# E-mail Server

## cspos

I know there are a lot of guides in this forum on how to set up a mail server. Actually, there's too many, and as a result I'm confused. Bear with me, I'm new to this.

I run a web server with my own registered domain name, spazticenterprises.com. My DNS and MX records are hosted my Register.com. I'm looking to create a server with the standard SMTP and POP/IMAP protocols. I'd also want Squirrelmail, so if a client were to download an a-mail through a mail program like Thunderbird, I'd need a copy of the e-mail to be left on the server, for future squirrelmail access. Also, what should the dns domain name of my server be? Currently it is spaznet, which is the unofficial name of all computers on my network. Should I change it to spazticenterprises.com?

I have absolutely no idea how to set this up. Which one(s) of the guides on this site should I use?

----------

## joycea

Any number of MTAs will cover the SMTP aspect, from sendmail to Exim.

As for the remote access and SquirrelMail, just run an IMAP server.  Something like Cyrus would do wonders.

You probably want FQDN on all your computers, but most importantly, a FQDN must be advertised on the SMTP server.

I don't know what guides this would relate to, but at least it will give you some keywords.

----------

## kpack

First choose an MTA. I suggest postfix. Some people like qmail. Whatever.

Then choose an IMAP server. I use Courier IMAP. It provides both POP and IMAP.

I would create new dns records for mail.spazticenterprises.com and smtp.spazticenterprises.com. Even if they're all the same computer right now, it gives you the flexibility to move things around in the future without having to reconfigure mail clients.

When you have everything working locally, change your MX record to point to smtp.spazticenterprises.com.

IMAP manages all mail on the server, so you don't have to worry about leaving a copy of it on the server like you do with POP. You can check your mail from as many different computers as you want.

----------

## cspos

This piece of documentation seems to look like what I should use.

I'll probably be back soon with some questions.

----------

## cspos

I'm still not sure what why DNS domain name should be on the server? Should it be spaznet or spazticenterprises.com?

----------

## nobspangle

It doesn't really matter what the dnsdomainname of your computer is as long as the mailserver reports the same name as the ptr record for your IP (to be on the safe side go with spazticenterprises.com)

----------

## cspos

An excerpt from the install guide I linked to a post or two ago:

```
Code Listing 2.2: /etc/postfix/main.cf

myhostname = $host.domain.name

mydomain = $domain.name

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain $mydomain

mynetworks = my.ip.net.work/24, 127.0.0.0/8

home_mailbox = .maildir/

local_destination_concurrency_limit = 2

default_destination_concurrency_limit = 10 
```

Here's what my /etc/postfix/main.cf config looks like:

```
# The myhostname parameter specifies the internet hostname of this

# mail system. The default is to use the fully-qualified domain name

# from gethostname(). $myhostname is used as a default value for many

# other configuration parameters.

#

#myhostname = host.domain.tld

#myhostname = virtual.domain.tld

myhostname = hermes.spazticenterprises.com

# The mydomain parameter specifies the local internet domain name.

# The default is to use $myhostname minus the first component.

# $mydomain is used as a default value for many other configuration

# parameters.

#

#mydomain = domain.tld

mydomain = spazticenterprises.com

```

In my situation, what should $host.domain.name and $domain.name be? I get an error when I run /usr/bin/newaliases about them, and I've tried different combinations (spaznet and spazticenterprises.com). 

```
hermes init.d # /usr/bin/newaliases

newaliases: warning: valid_hostname: misplaced delimiter: .spazticenterprises.com

newaliases: fatal: file /etc/postfix/main.cf: parameter myhostname: bad parameter value: .spazticenterprises.com
```

I'm still very confused about all the domains...

Oh, and what's a ptr record?

 *nobspangle wrote:*   

> 
> 
> It doesn't really matter what the dnsdomainname of your computer is as long as the mailserver reports the same name as the ptr record for your IP (to be on the safe side go with spazticenterprises.com)

 

----------

## cspos

Oops. I had to set my /etc/dnsdomainname to spazticenterprises.com and restart /etc/init.d/net.eth0. That part works now, but I can almost guarantee I'll be back with a few more questions soon.

----------

## cspos

Well, I followed the instructions... or so I thought. After adding the user cspos atspazticenterprises.com to the users table of the mailsql database through phpmyadmin. When I try to log in through squirrelmail (mail.spazticenterprises.com) I get this error:

```
ERROR:

ERROR : Connection dropped by imap-server.
```

The only thing I can think of that could cause this is the fact that I just copied the /var/www/localhost/htdocs/squirrelmail directory to where the mail.spazticenterprises.com virtual host lives, instead of ln -s'ing it.Last edited by cspos on Wed Aug 11, 2004 11:31 am; edited 1 time in total

----------

## cspos

Perhaps this has something to do with user administration? When installing mailman, the docs said to do this:

```
# bin/newlist test

Enter the email of the person running the list: your@email.address

Initial test password:

Hit enter to continue with test owner notification...

// Virtual domain lists may be specified with

// list@domain.com style list names

# bin/genaliases

// Now that your aliases have been generated,

// verify that they were added successfully.

# nano -w data/aliases

# STANZA START: test

# CREATED:

test:             "|/var/mailman/mail/mailman post test"

test-admin:       "|/var/mailman/mail/mailman admin test"

test-bounces:     "|/var/mailman/mail/mailman bounces test"

test-confirm:     "|/var/mailman/mail/mailman confirm test"

test-join:        "|/var/mailman/mail/mailman join test"

test-leave:       "|/var/mailman/mail/mailman leave test"

test-owner:       "|/var/mailman/mail/mailman owner test"

test-request:     "|/var/mailman/mail/mailman request test"

test-subscribe:   "|/var/mailman/mail/mailman subscribe test"

test-unsubscribe: "|/var/mailman/mail/mailman unsubscribe test"

# STANZA END: test
```

Do I have to do that for each user? Actually, what am I even doing there anyway?

Also, the Squirrelmail user docs say that when logging in, you should only have to use your user name, not your entire email address (cspos vs. cspos at spazticenterprises.com). Should Squirrelmail be at spazticenterprises.com instead of mail.spazticenterprises.com?

----------

## kaidon

hi cspos

Use the log Luke  :Wink: 

It may help to increase verbosity of courier-imap's logging:

check out DEBUG_LOGIN in /etc/courier-imap/imapd. Also check your apache logs (error log).

I also had problems like that when implementing the virt-mail-system.

After opening a few terminals and running tail -f on the relevant logs while testing I had my problems solved in no time.

Copying my squirellmail installation to a different location didn't cause any problems. Though you have to keep an eye on file permissions.

hth

cheers

k

----------

## kaidon

hi again

use your full email for squirrelmail login. the same you entered in the 'email' column of your sql user table.

i would forget about mailing lists (mailman) until you have squirrelmail running. do one thing at a time, then test, test, test. once it works move on to the next step. i wasted hours and hours cause i first wanted to do everything in one go.

cheers

k

----------

## cspos

Well I set DEBUG_LOGIN to 1 and restarted courier-imap(-ssl) and I'm not too sure where to go from there. Where would the log file be? Where are the Apache logs? tail -f ?

Thanks for the speedy reply.

----------

## kaidon

if you haven't changed the default gentoo logging you will probably have everything logged to /var/log/messages.

apache logs are in /var/log/apache/ resp. /var/log/apache2/

tail -f sort of monitors a file. if used with a log file it prints what's logged to the console in realtime. for more information type 

```
man tail
```

so open up a new console, become root and type:

```
tail -f /var/log/messages
```

then fire up your browser and try logging into squirrelmail. you should see log messages printed to the console.

for apache logs try

```
tail -f /var/log/apache2/error_log
```

cheers

k

----------

## cspos

Thanks. the output:

```
hermes root # tail -f /var/log/messages

Aug 11 14:00:00 hermes CRON[24121]: (mailman) CMD (/usr/bin/python -S /usr/local/mailman/cron/gate_news)

Aug 11 14:00:06 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 14:00:06 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 14:00:06 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 14:00:06 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 14:00:06 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 14:00:06 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 14:00:06 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 14:00:06 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 14:00:06 hermes imapd: DISCONNECTED, user=cspos@spazticenterprises.com, ip=[127.0.0.1], headers=0, body=0

Aug 11 14:00:33 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 14:00:33 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 14:00:33 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 14:00:33 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 14:00:33 hermes imapd: LOGOUT, user=cspos@spazticenterprises.com, ip=[127.0.0.1], headers=0, body=0

Aug 11 14:00:33 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 14:00:33 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 14:00:33 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 14:00:33 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 14:00:33 hermes imapd: DISCONNECTED, user=cspos@spazticenterprises.com, ip=[127.0.0.1], headers=0, body=0

Aug 11 14:00:33 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 14:00:33 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 14:00:33 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 14:00:33 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: mynetworks ~? debug_peer_list

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: mynetworks ~? fast_flush_domains

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: mynetworks ~? mynetworks

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: relay_domains ~? debug_peer_list

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: relay_domains ~? fast_flush_domains

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: relay_domains ~? mynetworks

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: relay_domains ~? permit_mx_backup_networks

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: relay_domains ~? qmqpd_authorized_clients

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: relay_domains ~? relay_domains

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: permit_mx_backup_networks ~? debug_peer_list

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: permit_mx_backup_networks ~? fast_flush_domains

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: permit_mx_backup_networks ~? mynetworks

Aug 11 14:00:41 hermes postfix/smtpd[24139]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks

Aug 11 14:00:41 hermes postfix/smtpd[24139]: maps_append: hash:/var/mailman/data/aliases

Aug 11 14:00:41 hermes postfix/smtpd[24139]: fatal: open database /var/mailman/data/aliases.db: No such file or directory

Aug 11 14:00:42 hermes postfix/master[21004]: warning: process /usr/lib/postfix/smtpd pid 24139 exit status 1

Aug 11 14:00:42 hermes postfix/master[21004]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

Aug 11 14:00:55 hermes postfix/cleanup[24140]: fatal: open database /var/mailman/data/virtual-mailman.db: No such file or directory

Aug 11 14:00:56 hermes postfix/master[21004]: warning: process /usr/lib/postfix/cleanup pid 24140 exit status 1

Aug 11 14:00:56 hermes postfix/master[21004]: warning: /usr/lib/postfix/cleanup: bad command startup -- throttling
```

I simply created the ~/.maildir directory that I put in the users database, and that brings me to here (screenshot).

What's really bugging me about the error log is this:

```
Aug 11 14:00:41 hermes postfix/smtpd[24139]: maps_append: hash:/var/mailman/data/aliases

Aug 11 14:00:41 hermes postfix/smtpd[24139]: fatal: open database /var/mailman/data/aliases.db: No such file or directory
```

It doesn't exist, and the docs don't say to create anything there.

----------

## kaidon

Maildir's are special folders. or better said, what makes them tic is not the directory itself but the subdirectories and files within.

if you send the first email to a valid account postfix will create the required folders for you. you can also do this by hand by using the maildirmake program that commes with courier-imap.

so first remove the folder you have created by hand.

then either send an email to the account

```
echo "Welcome to your mailaccount" | sendmail cspos@spazticenterprises.com
```

or use maildirmake

```
man maildirmake

maildirmake ~/.maildir
```

to create the mailman alias database type

```
postalias /var/mailman/data/aliases
```

after that the file /var/mailman/data/aliases.db should exist.

hth

cheers

k

----------

## cspos

I used maildirmake, set the permissions, and was able to log in to Squirrelmail. I tried to send a message to my gmail account, but the page hung when I tried to send it. Here's what that looks like:

```

hermes root # tail -f /var/log/messages

Aug 11 15:13:53 hermes postfix/smtpd[24557]: match_string: relay_domains ~? qmqpd_authorized_clients

Aug 11 15:13:53 hermes postfix/smtpd[24557]: match_string: relay_domains ~? relay_domains

Aug 11 15:13:53 hermes postfix/smtpd[24557]: match_string: permit_mx_backup_networks ~? debug_peer_list

Aug 11 15:13:53 hermes postfix/smtpd[24557]: match_string: permit_mx_backup_networks ~? fast_flush_domains

Aug 11 15:13:53 hermes postfix/smtpd[24557]: match_string: permit_mx_backup_networks ~? mynetworks

Aug 11 15:13:53 hermes postfix/smtpd[24557]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks

Aug 11 15:13:53 hermes postfix/smtpd[24557]: maps_append: hash:/var/mailman/data/aliases

Aug 11 15:13:53 hermes postfix/smtpd[24557]: fatal: open database /var/mailman/data/aliases.db: No such file or directory

Aug 11 15:13:54 hermes postfix/master[21004]: warning: process /usr/lib/postfix/smtpd pid 24557 exit status 1

Aug 11 15:13:54 hermes postfix/master[21004]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

Aug 11 15:14:07 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 15:14:07 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 15:14:07 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 15:14:07 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 15:14:07 hermes imapd: LOGOUT, user=cspos@spazticenterprises.com, ip=[127.0.0.1], headers=0, body=0

Aug 11 15:14:07 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 15:14:07 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 15:14:07 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 15:14:07 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 15:14:07 hermes imapd: Connection, ip=[127.0.0.1]

Aug 11 15:14:07 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], command=LOGIN

Aug 11 15:14:07 hermes imapd: LOGIN: DEBUG: ip=[127.0.0.1], username=cspos@spazticenterprises.com

Aug 11 15:14:07 hermes imapd: LOGIN, user=cspos@spazticenterprises.com, ip=[127.0.0.1], protocol=IMAP

Aug 11 15:14:07 hermes imapd: LOGOUT, user=cspos@spazticenterprises.com, ip=[127.0.0.1], headers=0, body=0

Aug 11 15:14:07 hermes imapd: LOGOUT, user=cspos@spazticenterprises.com, ip=[127.0.0.1], headers=0, body=0

Aug 11 15:14:08 hermes postfix/cleanup[24565]: fatal: open database /var/mailman/data/virtual-mailman.db: No such file or directory

Aug 11 15:14:09 hermes postfix/master[21004]: warning: process /usr/lib/postfix/cleanup pid 24565 exit status 1

Aug 11 15:14:09 hermes postfix/master[21004]: warning: /usr/lib/postfix/cleanup: bad command startup -- throttling
```

The mail was never delivered. I get this error message at the top of the "Compose" page when it finishes hanging: 

```
ERROR:

Server replied:
```

I have a POP3 email account through my ISP. I know that I have to specifically connect to smtp.$ispdomain and pop.$ispdomain to get mail through my client, Thunderbird. Why doesn't this guide say to set that up?

I ran

```
echo "Welcome to your mailaccount" | sendmail cspos@spazticenterprises.com
```

 it took a few seconds to complete, but Squirrelmail reports that I have no mail.

And:

```
hermes .maildir # postalias /var/mailman/data/aliases

postalias: fatal: open /var/mailman/data/aliases: No such file or directory

hermes .maildir #
```

----------

## kaidon

have a look at http://www.gentoo.org/doc/en/virt-mail-howto.xml Code Listing 12.5

did you run <mailmanhome>/bin/genaliases ?

looking at you log, you will also have to run postalias on /var/mailman/data/virtual-mailman.

postfix smtpd stumbles over the /var/mailman/data/<aliasfilename> problem and starts throttling. i guess you want be able to send mail before that's solved.

try commenting the mailman related entries in /etc/postfix/main.cf until everything else works.

after that first try to send an email to yourself. it that works try your external account.

do one thing at a time. confirm it works before moving on.

cheers

k

----------

## cspos

Yup, I've run genaliases. I then added the data to data/aliases.

```
hermes home # postalias /var/mailman/data/virtual-mailman

postalias: fatal: open /var/mailman/data/virtual-mailman: No such file or directory

hermes home #
```

Since that didn't work, I uncommented the lines I put in main.cf in Code Listing 12.5. I rebooted the services, but I still get the "ERROR: Server replied:" error when I try to send a message.

By the way, I appreciate all your help.

----------

## kaidon

hi again

i would suggest we split up the whole problem into small manageable tasks to get to the ground of this.

as i see it, there could be the following error sources:

1) something's wrong with the Postfix setup

2) something's wrong with the mailman setup, resp. the Postfix part of the mailman setup

3) something's missing/wrong with the Squirrelmail, PHP, Apache configuration

1: let's find out if standalone Postfix works ----------

- comment or remove _everything_ that has to do with mailman in main.cf. forget about mailman for now. pretend you didn't install it.

- remove the -v from the /etc/postfix/master.cf which you have added previously. that's handy later on, but for now all the verbosity is just irritating.

- restart postfix

- do the tail -f /var/log/messages thing in a console

- open a new console and try to send yourself an email using (no domain here, just your user name)

```
echo "Hello World" | sendmail yourUnixUserNameHere
```

- check the "tail -f console" to see what happened

- if you see something containing "delivered to maildir", go and check your maildir from the console using

```
ls -al /home/yourUnixUserNameHere/.maildir/new
```

- there should be a new file in there.

- note that like this we are not using smtp. the message is injected directly into the local mail system

- now try sending yourself an email using smtp. we can do this using telnet.

note: lines prefixed with <<< are responses from the server (may look a bit different on your box). the rest is what you type:

```

telnet localhost 25

<<< 220 yourHostName ESMTP Postfix

HELO localhost

<<< 250 yourHostName

MAIL FROM: <yourUnixLoginNameHere@[127.0.0.1]>

<<< 250 Ok

RCPT TO: <yourUnixLoginNameHere@[127.0.0.1]>

<<< 250 Ok

DATA

<<< 354 End data with <CR><LF>.<CR><LF>

this is a test message

.

<<< 250 Ok: queued as NUMBER

QUIT

<<< 221 Bye

```

- while doing this experiment keep an eye on the "tail -f console"

- if all went well you should now have 2 files in /home/yourUnixLoginName/.maildir/new and we _know_ that smtp and local delivery is working correctly

from here on it depends how you setup postfix. post your main.cf so we can check that.

note: it's generally a good idea to remove comments from a config file bevor posting to a forum. you can do this with:

```
cd /etc/postfix

grep -v "#" main.cf | grep -v "^[ ]*$" > main.local
```

this will remove all comments and blank lines from main.cf and store the result as main.local. your main.cf remains unchanged. post the main.local file.

so much for now.

cheers

k

ps: it's actually obvious that the problem comes from the mailman/Postfix setup. but the above is information thath helpes understanding what's going on. so i thought i'll post it here   :Smile: 

----------

## cspos

Again, thanks a lot for the help. That's what I love about the Gentoo Fourms.

I have a job early tomorrow morning, so I really have to get to bed. I can't wait to try this in the morning.

----------

## cspos

Well, that one job turned into another one, and I had to go out of town and whatnot, but I'm back now.

I followed your guide exactly, and everything went as it should have until (in telnet):

```
RCPT TO: <root@127.0.0.1>

Connection closed by foreign host.
```

The tail -f of /var/log/messages looks like:

```
Aug 20 13:11:07 hermes postfix/smtpd[9329]: lost connection after MAIL from localhost[127.0.0.1]

Aug 20 13:11:07 hermes postfix/smtpd[9329]: disconnect from localhost[127.0.0.1]Aug 20 13:11:14 hermes sshd(pam_unix)[9357]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=zeus.spaznet  user=root

Aug 20 13:11:17 hermes sshd[9355]: error: PAM: Authentication failure for root from zeus.spaznet

Aug 20 13:11:20 hermes sshd[9358]: Accepted keyboard-interactive/pam for root from 192.168.1.178 port 33118 ssh2

Aug 20 13:11:20 hermes sshd(pam_unix)[9361]: session opened for user root by root(uid=0)

Aug 20 13:12:01 hermes sshd[9369]: Accepted keyboard-interactive/pam for root from 192.168.1.178 port 33119 ssh2

Aug 20 13:12:01 hermes sshd(pam_unix)[9372]: session opened for user root by root(uid=0)

Aug 20 13:12:50 hermes postfix/smtpd[9377]: starting TLS engine

Aug 20 13:12:50 hermes postfix/smtpd[9377]: unable to get private key from '/etc/postfix/newreq.pem'

Aug 20 13:12:50 hermes postfix/smtpd[9377]: 9377:error:0906406D:PEM routines:DEF_CALLBACK:problems getting password:pem_lib.c:105:

Aug 20 13:12:50 hermes postfix/smtpd[9377]: 9377:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:401:

Aug 20 13:12:50 hermes postfix/smtpd[9377]: 9377:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:709:

Aug 20 13:12:50 hermes postfix/smtpd[9377]: TLS engine: cannot load RSA cert/key data

Aug 20 13:12:50 hermes postfix/smtpd[9377]: connect from localhost[127.0.0.1]

Aug 20 13:13:05 hermes postfix/smtpd[9377]: 94FAD5023A: client=localhost[127.0.0.1]

Aug 20 13:13:19 hermes postfix/smtpd[9377]: fatal: bad net/mask pattern: my.ip.net.work/24

Aug 20 13:13:20 hermes postfix/cleanup[9378]: warning: premature end-of-input on cleanup socket while reading input attribute name

Aug 20 13:13:20 hermes postfix/master[9298]: warning: process /usr/lib/postfix/smtpd pid 9377 exit status 1

Aug 20 13:13:20 hermes postfix/master[9298]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

```

----------

## kaidon

hi

 *Quote:*   

> Aug 20 13:12:50 hermes postfix/smtpd[9377]: starting TLS engine
> 
> Aug 20 13:12:50 hermes postfix/smtpd[9377]: unable to get private key from '/etc/postfix/newreq.pem'

 

does the file /etc/postfix/newreq.pem exist?

i would recommend disabling TLS until you solved the other problems.

you can do this by setting smtpd_use_tls = no in /etc/postfix/main.cf.

send your main.cf resp. main.local so we can check if there are any other pitfalls awaiting us.

 *Quote:*   

> Aug 20 13:13:19 hermes postfix/smtpd[9377]: fatal: bad net/mask pattern: my.ip.net.work/24 

 

this is probably the log entry that corresponds to the failure you get when running:

[qoute]RCPT TO: <root@127.0.0.1>

Connection closed by foreign host.[/quote]

try again using eather: (note the brackets arround the ip)

 *Quote:*   

> RCPT TO: <root@[127.0.0.1]>

 

or (depending on you main.cf config this might not work)

 *Quote:*   

> RCPT TO: <root@localhost>

 

cheers

k

ps:

 *Quote:*   

> Aug 20 13:11:17 hermes sshd[9355]: error: PAM: Authentication failure for root from zeus.spaznet
> 
> Aug 20 13:11:20 hermes sshd[9358]: Accepted keyboard-interactive/pam for root from 192.168.1.178 port 33118 ssh2
> 
> Aug 20 13:11:20 hermes sshd(pam_unix)[9361]: session opened for user root by root(uid=0)
> ...

 

it would be a good idea to disable ssh login for root before you go live with your system. to do this open /etc/ssh/sshd_config and set

PermitRootLogin no

after that restart sshd.

there are meny ugly ssh break in attempts going on lately. it is way more secure to ssh-login as a normal user and su to root. note: you have to be in group wheel to su to root.

----------

## cspos

 *kaidon wrote:*   

> 
> 
> does the file /etc/postfix/newreq.pem exist?
> 
> Yes.
> ...

 

 *kaidon wrote:*   

> 
> 
> i would recommend disabling TLS until you solved the other problems.
> 
> Done.
> ...

 

 *kaidon wrote:*   

> 
> 
> send your main.cf resp. main.local so we can check if there are any other pitfalls awaiting us.
> 
> 

 

main.cf:

```

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/lib/postfix

mail_owner = postfix

unknown_local_recipient_reject_code = 450

debug_peer_level = 2

debugger_command =

    PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin

    xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail

newaliases_path = /usr/bin/newaliases

mailq_path = /usr/bin/mailq

setgid_group = postdrop

manpage_directory = /usr/share/man

sample_directory = /usr/share/doc/postfix-2.0.19/sample

readme_directory = /usr/share/doc/postfix-2.0.19/readme

alias_database = hash:/etc/mail/aliases

alias_maps = hash:/etc/mail/aliases

myhostname = hermes.spazticenterprises.com

mydomain = spazticenterprises.com

inet_interfaces = all

mydestination = $myhostname, localhost.$mydomain $mydomain

mynetworks = my.ip.net.work/24, 127.0.0.0/8

home_mailbox = .maildir/

local_destination_concurrency_limit = 2

default_destination_concurrency_limit = 10 

smtpd_sasl_auth_enable = yes

smtpd_sasl2_auth_enable = yes

smtpd_sasl_security_options = noanonymous

broken_sasl_auth_clients = yes

smtpd_sasl_local_domain =

smtpd_recipient_restrictions =

   permit_sasl_authenticated,

   permit_mynetworks,

   reject_unauth_destination

   

smtpd_use_tls = no

smtpd_tls_auth_only = yes

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

tls_random_source = dev:/dev/urandom

alias_maps = mysql:/etc/postfix/mysql-aliases.cf

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

local_transport = local

local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

virtual_transport = virtual

virtual_mailbox_domains =

   virt-bar.com,

   liveransonions.org

virtual_minimum_uid = 1000

virtual_gid_maps = static:$vmail-gid

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

virtual_uid_maps = static:$vmail-uid

virtual_mailbox_base = /

#virtual_mailbox_limit =

#owner_request_special = no

#recipient_delimiter = +

#alias_maps     =

#   hash:/var/mailman/data/aliases,

#   mysql:/etc/postfix/mysql-aliases.cf

#virtual_alias_maps =

#   hash:/var/mailman/data/virtual-mailman,

#   mysql:/etc/postfix/mysql-virtual.cf

```

I'm not sure what you mean by "resp. main.local".

 *kaidon wrote:*   

> 
> 
> try again using eather: (note the brackets arround the ip)
> 
>  *Quote:*   RCPT TO: <root@[127.0.0.1]> 
> ...

 

Unfortuanately this didn't work. I did have to type MAIL FROM: <root@[127.0.0.1]> before the RCPT TO... for it to work, though.

```

hermes root # telnet localhost 25

Trying 127.0.0.1...

Connected to localhost.

Escape character is '^]'.

220 hermes.spazticenterprises.com ESMTP Postfix

MAIL FROM : <root@127.0.0.1>

501 Syntax: MAIL FROM: <address>

MAIL FROM: <root@[127.0.0.1]>

250 Ok

RCPT TO: <root@[127.0.0.1]>

Connection closed by foreign host.

```

The log for that looks like this:

```

hermes root # tail -f /var/log/messages

Aug 21 19:22:00 hermes postfix/master[26659]: warning: process /usr/lib/postfix/smtpd pid 26731 exit status 1

Aug 21 19:22:00 hermes postfix/master[26659]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

Aug 21 19:23:00 hermes postfix/smtpd[26732]: connect from localhost[127.0.0.1]

Aug 21 19:23:00 hermes postfix/smtpd[26732]: fatal: bad net/mask pattern: my.ip.net.work/24

Aug 21 19:23:01 hermes postfix/master[26659]: warning: process /usr/lib/postfix/smtpd pid 26732 exit status 1

Aug 21 19:23:01 hermes postfix/master[26659]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

Aug 21 19:25:00 hermes CRON[26734]: (mailman) CMD (/usr/bin/python -S /usr/local/mailman/cron/gate_news)

Aug 21 19:25:20 hermes postfix/smtpd[26737]: connect from localhost[127.0.0.1]

Aug 21 19:25:38 hermes postfix/smtpd[26737]: lost connection after MAIL from localhost[127.0.0.1]

Aug 21 19:25:38 hermes postfix/smtpd[26737]: disconnect from localhost[127.0.0.1]

Aug 21 19:25:46 hermes postfix/smtpd[26737]: connect from localhost[127.0.0.1]

Aug 21 19:26:03 hermes postfix/smtpd[26737]: 3286E502D5: client=localhost[127.0.0.1]

Aug 21 19:26:17 hermes postfix/smtpd[26737]: fatal: bad net/mask pattern: my.ip.net.work/24

Aug 21 19:26:18 hermes postfix/cleanup[26741]: warning: premature end-of-input on cleanup socket while reading input attribute name

Aug 21 19:26:18 hermes postfix/master[26659]: warning: process /usr/lib/postfix/smtpd pid 26737 exit status 1

```

Doing the same things, but with root@localhost, I got this as a log:

```

hermes root # tail -f /var/log/messages

Aug 21 19:23:01 hermes postfix/master[26659]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

Aug 21 19:25:00 hermes CRON[26734]: (mailman) CMD (/usr/bin/python -S /usr/local/mailman/cron/gate_news)

Aug 21 19:25:20 hermes postfix/smtpd[26737]: connect from localhost[127.0.0.1]

Aug 21 19:25:38 hermes postfix/smtpd[26737]: lost connection after MAIL from localhost[127.0.0.1]

Aug 21 19:25:38 hermes postfix/smtpd[26737]: disconnect from localhost[127.0.0.1]

Aug 21 19:25:46 hermes postfix/smtpd[26737]: connect from localhost[127.0.0.1]

Aug 21 19:26:03 hermes postfix/smtpd[26737]: 3286E502D5: client=localhost[127.0.0.1]

Aug 21 19:26:17 hermes postfix/smtpd[26737]: fatal: bad net/mask pattern: my.ip.net.work/24

Aug 21 19:26:18 hermes postfix/cleanup[26741]: warning: premature end-of-input on cleanup socket while reading input attribute name

Aug 21 19:26:18 hermes postfix/master[26659]: warning: process /usr/lib/postfix/smtpd pid 26737 exit status 1

Aug 21 19:27:31 hermes postfix/smtpd[26746]: connect from localhost[127.0.0.1]

Aug 21 19:27:49 hermes postfix/smtpd[26746]: 151F2502D5: client=localhost[127.0.0.1]

Aug 21 19:28:07 hermes postfix/smtpd[26746]: fatal: bad net/mask pattern: my.ip.net.work/24

Aug 21 19:28:08 hermes postfix/cleanup[26741]: warning: premature end-of-input on cleanup socket while reading input attribute name

Aug 21 19:28:08 hermes postfix/master[26659]: warning: process /usr/lib/postfix/smtpd pid 26746 exit status 1

Aug 21 19:28:08 hermes postfix/master[26659]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

```

----------

## kaidon

i wrote about creating a main.local in one of my last posts. though since you have a nice clean main.cf you can ignore that.

what's the big picture? how should it look like when you're finished and everything's working the way you want?

from reading your main.cf there seem to be 3 domains involved:

spazticenterprises.com, virt-bar.com, liveransonions.org 

how should the mail-accounts for each of them be managed? where do you keep the data for the mailboxes for each domain?

2 obvious errors in your main.cf are:

replace

mynetworks = my.ip.net.work/24, 127.0.0.0/8 

with something like

mynetworks = 192.168.1.0/24, 127.0.0.0/8 

enter the subnet you use instead of 192.168.1.0/24.

virtual_uid_maps = static:$vmail-uid

virtual_gid_maps = static:$vmail-gid 

replace $vmail-uid/$vmail-gid with the uid/gid of the vmail account you created.

cheers

k

ps:

here's something i found on the postfix mailing list that helped me understand how the different map-settings play together:

Postfix domain to email address mappings:

------------------------------------------------------------------------

If you list the domain name in: | Then list the user's email address in:

------------------------------------------------------------------------

mydestination | local_recipient_maps

virtual_alias_domains | virtual_alias_maps

virtual_mailbox_domains | virtual_mailbox_maps

relay_domains | relay_recipient_maps

------------------------------------------------------------------------ 

List the domain name in exactly one place.

List the recipient address in the corresponding table.

virtual_alias_maps implement global aliasing and therefore they

validate a recipient in any domain.

----------

## cspos

 *kaidon wrote:*   

> 
> 
> what's the big picture? how should it look like when you're finished and everything's working the way you want?
> 
> 

 

This is the doc I used, so it should turn out how it is described in there.

 *kaidon wrote:*   

> 
> 
> from reading your main.cf there seem to be 3 domains involved:
> 
> spazticenterprises.com, virt-bar.com, liveransonions.org 
> ...

 

Oh, crap. My primary domain in spazticenterprises.com, and I wanted liveranDonions.org as a virtual domain. virt-bar.com is a default value that was in that guide.

 *kaidon wrote:*   

> 
> 
> how should the mail-accounts for each of them be managed? where do you keep the data for the mailboxes for each domain?
> 
> 

 

I'm not quite sure what you mean. To answer your second question, I created the directory /home/vmail for vmail users. Each user gets a folder under that, so for example, cspos@spazticenterprises.com gets the directory /home/

 *kaidon wrote:*   

> 
> 
> replace
> 
> mynetworks = my.ip.net.work/24, 127.0.0.0/8 
> ...

 

Done.

 *kaidon wrote:*   

> 
> 
> replace $vmail-uid/$vmail-gid with the uid/gid of the vmail account you created.
> 
> 

 

The u/gid from which vmail account?

Oh, by the way, have I thanked you for your time lately?  :Smile: 

----------

## kaidon

 *cspos wrote:*   

> I'm not quite sure what you mean. To answer your second question, I created the directory /home/vmail for vmail users. Each user gets a folder under that, so for example, cspos@spazticenterprises.com gets the directory /home/ 

 

Postfix knows different types of domains. There are local domains and virtual domains. Local domains are handled by the parameters

mydestination (domains) and local_recipient_maps (users).

Mail for local domain/users goes to:

/home/cspos/.maildir/

/home/johndoe/.maildir/

Virtual domains are handled by virtual_mailbox_domains and virtual_mailbox_maps.

Mail for virtual domains/users goes to:

/home/vmail/liverandonions.org/fred-flintstone/

/home/vmail/liverandonions.org/barney-rumble/

/home/vmail/whatever.org/someone/

(you can add a subfolder .maildir/ here to, but you don't have to)

There are different possibilities to combine/use those. I just wanted to know how you where using them. Do the above examples reflect your setup?

 *cspos wrote:*   

> The u/gid from which vmail account? 

 

If you followed http://www.gentoo.org/doc/en/virt-mail-howto.xml you created a vmail group and user (see Code Listing 9.1). Check your /etc/passwd for the numeric user/group id's and replace $vmail-uid/$vmail-gid with them.

For example:

if

/etc/passwd:

vmail:x:1004:570:Virtual Mail User:/home/vmail:/bin/false

then

virtual_uid_maps = static:1004

virtual_gid_maps = static:570

I would make sure you define parameters only once in main.cf. You will probably want to remove one definition of alias_maps.

I don't think that's an error, but it makes the config harder to read/understand. Also I am not sure if Postfix takes the first or last value if you define it twice.

```
/usr/sbin/postconf
```

gives you a list of all Postfix parameters in use.

```
/usr/sbin/postconf -n
```

shows only params that are not left at their built-in default value (changed by you in main.cf).

Now do the "telnet send email thing" again and post the log if it failes.

----------

## cspos

If you haven't been able to tell by my recent lack of posting, I have to put this project on hold for a bit. As much as I try to convince myself that this mail server is more important than going back to school, my common sense keeps telling me otherwise. I'll probably be back sometime into the first semester...

Thanks again.

----------

## kaidon

A final note from n00b to n00b:

The guide at http://www.gentoo.org/doc/en/virt-mail-howto.xml is not really the best for someone new to Postfix or configuring mailservers. It is meant for folks allready familiar with the basics, and also it is meant for a large setup with meny different domains.

I know, I've been there ...

The probably best note I found on the Postfix mailing-list was something like:

"Forget about all the how-to's. Define your needs, then RTM. Start as simple as possible. Without MySQL, LDAP and the like. Just use the built-in Postfix lookup tables, with all config in text files (hash maps). Once you have it working that way, go on and port your setup to a different backend."

cheers

k

----------

## tspse

 *kaidon wrote:*   

> A final note from n00b to n00b:
> 
> The guide at http://www.gentoo.org/doc/en/virt-mail-howto.xml is not really the best for someone new to Postfix or configuring mailservers. It is meant for folks allready familiar with the basics, and also it is meant for a large setup with meny different domains.
> 
> I know, I've been there ...
> ...

 

I tried that guide, failed misserably =D

All im trying is to get a LOCAL ONLY mail fo rmy server,

and to this date i havent found a guide/howto that did work for me,

i tried'em all that i could find, alternativly, i want to get an

SSL-pop3 mailserver, where i can fetch the logs that i will send to my self

using outlook 2003 on my win-box, or using mutt locally.

----------

## kaidon

hi tspse

Not shure I understand exactly what you want.

Maybe this is a start:

http://dev.gentoo.org/~spider/local-mail-0.3.0/local-email.html

cheers

k

----------

## tspse

 *kaidon wrote:*   

> hi tspse
> 
> Not shure I understand exactly what you want.
> 
> Maybe this is a start:
> ...

 

i think thats EXACTLY what i want, gonna look more into tomorrow, im dead tired and its 1:30 am now =D

----------

