POP3 logon failed

17 posts / 0 new
Last post
#1 Mon, 02/02/2009 - 15:30
zer0

POP3 logon failed

hi, i'm trying to configure outlook 2003 to use pop3 to get email from virtualmin server which is on LAN. so i configured smtp and pop3 server to server's lan address. When i try to connect it says POP3 logon failed. it could be that somehow pop3 is not enabled.

I tried entering my username (test) in different formats test test.mydomain test.mydomain.com test@mydomain.com

nothing worked,

any help will be appreciated...

PS: also can some please tell me how to go about changing smtp port 25 in virtualmin, because i need to use my ISP's smtp relay host and they use port 587 instead of 25 for some reason.

Thanx again

Mon, 02/02/2009 - 16:07
Joe
Joe's picture

<div class='quote'>I tried entering my username (test) in different formats</div>

There is no sense experimenting with usernames...Virtualmin will tell you exactly what the username is. Look in the Edit Email and FTP Users page--the &quot;IMAP/FTP Login&quot; is the username, always and without question.

Once you are using the right username, show us the maillog entries from the failed login attempts, and we'll be able to be more helpful.

<div class='quote'>PS: also can some please tell me how to go about changing smtp port 25 in virtualmin, because i need to use my ISP's smtp relay host and they use port 587 instead of 25 for some reason.</div>

SMTP is 25, always and forever. 587 is &quot;submission&quot;, which is generally a TLS encrypted SMTP submission port...presumably that's what you're asking: How to setup Postfix to relay through your ISP-provided server. This is not at all the same as configuring the mail server to use port 587.

Browse to Webmin:Servers:Postfix Mail Server

Click on General Options

Fill in the name of the ISPs server in the &quot;Send outgoing mail via&quot;

Now...Somehow we need to tell Postfix to use 587 (and presumably TLS) for this purpose...and I've never done that before. I'm gonna have to ask the Google. ;-)

Found it...So, you can specify the use of the submission port by adding &quot;:submission&quot; to the end of the name, e.g.:

example.com:submission

Now, this might mean you have to have submission defined in the servers Postfix configuration file (master.cf--or in the &quot;Server Processes&quot; page in Webmin). Again, I've never set this up before, so I'm not actually sure.

--

Check out the forum guidelines!

Mon, 02/02/2009 - 16:29 (Reply to #2)
zer0

so i used my IMAP/FTP login and i checked the mail.log file in /var/log directory and i didnt see any failed attempts logged, the only thing i saw was this

[code:1]
Feb 2 21:13:25 b dovecot: imap-login: Login: user=&lt;test.genvioncorp&gt;, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Feb 2 21:13:26 b last message repeated 3 times
Feb 2 21:13:26 b dovecot: IMAP(test.genvioncorp): Connection closed
Feb 2 21:13:26 b last message repeated 3 times
[/code:1]

However this is the message i'm getting in outlook 2003

Task '192.168.1.160 - sending and receiving' reported error (0x800CCC92): your email server rejected your login. verify your username and password in your account properties. Under tools click email accounts. The server responded: ERR Plaintext authentication disallowed on non-secure connection.

Mon, 02/02/2009 - 16:42 (Reply to #3)
andreychek

If you log in over SSH, and edit /etc/dovecot/dovecot.conf, there's a line beginning with &quot;disable_plaintext_auth&quot;.

That needs to be set to &quot;no&quot;, it's sometimes set to &quot;yes&quot; by default.

After changing that, restart Dovecot (/etc/init.d/dovecot restart), and that should take care of it!
-Eric

Mon, 02/02/2009 - 17:10 (Reply to #4)
zer0

<div class='quote'>If you log in over SSH, and edit /etc/dovecot/dovecot.conf, there's a line beginning with &quot;disable_plaintext_auth&quot;.

That needs to be set to &quot;no&quot;, it's sometimes set to &quot;yes&quot; by default.

After changing that, restart Dovecot (/etc/init.d/dovecot restart), and that should take care of it!
-Eric </div>

sorry, i tried that but it didnt work, when i try to login through outlook 2003 i get the error:

Log onto incomming mail server (POP3): Unable to logon to the incoming mail server (POP3). Please verify the settings in the user name, password and e-mail fields.

Mon, 02/02/2009 - 18:26 (Reply to #5)
andreychek

Did the error about plaintext authentication go away?

If you look in either /var/log/auth.log, or /var/log/secure, are you seeing errors in there that suggest that the username or password is incorrect?
-Eric

Mon, 02/02/2009 - 19:23 (Reply to #6)
zer0

I dont see any indication of incorrect username and password

[code:1]
Feb 3 00:15:06 b su[9547]: Successful su for postgres by root
Feb 3 00:15:06 b su[9547]: + ??? root:&Acirc;&laquo;&Acirc;&raquo;postgres
Feb 3 00:15:06 b su[9547]: pam_unix(su:&Acirc;&laquo;&Acirc;&raquo;session): session opened for user postgres by (uid=0)
Feb 3 00:15:06 b su[9547]: pam_unix(su:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user postgres
Feb 3 00:15:07 b CRON[9516]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user root
Feb 3 00:15:11 b CRON[9517]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user root
Feb 3 00:17:01 b CRON[9592]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session opened for user root by (uid=0)
Feb 3 00:17:01 b CRON[9592]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user root
Feb 3 00:20:01 b CRON[9647]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session opened for user www-data by (uid=0)
Feb 3 00:20:01 b CRON[9647]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user www-data
Feb 3 00:20:01 b CRON[9649]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session opened for user root by (uid=0)
Feb 3 00:20:01 b CRON[9650]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session opened for user root by (uid=0)
Feb 3 00:20:04 b su[9676]: Successful su for postgres by root
Feb 3 00:20:05 b su[9676]: + ??? root:&Acirc;&laquo;&Acirc;&raquo;postgres
Feb 3 00:20:05 b su[9676]: pam_unix(su:&Acirc;&laquo;&Acirc;&raquo;session): session opened for user postgres by (uid=0)
Feb 3 00:20:05 b su[9676]: pam_unix(su:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user postgres
Feb 3 00:20:06 b CRON[9649]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user root
Feb 3 00:20:21 b CRON[9650]: pam_unix(cron:&Acirc;&laquo;&Acirc;&raquo;session): session closed for user root
[/code:1]

Tue, 02/03/2009 - 10:58 (Reply to #7)
zer0

ok so if i try IMAP instead, it still rejects my login info but i get the following error which is slightly more useful

Plaintext authentication disallowed on non-secure connections.

Configuration:
Account: 192.168.1.160
Server: 192.168.1.160

Tue, 02/03/2009 - 11:00 (Reply to #8)
andreychek

Well, that's about the same error we were seeing earlier.

Are you certain that you edited the Dovecot config and changed &quot;disable_plaintext_auth&quot; to be &quot;no&quot; -- and restarted Dovecot afterwards?
-Eric

Tue, 02/03/2009 - 11:11 (Reply to #9)
zer0

[code:1]
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
#disable_plaintext_auth = no
[/code:1]

yep its set to 'no'

it has a # in front of it, does that mean the code is not active? (sorry not familiar with this scripting)

Tue, 02/03/2009 - 11:13 (Reply to #10)
andreychek

Ahh, indeed, you'll want to remove the # mark -- that implies a &quot;comment&quot;, so with that # at the front of the line, the remaining contents of the line are ignored.

If you remove the # in front of &quot;disable_plaintext_auth&quot;, and then restart Dovecot, you should be in good shape!
-Eric

Tue, 02/03/2009 - 11:45 (Reply to #11)
zer0

THANK YOU VERY MUCH...

now everything seems to be working great.
just one question slightly off topic:
If I had a static IP (business line), would i still need to use my ISP's SMTP server to send out emails?
and can you recommend any good looking webmail?

And thank you everyone for all your help.

PS: for reference i followed the following method for SASL SMTP Authentication, I found it one the following forum
http://www.tribemagazine.com/board/showthread.php?s=&amp;threadid=95867&...

<div class='quote'>

My outbound connections on port 25 were blocked on the 27th

if anyone runs postfix as their MTA locally on a Rogers line, here are the quick steps to configure postfix to relay to the Rogers smtp servers.

You need to build postfix with Cyrus SASL (if you haven't already done so).

add the following lines to your postfix main.cf file..
#begin
# needed for rogers yaho sasl
smtp_sasl_auth_enable = yes
# leaving blank, indicates plain text.. which we need
smtp_sasl_security_options =
# location of your sasl_paswd file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# rogers/yahoo smtpd : port
relayhost = [smtp.broadband.rogers.com]:587
#end

edit the following file
$ cat /etc/postfix/sasl_passwd
smtp-rog.mail.yahoo2.akadns.net rogers_email_address@rogers.com:rogers_password

after modifying sasl_passwd, run the following to build the sasl_passwd db
$ postmap /etc/postfix/sasl_passwd

Restart your postfix process..

if your machine is relaying successfully you should see the following in your mail logs..

Jul 1 04:19:22 tb303 postfix/smtp[30683]: 5C25D6B639: to=&lt;XXX@myblackberry.com&gt;, orig_to=&lt;XXX@housejunkie.ca&gt;, relay=smtp-rog.mail.yahoo2.akadns.net[206.190.36.18], delay=1, status=sent (250 ok 1120209643 qp 56045)

jW

</div>

Tue, 02/03/2009 - 11:49 (Reply to #12)
andreychek

<div class='quote'>If I had a static IP (business line), would i still need to use my ISP's SMTP server to send out emails?</div>

That all depends on your ISP, but you probably will need to continue using your ISP's SMTP server.

<div class='quote'>and can you recommend any good looking webmail?</div>

RoundCube is pretty decent looking:

http://roundcube.net/

That's included in the Script Installers with the Pro version of webmin, and is something you can install on your own in the GPL version.

Have a good one,
-Eric

Tue, 02/03/2009 - 12:18 (Reply to #13)
zer0

Thats great, thank you Eric.

Wed, 02/04/2009 - 00:20 (Reply to #14)
sgrayban

Actually port 587 needs to be enabled in /etc/postfix/master.cf
[code:1]#submission inet n - - - - smtpd[/code:1]

Change to
[code:1]submission inet n - - - - smtpd -o smtpd_sasl_auth_enable=yes[/code:1]

save and reload postfix -&gt; postfix reload

remember to open port 587 if you use a firewall

Wed, 02/04/2009 - 00:24 (Reply to #15)
sgrayban

HAH ! stupid ass forum parsed the code wrong as usual and removed the first code because it started with a #(number) sign. How lame.

Fri, 02/06/2009 - 09:57 (Reply to #16)
zer0

but i would still need to use my ISP email and password to identify myself to ISP's smtp server.
I'm using roundcube now which allows me to do that, so it saves me having to modify the main.cf file.. but it is definitely good to know, though your code didnt show up properly sgrayban :P when u get a chance do you mind re-posting?

Thanx

Topic locked