsnw'] = 'mysql://roundcube:oF%2B%2F6oCBdxmiBV3p@localhost/roundcubemail';
$config['default_host'] = 'localhost';
$config['smtp_server'] = 'ssl://%h';
$config['smtp_port'] = 465/// 587 -> var/log/roundcubemail/errors  connect socket: fsockopen(): unable to connect to ssl://localhost:587 (Unknown error)
$config['smtp_user'] = ''// POSTFIX: lost connection after UNKNOWN from localhost.localdomain[127.0.0.1]   Cause was %u
$config['smtp_pass'] = ''// POSTFIX: lost connection after UNKNOWN from localhost.localdomain[127.0.0.1]   Cause was %p
$config['support_url'] = '';
$config['log_dir'] = '/var/log/roundcubemail/';
$config['des_key'] = '******************';
$config['plugins'] = array();
$config['language'] = 'de_DE';
$config['spellcheck_engine'] = 'pspell';
?>


*6 /etc/postfix/main.cf
Code: [Select]
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no

smtpd_tls_cert_file=/etc/ssl/certs/mail.mydomain.org.pem
smtpd_tls_key_file=/etc/ssl/private/mail.mydomain.org.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

myhostname = ABCDEFGAHIJKLM.dedicated.MYHOSTER.de
mydomain = mydomain.org
myorigin = $mydomain
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname 
mydestination = localhost, ABCDEFGAHIJKLM.dedicated.MYHOSTER.de, 1.2.3.4
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

# Virtual mailbox settings
virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps =
    proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf,
    proxy:mysql:$config_directory/mysql_virtual_alias_domain_mailbox_maps.cf,
    proxy:mysql:$config_directory/mysql_virtual_alias_domain_catchall_maps.cf
virtual_alias_maps =
    proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf,
    proxy:mysql:$config_directory/mysql_virtual_alias_domain_maps.cf
virtual_mailbox_limit = proxy:mysql:$config_directory/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:8
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
 
# SASL Authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
 
# No open relay!
smtpd_recipient_restrictions =
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination
    permit

Offline alec

  • Hero Member
  • *****
  • Posts: 1,363
Re: SMTP OK; SMTPS Fail - reject: RCPT from localhost
« Reply #1 on: February 06, 2015, 04:07:54 AM »
$config['smtp_server'] = 'ssl://%h';
$config['smtp_port'] = 465; /// 587 -> var/log/roundcubemail/errors  connect socket: fsockopen(): unable to connect to ssl://localhost:587 (Unknown error)
For 587 you should probably try with tls:// prefix in smtp_server.
Quote
$config['smtp_user'] = ''; // POSTFIX: lost connection after UNKNOWN from localhost.localdomain[127.0.0.1]   Cause was %u
$config['smtp_pass'] = ''; // POSTFIX: lost connection after UNKNOWN from localhost.localdomain[127.0.0.1]   Cause was %p
So, it does not authenticate, but most likely SMTP server requires authentication. Enable smtp_debug in config to see what's going on.