# Qmail - > Keine smtp Verbindung möglich [solved]

## fidel

Ich bin nun schon einige Male nach der Anleitung http://www.gentoo.de/doc/de/qmail-howto.xml verfahren, um mit qmail einen Mailserver aufzusetzen. Hab das ganze nun soweit, dass ich mich vom Client-Rechner her mittels imap mit Mozilla Thunderbird anmelden kann. Auch Webmail mit Horde-Imp funktionieren soweit. (juhui!...)

Allerdings hab ich (wie schon alle Male..) das Problem, dass ich den smtp Server nicht hinkriege. Hab nun schon einige unterschiedliche Konfigurationen in /etc/tcprules.d/tcp.qmail-smtp ausprobiert und stets die *.cdb mittels tcpserver neu erstellt.

Alle Versuche, mich auf dem smtp-Server anzumelden, resp. über diesen ein Mail zu verschicken, schlagen fehl.  :Sad: 

Hier meine /etc/tcprules.d/tcp.qmail-smtp:

```
# to update the database after changing this file, run:

# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp

#------------------------------------------------------

# DESCRIPTION OF THE RULES TO REMIND ME OF HOW THIS FILE WORKS

#

# If you set 'allow', this means that our mail server will allow

# the specified IP range to make a TCP connection to our server

#

# If you set 'deny', this means that our mail server will not allow

# the specified IP range to make a TCP connection to our server

#

# If you set RELAYCLIENT="", this means that the listed IP range is

# allowed to relay mail through our server

#

# If you dont set RELAYCLIENT="", this means that the listed IP range

# will not be able to relay mail through our server

#

# If you set RBLSMTPD="", this means that the listed IP ranges will

# not be checked against any of the RBL databases

#

# If you set RBLSMTPD="some text here", this means that an RBL lookup

# wont be performed, but the mail will be rejected with the specified

# text as a 4xx temp error message

#

# If you set RBLSMTPD="-some text here", this means that an RBL lookup

# wont be performed, but the mail will be rejected with the specified

# text as a 5xx perm error message

#

# If you do not set RBLSMTPD="" or ="some text", then an RBL lookup

# will be performed. If the lookup is successful, then RBLSMTPD will

# return your custom error message (as specified in the -r parameter

# in smtpd supervise script)

#

#-----------------------------------------------------

# HERE ARE THE RULES! :

#-----------------------------------------------------

# BYPASS OPEN RELAY CHECKING FOR THESE IPS :

#

# These IPs are ones that we have setup so that they arent RBL checked.

# We have done this because these particular servers are RBL listed,

# and for whatever reason they can't/won't fix their open relay problem,

# and we still want to be able to receive mail from them.

#

# reminder text goes here for this entry so we know the story...

#111.111.111.111:allow,RBLSMTPD=""

# reminder text goes here for this entry so we know the story...

#222.222.222.222:allow,RBLSMTPD=""

#

#-----------------------------------------------------------------

# DONT ALLOW THESE IPS TO SEND MAIL TO US :

#

# mailXX.offermail.net connecting regularly and sending invalid

# format messages causing exit with status 256 (bare linefeed normally)

# entry added 15/12/2001

# after looking at the mail coming from these servers it was found to be spam

#216.242.75.100-116:allow,RBLSMTPD="-Connections from this IP have been banned."

#

# heaps of spam from replyto of *@freeamateurhotties.com dec2001

#64.228.127.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#154.20.94.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#209.151.132.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#216.18.85.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#

#-----------------------------------------------------------------

# ALLOW THESE IPS TO RELAY MAIL THROUGH OUR SERVER

#

# Local class-c's from our LAN are allowed to relay,

# and we wont bother doing any RBL checking.

#123.123.123.:allow,RELAYCLIENT="",RBLSMTPD=""

#123.111.111.:allow,RELAYCLIENT="",RBLSMTPD=""

#

# Connections from localhost are allowed to relay

# (because the WebMail server runs on localhost),

# and obviously there is no point trying to perform an RBL check.

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

#

#-----------------------------------------------------------------

# ALLOW EVERYONE ELSE TO SEND US MAIL

#

# Everyone else can make connections to our server,

# but not allowed to relay

# RBL lookups are performed

#:allow

# If you are using qmail-scanner, this line here is the correct one to use

# instead (comment out the above ':allow' line FIRST) and applies that script

# to any mail coming in that is not from a host allowed to relay. You can

# change the value of the variable to any other value you desire to use custom

# scripts for example.

#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

192.168.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

192.168.2.4:allow,RELAYCLIENT="",RBLSMTPD=""

192.168.2.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue"

:allow

```

Hier meine /var/qmail/control/conf-smtp:

```

# Configuration file for qmail-smtpd

# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/conf-smtpd,v 1.4 2005/01/28 08:15:18 hansmi Exp $

# Stuff to run before tcpserver

#QMAIL_TCPSERVER_PRE=""

# Stuff to run qmail-smtpd

#QMAIL_SMTP_PRE=""

# Stuff to after qmail-smtpd

#QMAIL_SMTP_POST=""

# this turns off the IDENT grab attempt on connecting

TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

# fixcrio inserts missing CRs at the ends of lines. See:

# http://cr.yp.to/ucspi-tcp/fixcrio.html

# http://cr.yp.to/docs/smtplf.html

# DO NOT enable this, when you are using SSL/TLS (USE=ssl)!

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} fixcrio"

# You might want to use rblsmtpd with this, but you need to fill in a RBL server here first

# see http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more details

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r RBL-SERVER"

# If you are interested in providing POP or IMAP before SMTP type relaying,

# emerge relay-ctrl, then uncomment the next 2 lines

#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

# In /etc/courier-imap/authdaemonrc add the next line to the end:

#authmodulelist="${authmodulelist} relay-ctrl-allow"

# Then in /etc/courier-imap/{imapd,imapd-ssl,pop3d,pop3d-ssl}

# Add this at the end

#PRERUN="${PRERUN} envdir /etc/relay-ctrl relay-ctrl-chdir"

# This next block is for SMTP-AUTH

# This provides the LOGIN, PLAIN and CRAM-MD5 types

# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5

# and reads it's data from /etc/poppasswd

# see the manpage for cmd5checkpw for details on the passwords

# uncomment the next four lines to enable SMTP-AUTH[code]

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

# QMAIL_SMTP_CHECKPASSWORD="/bin/cmd5checkpw"

QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

[/code]

```

Insofern ich in Horde den Mailer mit sendmail konfiguriere, kann ich mails versenden. Diese kommen jedoch mit einer seeeeehhr seltsamen Absenderadresse an! Anstelle fidel@mydomain.com erscheint der Absender effektiv als fidel@resalehost.networksolutions.com

--> Woher kommt dieser Absender????

(Sorry, wenn dies superdumme Fragen sind! Ich bin jedoch echt langsam am verzweifeln!!!)

Des weiteren wird im der obigen Anleitung beschrieben, man müsse beim Mailclient stmp-Auth aktivieren. Dies schlägt bei mir partout fehl! Ich kann lediglich ssl-Verschlüsselung aktivieren, resp. MUSS dies wählen, andernfalls schlägt das Login fehl. Eigentlich möcht ich jedoch lieber smtp-Auth und keine ssl Verschlüsselung aktivieren. Irgendwie blick ich überhaupt nicht mehr durch....

Ein 

```
ps ax | grep tcpserver
```

liefert:

```
6508 ?        S      0:00 /usr/bin/tcpserver -H -R -l 0 -R -x /etc/tcprules.d/tcp.qmail-smtp.cdb -c 40 -u 201 -g 200 0.0.0.0 smtp /var/qmail/bin/qmail-smtpd hektor.nigel /var/vpopmail/bin/vchkpw /bin/true

 6512 ?        S      0:00 /usr/bin/tcpserver -H -R -l 0 -x /etc/tcprules.d/tcp.qmail-pop3.cdb -c 40 0.0.0.0 pop3 /var/qmail/bin/qmail-popup hektor.nigel /bin/checkpassword /var/qmail/bin/qmail-pop3d .maildir

 8403 pts/0    R+     0:00 grep tcpserver

```

Ein 

```
netstat -a
```

liefert:

```
Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 *:imaps                 *:*                     LISTEN

tcp        0      0 *:51234                 *:*                     LISTEN

tcp        0      0 *:pop3s                 *:*                     LISTEN

tcp        0      0 *:14534                 *:*                     LISTEN

tcp        0      0 hektor.nigel:mysql      *:*                     LISTEN

tcp        0      0 hektor.nige:netbios-ssn *:*                     LISTEN

tcp        0      0 192.168.0.1:netbios-ssn *:*                     LISTEN

tcp        0      0 *:pop-3                 *:*                     LISTEN

tcp        0      0 *:www                   *:*                     LISTEN

tcp        0      0 *:ftp                   *:*                     LISTEN

tcp        0      0 *:domain                *:*                     LISTEN

tcp        0      0 *:ssh                   *:*                     LISTEN

tcp        0      0 *:smtp                  *:*                     LISTEN

tcp        0      0 *:https                 *:*                     LISTEN

tcp        0      0 hektor.nig:microsoft-ds *:*                     LISTEN

tcp        0      0 192.168.0.:microsoft-ds *:*                     LISTEN

tcp        0      0 192.168.2.4:www         medulis.nigel:43871     ESTABLISHED

tcp        0      0 192.168.2.4:ssh         medulis.nigel:57689     ESTABLISHED

tcp        0      0 192.168.2.4:ssh         medulis.nigel:57689     ESTABLISHED

tcp        0    900 hektor.nigel:imaps      hektor.nigel:56708      ESTABLISHED

udp        0      0 *:32768                 *:*

udp        0      0 192.168.0.1:netbios-ns  *:*

udp        0      0 *:netbios-ns            *:*

udp        0      0 192.168.0.1:netbios-dgm *:*

udp        0      0 *:netbios-dgm           *:*

udp        0      0 *:domain                *:*

udp        0      0 *:8767                  *:*

udp        0      0 *:bootps                *:*

raw        0      0 *:icmp                  *:*                     7

Active UNIX domain sockets (servers and established)

Proto RefCnt Flags       Type       State         I-Node Path

unix  9      [ ]         DGRAM                    8707   /dev/log

unix  2      [ ACC ]     STREAM     LISTENING     9557   /var/run/cgisock

unix  2      [ ]         DGRAM                    1480   @udevd

unix  2      [ ACC ]     STREAM     LISTENING     10836  /var/lib/courier/authdaemon/socket.tmp

unix  2      [ ACC ]     STREAM     LISTENING     11164  /var/run/proftpd/proftpd.sock

unix  2      [ ACC ]     STREAM     LISTENING     9090   /var/run/mysqld/mysqld.sock

unix  3      [ ]         STREAM     CONNECTED     12118  /var/run/mysqld/mysqld.sock

unix  4      [ ]         STREAM     CONNECTED     12117

unix  3      [ ]         STREAM     CONNECTED     12020  /var/run/mysqld/mysqld.sock

unix  3      [ ]         STREAM     CONNECTED     12019

unix  3      [ ]         STREAM     CONNECTED     11724  /var/run/mysqld/mysqld.sock

unix  3      [ ]         STREAM     CONNECTED     11723

unix  2      [ ]         DGRAM                    11374

unix  2      [ ]         DGRAM                    11254

unix  2      [ ]         DGRAM                    11050

unix  2      [ ]         DGRAM                    10909

unix  2      [ ]         DGRAM                    10847

unix  2      [ ]         DGRAM                    10803

unix  2      [ ]         DGRAM                    8901

```

Kann mir bittebitte jemand weiterhelfen?? Was mache ich falsch??

-->> Danke für jede Hilfe!!!Last edited by fidel on Tue May 24, 2005 1:57 pm; edited 1 time in total

----------

## fidel

Probleme gelöst...

1. ucspi-tcp muss in meinem Fall mit -ipv6 flag kompiliert werden

2. Wenn der Client als relay-fähiger client konfiguriert ist, muss sich dieser für den smtp Versand nicht einloggen.. (eigentlich logisch..  :Wink:  )

3. Der hostname muss per DNS lookup existieren....

Nun funkioniert alles!  :Very Happy:  :Very Happy:  :Very Happy: 

---------

Anhang:

---------

Um den qmail-scanner mit clamav und spamassassin zum Funktionieren zu bewegen, MUSS clamd und spamd unter user qscand laufen! Dies bedeutet, dass auch der Ordner unter /var/run/clamav ebenfalls dem user qscand gehören muss:

```
chown -R qscand:qmail /var/run/clamav
```

Nachdem nun alles bestens werkelt, muss ich doch mal wieder sagen:

GENTOO JUST KICKS AAAAA.........!!!!!! :Very Happy: 

----------

