HELP: migration issue email accounts cpanel to virtualmin

41 posts / 0 new
Last post
#1 Sat, 03/05/2011 - 10:16
warren0728

HELP: migration issue email accounts cpanel to virtualmin

it's me again : )

so i migrated all the domains from cpanel to my virtualmin box....i could preview all the sites within virtualmin and i did email tests as recommended on these forums and it worked.

so i change the ips of my nameservers to the new virtualmin box and the websites worked but email would not....rejecting the password....

are there any known issues moving from cpanel email accounts to virtualmin email accounts?

i reset the nameservers to my old cpanel box until i get this figured out!

thanks in advance....

ww : )

Sat, 03/05/2011 - 11:03
andreychek

Hmm, in theory that should work. Can you remind me which distro you're using>

And then -- do you see any errors in the mail logs, either /var/log/maillog, or /var/log/mail.log?

-Eric

Sat, 03/05/2011 - 11:14
warren0728

thanks eric,

Operating system CentOS Linux 5.5 Webmin version 1.530 Virtualmin version 3.83.gpl GPL

i'll be honest....i'm not sure what i'm looking for in the mail log.....there are a lot of entries like this:

Feb 28 23:40:19 server dovecot: pop3-login: Disconnected: user=, method=PLAIN, rip=::ffff:116.236.230.10, lip=::ffff:66.23.232.243

i do see lot's more errors but they seem to be about the sender....

could i email or pm you the entire file?

ww : )

Sat, 03/05/2011 - 13:36
warren0728

also....is it possible i didn't give it long enough to propagate properly....i know when accessing websites i was going to the new virtualmin server....does that guarantee the email info had propagated as well?

thanks again in advance, ww : )

Sat, 03/05/2011 - 15:39
andreychek

Well, that should be something you can test. If you connect your mail client to the IP address of your new server, try authenticating as one of your users, and see what happens.

If your users have a user@domain.tld style email address, you may want to make sure that saslauthd is running with the -r parameter (which is needed for that login type to work).

You can determine that by running "ps auxw | grep saslauthd".

-Eric

Sat, 03/05/2011 - 16:28
warren0728

here is the output....it doesn't look like saslauthd is running with the -r parameter

[root@server ~]# ps auxw | grep saslauthd root 539 0.0 0.0 4212 608 pts/0 S+ 17:19 0:00 grep saslauthd root 2501 0.0 0.0 5736 1092 ? Ss Feb26 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam root 2502 0.0 0.0 5736 1080 ? S Feb26 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam root 2503 0.0 0.0 5688 428 ? S Feb26 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam root 2504 0.0 0.0 5736 1080 ? S Feb26 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam root 2505 0.0 0.0 5736 1080 ? S Feb26 0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam [root@server ~]#

Sat, 03/05/2011 - 16:39
warren0728

also....i'm not sure how to set the parameter

thanks, warren

Sat, 03/05/2011 - 16:52
andreychek

If you log into your server over SSH as root, edit "/etc/sysconfig/saslauthd".

There's going to be a line that starts with something like "OPTIONS", "PARAMS", "FLAGS", something like that -- I forget the specific name :-)

Whatever it is -- it needs to have "-r" after it. At the moment, it's likely blank. So if you look in the file, and see a "FLAGS=" at the end, you'd need to modify that to read "FLAGS=-r".

Then, restart saslauthd (/etc/init.d/saslauthd restart), and try authenticating again.

-Eric

Sat, 03/05/2011 - 17:08
warren0728

ok made the changes and restarted....authentication failed:

Last login: Sat Mar 5 18:03:41 on ttys000 mules-macbook-pro-17:~ mule$ telnet 66.23.xxx.xxx 110 Trying 66.23.xxx.xxx... Connected to 666.23.xxx.xxx. Escape character is '^]'. +OK Dovecot ready. USER warren@xxxxx.com +OK PASS xxxxxx -ERR Authentication failed.

Sat, 03/05/2011 - 17:35
warren0728

just thinking here....on my old server (cpanel/redhat) smtp required authentication (username/password)

would that be an issue?

Sat, 03/05/2011 - 18:49
andreychek

Okay, so even Dovecot authentication is failing... that looks to be a different problem then :-)

Take another peek at the end of your /var/log/maillog file at the exact time that you're connecting via telnet -- are you noticing anything unusual? Any warnings or errors, outside of the typical connects and disconnects?

-Eric

Sat, 03/05/2011 - 19:01
warren0728

i don't really see anything but i'm not really sure what i'm looking for!

should i post the last bit of the maillog file here? will that help?

Sat, 03/05/2011 - 22:23
andreychek

Yeah, if you try the authentication again, then post the last 10 lines from the maillog, that would help a bunch!

Also, for good measure -- you may want to post the last 10 lines of your /var/log/messages as well.

Thanks!

-Eric

Sat, 03/05/2011 - 23:50
warren0728

ok.....looks like i am getting a ton of attempts to get into my box....

*******mailog*******

Mar 6 00:22:09 server postfix/anvil[2527]: statistics: max connection rate 5/60s for (smtp:91.121.188.29) at Mar 6 00:18:49 Mar 6 00:22:09 server postfix/anvil[2527]: statistics: max connection count 4 for (smtp:91.121.188.29) at Mar 6 00:18:49 Mar 6 00:22:09 server postfix/anvil[2527]: statistics: max cache size 1 at Mar 6 00:18:49 Mar 6 00:23:23 server postfix/qmgr[2452]: 5F0CF5F68004: from=<>, size=3647, nrcpt=1 (queue active) Mar 6 00:23:23 server postfix/qmgr[2452]: EFE665F68007: from=<>, size=3624, nrcpt=1 (queue active) Mar 6 00:23:53 server postfix/smtp[3008]: connect to gbrsecurity.telesp.net.br[200.171.222.88]: Connection timed out (port 25) Mar 6 00:23:53 server postfix/smtp[3009]: connect to umail.ukrtel.net[195.5.6.2]: Connection timed out (port 25) Mar 6 00:23:53 server postfix/smtp[3009]: EFE665F68007: to=MariluTeyler3352@ukrtel.net, relay=none, delay=42662, delays=42632/0.02/30/0, dsn=4.4.1, status=deferred (connect to umail.ukrtel.net[195.5.6.2]: Connection timed out) Mar 6 00:24:23 server postfix/smtp[3008]: connect to gbrsecurity02.telesp.net.br[200.171.222.87]: Connection timed out (port 25) Mar 6 00:24:23 server postfix/smtp[3008]: 5F0CF5F68004: to=CleoraWyett8822@telesp.net.br, relay=none, delay=49975, delays=49915/0.02/60/0, dsn=4.4.1, status=deferred (connect to gbrsecurity02.telesp.net.br[200.171.222.87]: Connection timed out) Mar 6 00:27:27 server dovecot: pop3-login: Disconnected: Input buffer full: user=warren@ww-cs.com, method=PLAIN, rip=::ffff:97.100.156.44, lip=::ffff:66.23.232.242

*******messages*******

Mar 6 00:27:18 server sshd[3434]: Invalid user jodie from 125.141.232.104 Mar 6 00:27:18 server sshd[3434]: error: Could not get shadow information for NOUSER Mar 6 00:27:18 server sshd[3434]: Failed password for invalid user jodie from 125.141.232.104 port 44182 ssh2 Mar 6 00:27:20 server sshd[3436]: Invalid user jodine from 125.141.232.104 Mar 6 00:27:20 server sshd[3436]: error: Could not get shadow information for NOUSER Mar 6 00:27:20 server sshd[3436]: Failed password for invalid user jodine from 125.141.232.104 port 44473 ssh2 Mar 6 00:27:22 server sshd[3438]: Invalid user jody from 125.141.232.104 Mar 6 00:27:22 server sshd[3438]: error: Could not get shadow information for NOUSER Mar 6 00:27:22 server sshd[3438]: Failed password for invalid user jody from 125.141.232.104 port 44768 ssh2 Mar 6 00:27:24 server sshd[3440]: Invalid user joeleene from 125.141.232.104 Mar 6 00:27:24 server sshd[3440]: error: Could not get shadow information for NOUSER Mar 6 00:27:24 server sshd[3440]: Failed password for invalid user joeleene from 125.141.232.104 port 45068 ssh2 Mar 6 00:27:26 server sshd[3442]: Invalid user joelle from 125.141.232.104 Mar 6 00:27:26 server sshd[3442]: error: Could not get shadow information for NOUSER Mar 6 00:27:26 server sshd[3442]: Failed password for invalid user joelle from 125.141.232.104 port 45386 ssh2 Mar 6 00:27:27 server sshd[3444]: Invalid user johanna from 125.141.232.104 Mar 6 00:27:28 server sshd[3444]: error: Could not get shadow information for NOUSER Mar 6 00:27:28 server sshd[3444]: Failed password for invalid user johanna from 125.141.232.104 port 45670 ssh2 Mar 6 00:27:29 server sshd[3446]: Invalid user johnna from 125.141.232.104 Mar 6 00:27:30 server sshd[3446]: error: Could not get shadow information for NOUSER Mar 6 00:27:30 server sshd[3446]: Failed password for invalid user johnna from 125.141.232.104 port 45982 ssh2 Mar 6 00:27:31 server sshd[3448]: Invalid user joi from 125.141.232.104 Mar 6 00:27:32 server sshd[3448]: error: Could not get shadow information for NOUSER Mar 6 00:27:32 server sshd[3448]: Failed password for invalid user joi from 125.141.232.104 port 46275 ssh2 Mar 6 00:27:33 server sshd[3450]: Invalid user joie from 125.141.232.104 Mar 6 00:27:33 server sshd[3450]: error: Could not get shadow information for NOUSER Mar 6 00:27:33 server sshd[3450]: Failed password for invalid user joie from 125.141.232.104 port 46586 ssh2 Mar 6 00:27:34 server sshd[3452]: Accepted password for root from 97.100.156.44 port 41750 ssh2 Mar 6 00:27:34 server sshd[3452]: subsystem request for sftp by user root Mar 6 00:27:35 server sshd[3455]: Invalid user jolanda from 125.141.232.104 Mar 6 00:27:35 server sshd[3455]: error: Could not get shadow information for NOUSER Mar 6 00:27:35 server sshd[3455]: Failed password for invalid user jolanda from 125.141.232.104 port 46866 ssh2 Mar 6 00:27:37 server sshd[3457]: Invalid user joleen from 125.141.232.104 Mar 6 00:27:37 server sshd[3457]: error: Could not get shadow information for NOUSER Mar 6 00:27:37 server sshd[3457]: Failed password for invalid user joleen from 125.141.232.104 port 47187 ssh2 Mar 6 00:27:39 server sshd[3459]: Invalid user jolene from 125.141.232.104 Mar 6 00:27:39 server sshd[3459]: error: Could not get shadow information for NOUSER Mar 6 00:27:39 server sshd[3459]: Failed password for invalid user jolene from 125.141.232.104 port 47463 ssh2

Sun, 03/06/2011 - 00:01
andreychek

So, are you by chance able to log in via, say, Usermin? (browsing to your IP address, at port 20000)

Or, can you log in as your domain owners into Virtualmin?

I don't really see any errors in the output above... you're right that there's a lot of breakin attempts, but that's fairly common, bots will be banging on your server's doors all day and night :-)

-Eric

Sun, 03/06/2011 - 00:07
warren0728

yeah i can log in to usermin using the same username (full email address) and password that failed during authentication from telnet session....

thanks, ww

Sun, 03/06/2011 - 00:16
warren0728

another thought....could it be a pop/imap problem....looks like when i logged into usermin the mail account was set up as imap....on the cpanel box it was pop....might not be an issue but i thought i would mention it.

thanks again, ww

Sun, 03/06/2011 - 08:59
warren0728

sunday morning bump : )

Sun, 03/06/2011 - 13:58
warren0728

any ideas eric....i really want to finish this migration and i'm kinda stuck....

anything else i need to try?

thanks, warren

Sun, 03/06/2011 - 16:10
andreychek

Well, it's difficult to say, I don't see any error relating to your connection. You may need to check out some of the other logfiles at the time you're authenticating to see if errors are being produced there.

For example, after authenticating, take a peek at /var/log/secure -- it may list any authentication problems in there.

As far as POP/IMAP -- that wouldn't matter. Dovecot handles both, and both are enabled on a typical installation.

-Eric

Sun, 03/06/2011 - 17:01
warren0728

ok....here are some log files...

********maillog********

Mar 6 17:39:25 server postfix/smtp[2460]: A39F25F68003: to=no-reply889@workingin-australia.com, relay=none, delay=112768, delays=112699/0.02/69/0, dsn=4.4.1, status=deferred (connect to workingin-australia.com[203.89.183.105]: Connection timed out) Mar 6 17:39:25 server postfix/smtp[2459]: 3E7C65F68005: to=no-reply167@workingin-australia.com, relay=none, delay=111638, delays=111568/0.08/69/0, dsn=4.4.1, status=deferred (connect to workingin-australia.com[203.89.183.105]: Connection timed out) Mar 6 17:50:55 server dovecot: pop3-login: Disconnected: Input buffer full: user=warren@ww-cs.com, method=PLAIN, rip=::ffff:97.100.156.44, lip=::ffff:66.23.232.242 Mar 6 17:51:55 server postfix/smtpd[3749]: connect from clickcashvault.com[66.207.161.157] Mar 6 17:51:55 server postfix/smtpd[3749]: CBF0625782EF: client=clickcashvault.com[66.207.161.157] Mar 6 17:51:55 server postfix/cleanup[3758]: CBF0625782EF: message-id=1299451915.vjppoqwfhy@clickcashvault.com Mar 6 17:51:55 server postfix/qmgr[2454]: CBF0625782EF: from=stayhome2@websiteloader.com, size=3302, nrcpt=1 (queue active)

**********secure*********

Mar 6 17:26:26 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:97.100.156.44 Mar 6 17:26:26 server dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user warren@ww-cs.com Mar 6 17:30:04 server su: pam_unix(su:session): session opened for user postgres by (uid=0) Mar 6 17:30:04 server su: pam_unix(su:session): session closed for user postgres Mar 6 17:35:03 server su: pam_unix(su:session): session opened for user postgres by (uid=0) Mar 6 17:35:03 server su: pam_unix(su:session): session closed for user postgres Mar 6 17:39:05 server webmin[2601]: Webmin starting Mar 6 17:40:04 server su: pam_unix(su:session): session opened for user postgres by (uid=0) Mar 6 17:40:04 server su: pam_unix(su:session): session closed for user postgres Mar 6 17:45:03 server su: pam_unix(su:session): session opened for user postgres by (uid=0) Mar 6 17:45:03 server su: pam_unix(su:session): session closed for user postgres Mar 6 17:50:03 server su: pam_unix(su:session): session opened for user postgres by (uid=0) Mar 6 17:50:03 server su: pam_unix(su:session): session closed for user postgres Mar 6 17:50:20 server dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Mar 6 17:50:20 server dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:97.100.156.44 Mar 6 17:50:20 server dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user warren@ww-cs.com

Sun, 03/06/2011 - 20:18
andreychek

If you type "grep warren@ww-cs.com /etc/passwd", what output do you receive?

Also, can you attach your /etc/dovecot/dovecot.conf file to the thread here?

-Eric

Sun, 03/06/2011 - 20:29
warren0728

ok when i type "grep warren@ww-cs.com /etc/passwd" i get no output:

[root@server ~]# grep warren@ww-cs.com /etc/passwd [root@server ~]#

i attached the dovecot.conf file which is actually in the "etc" folder (there is no "dovecot" folder)....i had to give it a .txt extension to allow it to be attached.

thanks, warren

Sun, 03/06/2011 - 22:14
andreychek

Hmm, what if you run this:

grep warren /etc/passwd

Does that produce any output?

-Eric

Mon, 03/07/2011 - 03:46
warren0728

yes it did eric....

[root@server ~]# grep warren /etc/passwd warrenwo:x:500:500:Migrated cPanel server warrenworld.com:/home/warrenwo:/bin/sh paypal.warrenworld:x:501:500::/home/warrenwo/homes/paypal:/dev/null warren.ww-cs:x:565:517::/home/wwcs/homes/warren:/dev/null [root@server ~]#

Mon, 03/07/2011 - 10:05
warren0728

looking at this output i tried telnetting using warren.ww-cs.com instead of warren@ww-cs.com but got the same results....any ideas?

Mon, 03/07/2011 - 10:11
andreychek

Well, try it with "warren.ww-cs" (no .com on the end).

If that works, we can discuss what to do from there :-)

-Eric

Mon, 03/07/2011 - 10:20
warren0728

ok that worked!

hopefully we can get it to work using full email address like "warren@ww-cs.com" because all my clients have their email programs set up that way!

thanks, warren

Mon, 03/07/2011 - 10:25
andreychek

Well, whenever Virtualmin creates an account, it consults a setting in the server templates regarding how to add that account.

It sounds like it used that setting (which defaults to user.domain, and not user@domain.tld), rather than using specifically what you had previously in cPanel.

You can set the username format in System Settings -> Server Templates -> Default -> Mail for Domain, and set "Format for usernames that include domain" (all the way at the bottom) to user@domain.

The problem is that I don't know of a way to change your existing users -- you'd probably need to remove the Virtual Servers you have, and perform the import again.

-Eric

Mon, 03/07/2011 - 10:37
warren0728

great...i changed the setting and will give it a try!

no problem deleting and re-migrating....i was planning on doing that anyway to update all the emails!

will keep you posted!

thanks again, warren

Mon, 03/07/2011 - 11:19
warren0728

woohoo! we have success!

i migrated a domain running wordpress....database is working and i was able to telnet in using full email as the login!

will do a full migration tonight!

i have another mail related question.....is there a global way t (before i start migrating domains over) to for "domain.com/webmail" to redirect to usermin? i'm hoping to keep my clients from changing anything and right now they get to cpanels webmail by browsing to "domain.com/webmail"

also can i do a global install of squirrelmail and will that take care of the "domain.com/webmail" issue. They are all used to squirrelmail but usermin doesn't look to much different for them....

i am really liking virtualmin/webmim so far!

thanks, warren

Mon, 03/07/2011 - 11:55
andreychek

Well, Virtualmin creates some redirects for you, but they redirect webmail.domain.tld over to Usermin.

The same with admin.domain.tld -- those are redirected to Virtualmin.

In System Settings -> Server Templates -> Default -> Apache Website, you can configure where exactly those redirects go... so if you have Squirrelmail installed in a given Virtual Server, you can make webmail redirect to it.

Using the above would be the easy way :-)

Could you do something with domain.com/webmail? Yes, you could add a mod_rewrite rule to each Virtual Server template, have it look for anyone browsing to /webmail, and when it finds a match, redirect it to your desired location.

You could add those rewrite rules to the "Directives and settings for new websites" section of the Apache Server Template.

However, that's the harder way to set things up -- I'd suggest using Virtualmin's existing webmail.domain.tld and admin.domain.tld if possible :-)

-Eric

Mon, 03/07/2011 - 12:08
warren0728

thanks eric....i think i will use virtualmins redirects for now....and not install squirrelmail : )

i really appreciate your help....i am feeling pretty good so far about switching from cpanel to virtualmin/webmin!

Mon, 03/07/2011 - 12:11
andreychek

Sounds good!

I did want to offer though that having Virtualmin setup a redirect to squirrelmail using webmail.domain.tld is no problem, and that's nice and simple to configure using the Server Template's GUI.

A lot of folks are do just that, though more often redirecting to RoundCube (which has a pretty, AJAX interface).

-Eric

Mon, 03/07/2011 - 12:38
warren0728

roundcube does look pretty good....

if i understand right i have to install roundcube or squirrelmail in one of the virtual servers and then have all other domains access it on that virtual server?

is there no way to install it globally....maybe in centos and then pointing the redirect to it?

Mon, 03/07/2011 - 12:42
andreychek

The way I'd suggest doing it is to install RoundCube into a particular Virtual Server -- let's call it "myroundcube.com".

Then, in the Apache Server Template -- configure the webmail.domain.tld redirect to go to myroundcube.com.

So, any user on your server can then browse to webmail.domain.tld, which will redirect them to your central myroundcube.com installation.

-Eric

Tue, 03/08/2011 - 08:46
warren0728

we have success! looks like almost everything is working!

one issue (so far)....it doesn't seem that the redirects are working....if i try and go to "webmail.mydomain.tld" or "admin.mydomain.tld" it can't find them....i do notice that the redirect adds "www." to the address so it becomes "www.webmail.mydomain.tld"....could that be the problem?

thanks, warren

Tue, 03/08/2011 - 09:11
andreychek

Hmm, the redirect should send the user to exactly "webmail.mydomain.tld".

One thing you could do is check in /etc/httpd/conf/httpd.conf, and verify the various VirtualHost blocks.

You'll see a set of "RewriteCond" and "RewriteRule" lines -- do the domains they redirect to look correct?

-Eric

Tue, 03/08/2011 - 09:29
warren0728

they look good to me....here is one virtual host entry....

SuexecUserGroup "#500" "#500" ServerName warrenworld.com ServerAlias www.warrenworld.com ServerAlias webmail.warrenworld.com ServerAlias admin.warrenworld.com DocumentRoot /home/warrenwo/public_html ErrorLog /var/log/virtualmin/warrenworld.com_error_log CustomLog /var/log/virtualmin/warrenworld.com_access_log combined ScriptAlias /cgi-bin /home/warrenwo/public_html/cgi-bin DirectoryIndex index.html index.htm index.php index.php4 index.php5 Options -Indexes +IncludesNOEXEC +FollowSymLinks +ExecCGI allow from all AllowOverride All AddHandler fcgid-script .php AddHandler fcgid-script .php5 FCGIWrapper /home/warrenwo/fcgi-bin/php5.fcgi .php FCGIWrapper /home/warrenwo/fcgi-bin/php5.fcgi .php5 allow from all RewriteEngine on RewriteCond %{HTTP_HOST} =webmail.warrenworld.com RewriteRule ^(.) https://warrenworld.com:20000/ [R] RewriteCond %{HTTP_HOST} =admin.warrenworld.com RewriteRule ^(.) https://warrenworld.com:10000/ [R] RemoveHandler .php RemoveHandler .php5 IPCCommTimeout 31

Tue, 03/08/2011 - 09:33
andreychek

Okay, then chances are that it's something in the Virtual Server it's redirecting to. There might be a .htaccess file that's looking for a URL without a 'www' at the beginning, and it's causing a redirect to a URL with a 'www'. But in your case, that's not desirable :-)

Take a peek in your public_html for a .htaccess, and see if that's the issue :-)

-Eric

Tue, 03/08/2011 - 09:47
warren0728

i don't see a .htaccess file....i'm feeling stupid....

edit....it seems some domains work some don't....