FTP, SMTP and SVN failure.

13 posts / 0 new
Last post
#1 Sat, 05/28/2011 - 08:09
sparkeh9

FTP, SMTP and SVN failure.

Im having trouble with user logins for the above services.

I can fetch mail using thunderbird client (this hopefully verifies that the credentials are correct), but it fails to find the SMTP settings when I add the account, so have to try to set it manually to port 25. Still results in timeouts.

I can login to FTP using the virtual server default user, and SVN as the default user, but not any users that I create.

I have made sure that I have given the users access to the repositories and FTP directories (everything to the 'allowed' listbox)

Any ideas?

EDIT: Port 25 is open, but doesn't seem to be running anything :S

Sat, 05/28/2011 - 10:07
andreychek

Howdy,

You may want to try restarting Postfix, with "/etc/init.d/postfix restart".

If that doesn't help -- look in the mail logs, either /var/log/maillog, or /var/log/mail.log, to see if any errors show up when you restart Postfix or attempt to connect to it on port 25.

You can determine if Postfix is listening on port 25 by running this:

netstat -an | grep :25

If that shows Postfix is indeed listening -- that may suggest that someone between you and your server is blocking port 25.

-Eric

Sat, 05/28/2011 - 15:04
sparkeh9

Thanks for that,

I've been able to determine that my ISP is blocking port 25, by using telnet to port 25 on my server, from another. The question now, is how to I provide SMTP on an alternative port? and if this can be done, will any email clients need additional configuration?

Also, any idea why my user accounts can't use login to FTP or SVN? Can download email using the same credentials which is strange.

Sat, 05/28/2011 - 16:37
andreychek

Well, Postfix has to be running on port 25 in order to be able to receive emails. Mail servers always deliver email to port 25. So if it's the ISP for your server that's blocking port 25 -- you might be out of luck.

However, if it's just an issue with your desktop -- you might want to try accessing your mail on port 465 using SSL. That should be setup automatically during the Virtualmin installation.

-Eric

Sat, 05/28/2011 - 18:36
Locutus

Two solutions: kick your ISP in the butt to open port 25 for you, or move your Virtualmin off your home place to an actual server hoster. :) Those will surely not block port 25.

Sun, 05/29/2011 - 08:43
sparkeh9

My server is already in a datacentre :), all ports are open at the server end, it's my home ISP that's blocking the ports :(.

Port 465 is open now, and is listening. I can connect to it with the mail client, and netstat -an | grep :465 shows that the connection is established, but it just times out.

[root@burstingbox ~]# netstat -an | grep :465 tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN tcp 0 0 78.129.233.186:465 93.97.81.69:2306 ESTABLISHED

/var/log/maillog shows this at the end...

May 29 14:41:19 burstingbox postfix/smtpd[6317]: connect from 93-97-81-69.zone5.bethere.co.uk[93.97.81.69] May 29 14:41:52 burstingbox postfix/smtpd[6317]: lost connection after UNKNOWN from 93-97-81-69.zone5.bethere.co.uk[93.97.81.69] May 29 14:41:52 burstingbox postfix/smtpd[6317]: disconnect from 93-97-81-69.zone5.bethere.co.uk[93.97.81.69]

Virtualmin Gurus assemble :)

Sun, 05/29/2011 - 10:04
andreychek

So is your server's IP "78.129.233.186"?

I'm able to connect to port 465 without a problem.

However -- It doesn't look like port 465 there is answering in the usual fashion... typically, it would sit there waiting for an SSL negotiation. Instead, port 465 appears to be answering in a manner similar to it would on port 25.

Did you by chance do anything unusual with the configuration there? :-)

Normally, 465 would be enabled by default, and would accept SSL-based connections.

-Eric

Mon, 05/30/2011 - 13:48
sparkeh9

I can now login to FTP and Subversion! I transferred the allowed directories and repositories into the allowed box and assumed that because they're in the allowed box, that was it.

It wasn't until I transferred them, then highlighted them and saved, that they worked. Is this correct? It seems strange, as when I reload the page, they aren't selected any more :S.

I modified the postfix master.cf? file, and uncommented a few lines which a tutorial suggested, to get it to listen on port 465. But my mail clients still can't connect via smtp :(.

Aside from that, when I login to FTP using one of my created users, the only directories I can see is their home directory, which contains .spamassassin, .usermin and Maildir, how can I make it so these users can see the entire virtual server directory? e.g. /home/servername ?

Mon, 05/30/2011 - 19:40
andreychek

Well, Postfix was already responding on port 465... it's just responding incorrectly :-)

It sounds like something non-default is occurring.

Is your server behind a NAT router? If so, is it possible that port 465 is being forwarded to port 25?

-Eric

Tue, 05/31/2011 - 14:13
sparkeh9

OK, I've got TLS encryption running on port 25 and 26 (for if port 25 is blocked), and I'm using thunderbird as an email client.

When adding the account, I can download the mail for the account, but I can't send anything. The maillog shows this:

May 31 19:59:47 burstingbox postfix/smtpd[29100]: connect from 93-97-81-69.zone5.bethere.co.uk[93.97.81.69] May 31 19:59:47 burstingbox postfix/smtpd[29100]: setting up TLS connection from 93-97-81-69.zone5.bethere.co.uk[93.97.81.69] May 31 19:59:47 burstingbox postfix/smtpd[29100]: TLS connection established from 93-97-81-69.zone5.bethere.co.uk[93.97.81.69]: TLSv1 with cipher AES256-SHA (256/256 $ May 31 19:59:49 burstingbox postfix/smtpd[29100]: warning: SASL authentication failure: Password verification failed May 31 19:59:49 burstingbox postfix/smtpd[29100]: warning: 93-97-81-69.zone5.bethere.co.uk[93.97.81.69]: SASL PLAIN authentication failed: authentication failure May 31 19:59:51 burstingbox postfix/smtpd[29100]: warning: 93-97-81-69.zone5.bethere.co.uk[93.97.81.69]: SASL LOGIN authentication failed: authentication failure

Any ideas?

Tue, 05/31/2011 - 18:47
andreychek

Well, using TLS encryption is usually accomplished by enabling the "Submission" protocol in /etc/postfix/master.cf, and accessing it on port 587. That would work in conjunction with saslauthd.

I'm not sure what it is exactly that you have running on port 26 -- but my recommendation would be to use the Submission protocol on port 587 for that.

-Eric

Wed, 06/01/2011 - 13:17
sparkeh9

Good news

I now have email working! I uncommented the submission port in master.cf, altered the firewall to accept the connection and we have success!

I was stumbled by the 'SASL authentication failed' errors in the mail log, but realised that the username for SMTP must be like user-domain.

The only problem left now, is, how do I give my user accounts access to the virtual server public_html folder?, atm they can only see .spamassassin, .usermin and Maildir.

Wed, 06/01/2011 - 13:48
andreychek

It sounds like what you may want are "Website Access FTP Users".

You can create one of those by going into Edit Mail and FTP Users, and clicking "Add a website FTP access user.".

That will create a user whose home directory is in your website's DocumentRoot.

-Eric

Topic locked